Kubernetes API服务器,提供pod日志

时间:2018-10-19 10:54:51

标签: kubernetes

对Kubernetes API服务器的REST API请求GET , POST , PUT等是请求,响应且易于理解,例如kubectl create <something>。我想知道当我执行kubectl logs -f <pod-name>(以及类似的操作kubectl attach <pod>)时,API服务器如何为pod日志提供服务吗?难道这只是循环中对GET的http响应?

3 个答案:

答案 0 :(得分:1)

是的,在查看logs.go的来源时,看起来似乎kubectl目前只是一个HTTP GET,尽管似乎希望unify and upgrade有几个到WebSockets的命令(execport-forwardlogs等)。

展示Maciej的出色建议:

$ kubectl run test --image centos:7 \
                      -- sh -c "while true ; do echo Work ; sleep 2 ; done"
$ kubectl get po
NAME                    READY   STATUS    RESTARTS   AGE
test-769f6f8c9f-2nx7m   1/1     Running   0          2m

$ kubectl logs -v9  -f test-769f6f8c9f-2nx7m
I1019 13:49:34.282007   71247 loader.go:359] Config loaded from file /Users/mhausenblas/.kube/config
I1019 13:49:34.284698   71247 loader.go:359] Config loaded from file /Users/mhausenblas/.kube/config
I1019 13:49:34.292620   71247 loader.go:359] Config loaded from file /Users/mhausenblas/.kube/config
I1019 13:49:34.293136   71247 round_trippers.go:386] curl -k -v -XGET  -H "Accept: application/json, */*" -H "User-Agent: kubectl/v1.12.0 (darwin/amd64) kubernetes/0ed3388" 'https://192.168.64.13:8443/api/v1/namespaces/default/pods/test-769f6f8c9f-2nx7m'
I1019 13:49:34.305016   71247 round_trippers.go:405] GET https://192.168.64.13:8443/api/v1/namespaces/default/pods/test-769f6f8c9f-2nx7m 200 OK in 11 milliseconds
I1019 13:49:34.305039   71247 round_trippers.go:411] Response Headers:
I1019 13:49:34.305047   71247 round_trippers.go:414]     Date: Fri, 19 Oct 2018 12:49:34 GMT
I1019 13:49:34.305054   71247 round_trippers.go:414]     Content-Type: application/json
I1019 13:49:34.305062   71247 round_trippers.go:414]     Content-Length: 2390
I1019 13:49:34.305125   71247 request.go:942] Response Body: {"kind":"Pod","apiVersion":"v1","metadata":{"name":"test-769f6f8c9f-2nx7m","generateName":"test-769f6f8c9f-","namespace":"default","selfLink":"/api/v1/namespaces/default/pods/test-769f6f8c9f-2nx7m","uid":"0581b0fa-d39d-11e8-9827-42a64713caf8","resourceVersion":"892912","creationTimestamp":"2018-10-19T12:46:39Z","labels":{"pod-template-hash":"3259294759","run":"test"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"test-769f6f8c9f","uid":"057f3ad4-d39d-11e8-9827-42a64713caf8","controller":true,"blockOwnerDeletion":true}]},"spec":{"volumes":[{"name":"default-token-fbx4m","secret":{"secretName":"default-token-fbx4m","defaultMode":420}}],"containers":[{"name":"test","image":"centos:7","args":["sh","-c","while true ; do echo Work ; sleep 2 ; done"],"resources":{},"volumeMounts":[{"name":"default-token-fbx4m","readOnly":true,"mountPath":"/var/run/secrets/kubernetes.io/serviceaccount"}],"terminationMessagePath":"/dev/termination-log","terminationMessagePolicy":"File","imagePullPolicy":"IfNotPresent"}],"restartPolicy":"Always","terminationGracePeriodSeconds":30,"dnsPolicy":"ClusterFirst","serviceAccountName":"default","serviceAccount":"default","nodeName":"minikube","securityContext":{},"schedulerName":"default-scheduler","tolerations":[{"key":"node.kubernetes.io/not-ready","operator":"Exists","effect":"NoExecute","tolerationSeconds":300},{"key":"node.kubernetes.io/unreachable","operator":"Exists","effect":"NoExecute","tolerationSeconds":300}]},"status":{"phase":"Running","conditions":[{"type":"Initialized","status":"True","lastProbeTime":null,"lastTransitionTime":"2018-10-19T12:46:39Z"},{"type":"Ready","status":"True","lastProbeTime":null,"lastTransitionTime":"2018-10-19T12:46:40Z"},{"type":"ContainersReady","status":"True","lastProbeTime":null,"lastTransitionTime":null},{"type":"PodScheduled","status":"True","lastProbeTime":null,"lastTransitionTime":"2018-10-19T12:46:39Z"}],"hostIP":"192.168.64.13","podIP":"172.17.0.11","startTime":"2018-10-19T12:46:39Z","containerStatuses":[{"name":"test","state":{"running":{"startedAt":"2018-10-19T12:46:39Z"}},"lastState":{},"ready":true,"restartCount":0,"image":"centos:7","imageID":"docker-pullable://centos@sha256:67dad89757a55bfdfabec8abd0e22f8c7c12a1856514726470228063ed86593b","containerID":"docker://5c25f5fce576d68d743afc9b46a9ea66f3cd245f5075aa95def623b6c2d93256"}],"qosClass":"BestEffort"}}
I1019 13:49:34.316531   71247 loader.go:359] Config loaded from file /Users/mhausenblas/.kube/config
I1019 13:49:34.317000   71247 round_trippers.go:386] curl -k -v -XGET  -H "Accept: application/json, */*" -H "User-Agent: kubectl/v1.12.0 (darwin/amd64) kubernetes/0ed3388" 'https://192.168.64.13:8443/api/v1/namespaces/default/pods/test-769f6f8c9f-2nx7m/log?follow=true'
I1019 13:49:34.339341   71247 round_trippers.go:405] GET https://192.168.64.13:8443/api/v1/namespaces/default/pods/test-769f6f8c9f-2nx7m/log?follow=true 200 OK in 22 milliseconds
I1019 13:49:34.339380   71247 round_trippers.go:411] Response Headers:
I1019 13:49:34.339390   71247 round_trippers.go:414]     Content-Type: text/plain
I1019 13:49:34.339407   71247 round_trippers.go:414]     Date: Fri, 19 Oct 2018 12:49:34 GMT
Work
Work
Work
^C

答案 1 :(得分:1)

我的建议是始终检查kubectl的内容,并在命令中使用-v=9。它将为您提供客户端和服务器之间进行的完整请求和响应。

答案 2 :(得分:1)

如果您在最高调试级别kubectl上使用-v 9并使用流选项-f(例如kubectl logs -f <pod-name> -v 9)提取任何Kubernetes对象,则可以实现kubectl通过从目标Pod相应地获取日志,将follow=true标志传递给API请求,并将其流传输到输出:

  

curl -k -v -XGET -H“接受:application / json, / ” -H“用户代理:   kubectl / v1.12.1(linux / amd64)kubernetes / 4ed3216“   'https://API_server_IP/api/v1/namespaces/default/pods/Pod-name/log?follow=true'

您可以考虑按照以下步骤启动自己的API请求:

获取用于授权目的的令牌:

 MY_TOKEN="$(kubectl get secret <default-secret> -o jsonpath='{$.data.token}' | base64 -d)"

然后,您可以直接从API服务器手动检索所需的数据:

curl -k -v -H "Authorization : Bearer $MY_TOKEN" https://API_server_IP/api/v1/namespaces/default/pods