I'm trying to delete Kubernetes evicted pods which are older than 30 days from all namespaces, but the command throws an error :
Error from server(NotFound): pods (xxxxxxxxxxxxx) not found
Command:
kubectl delete pod $(kubectl get pods --all-namespaces | grep Evicted | sed 's#d$##' | awk '$6 > 30 {print $2}')"
Any ideas?
i think it's due to when you are listing down the pod you are listing all pod and deleting all those
but command
kubectl delete pod not getting the namespace from which to delete the specific pod
kubectl delete pod $(kubectl get pods --all-namespaces | grep Evicted | awk '$6 > 30 {print $2}') -n $(kubectl get pods --all-namespaces | grep Evicted | awk '$6 > 30 {print $1}')
maybe you try something like or simplify it better way.
This assumes the GNU coreutils version of date and a bourne-like shell:
One-liner:
onemonthago=$(date -u -d '-1 month' +"%FT%TZ"); kubectl get pod --field-selector='status.phase=Failed' -o custom-columns=NAMESPACE:.metadata.namespace,NAME:.metadata.name,STATUS:.status.reason,STARTTIME:.status.startTime -A | while read ns pod status starttime; do if [ "$status" = "Evicted" ]; then if [ "$starttime" \> "$onemonthago" ]; then kubectl -n $ns delete pod $pod --wait=false; fi; fi; done
More readable formatting:
onemonthago=$(date -u -d '-1 month' +"%FT%TZ");
kubectl get pod --field-selector='status.phase=Failed' -o custom-columns=NAMESPACE:.metadata.namespace,NAME:.metadata.name,STATUS:.status.reason,STARTTIME:.status.startTime -A | while read ns pod status starttime; do
if [ "$status" = "Evicted" ]; then
if [ "$starttime" \> "$onemonthago" ]; then
kubectl -n $ns delete pod $pod --wait=false;
fi;
fi;
done
The details:
onemonthago=$(date -u -d '-1 month' +"%FT%TZ"); gets the cutoff time in the same format as what kubectl returns and stores it in a shell variable.
The kubectl then gets all the failed pods and outputs the columns that we need for further steps.
It then gets piped to a while loop that reads the fields into shell variables.
The if statements then check whether the pod was evicted or is failed for another reason (The status.reason field is not supported for --field-selector) and that it is older than a month. If it matches that criteria, it deletes it.
(It is likely possible to optimise it to gather a list of all pods in a namespace and pass that to the minimum number of kubectls using xargs in one go) (Both checks can be combined, either in the shell or in AWK as well) (Replacing the entire while with an elaborate AWK script would likely yield the best perfomance (collecting a list of pos to delete per namespace and running / outputting the delete command from the END pattern)
Related
I want to list a node's pods and pod statues, eg.
Node A
Pod1 Status
Pod2 Status
Node B
Pod1 Status
Pod2 Status
Is there a kubectl command I can use for this?
kubectl get pods
will give you almost what you want, but it has no Node information, that is why you would need -o wide (I doubt you really want the -A parameter here); then you need a bit of awk. So may be like this:
kubectl get pods -o wide | awk '{print $1" "$3" "$7}
This script gives exactly the output you want:
kubectl get --no-headers pods --all-namespaces -o wide > /tmp/allpods
while read node; do
echo "${node/node\//}"
grep " ${node/node\//} " /tmp/allpods | \
while read line; do
set -- $line
echo "$2 $4"
done
done < <(kubectl get nodes --no-headers --output=name)
But this version has a more readable output in my opinion:
first column: k8s node name
second column: namespace/pod-name
third column: pod status
kubectl get --no-headers pods --all-namespaces -o wide > /tmp/allpods
while read node; do
echo "${node/node\//}"
while read line; do
set -- $line
echo " $2 $4"
done < <(grep " ${node/node\//} " /tmp/allpods)
done < <(kubectl get nodes --no-headers --output=name) | column -t -s ' '
Output:
k8s-node01
my-namespace01/mypod01-321-86d58674d8-kv222 Completed
my-namespace01/mypod01-321-redis-55dc88454c-z6xfj Running
[...]
k8s-node02
[...]
Doing an API call for each cluster node, as the accepted answer suggests, makes the script execution very long in a production environment with dozens of nodes and thousands of pods. That's why I opted for a solution where the result of a single call is saved to a temporary file.
Try this:
kubectl get pods -A --field-selector spec.nodeName=<node name> | awk '{print $2" "$4}'
When I am using below it deletes the running POD after matching the pattern from commandline:
kubectl get pods -n bi-dev --no-headers=true | awk '/group-react/{print $1}' | xargs kubectl delete -n bi-dev pod
However when I am using this command as an alias in .bash_profile it doesn't execute .
This is how I defined it :
alias kdpgroup="kubectl get pods -n bi-dev --no-headers=true | awk '/group-react/{print $1}'| kubectl delete -n bi-dev pod"
when execute this as below I get below error in commandline:
~ $ kdpgroup
error: resource(s) were provided, but no name, label selector, or --all flag specified
When I define this in .bash_profile I get this :
~ $ . ./.bash_profile
-bash: alias: }| xargs kubectl delete -n bi-dev pod: not found
~ $
Am I missing something to delete POD using Pattern Match or with Wilcard ?
thanks
Am I missing something to delete POD using Pattern Match or with Wilcard?
When using Kubernetes it is more common to use labels and selectors. E.g. if you deployed an application, you usually set a label on the pods e.g. app=my-app and you can then get the pods with e.g. kubectl get pods -l app=my-app.
Using this aproach, it is easier to delete the pods you are interested in, with e.g.
kubectl delete pods -l app=my-app
or with namespaces
kubectl delete pods -l app=my-app -n default
See more on Kubernetes Labels and Selectors
Set-based selector
I have some pod's running in the name of "superset-react" and "superset-graphql" and I want to search my wildcard superset and delete both of them in one command
I suggest that those pods has labels app=something-react and app=something-graphql. If you want to classify those apps, e.g. if your "superset" varies, you could add a label app-type=react and app-type=graphql to all those type of apps.
Then you can delete pods for both app types with this command:
kubectl delete pods -l 'app-type in (react, graphql)'
As the question asks, this is about using a wild card. Let me give examples on using wild cards to delete pods.
Delete Pods which contain the word "application"
Replace <namespace> with the namespace you want to delete pods from.
kubectl get pods -n <namespace> --no-headers=true | awk '/application/{print $1}'| xargs kubectl delete -n <namespace> pod
This will give a response like the following. It will print out the deleted pods.
pod "sre-application-7fb4f5bff9-8crgx" deleted
pod "sre-application-7fb4f5bff9-ftzfd" deleted
pod "sre-application-7fb4f5bff9-rrkt2" deleted
Delete Pods which contain "application" or "service"
Replace <namespace> with the namespace you want to delete pods from.
kubectl get pods -n <namespace> --no-headers=true | awk '/application|service/{print $1}'| xargs kubectl delete -n <namespace> pod
This will give a response like the following. It will print out the deleted pods.
pod "sre-application-7fb4f5bff9-8crgx" deleted
pod "sre-application-7fb4f5bff9-ftzfd" deleted
pod "sre-service-7fb4f5bff9-rrkt2" deleted
You just need to escape the '$1' variable in the awk command:
alias kdpgroup="kubectl get pods -n bi-dev --no-headers=true | awk '/group-react/{print \$1}'| xargs kubectl delete -n bi-dev pod"
I know that escape is boring, and if you want to avoid it you can use as a function in you .bash_profile:
kdpgroup() {
kubectl get pods -n default --no-headers=true | awk '{print $1}' | xargs kubectl delete pod -n default
}
A robust way with variables, based on #keetSugathadasa answer:
ns="optional-namespace"
regex="pattern"
kubectl get pods ${ns:+ -n $ns} --no-headers | awk /${regex}/'{print $1}' \
| xargs kubectl delete ${ns:+ -n $ns} pod
using grep you can filter the keyword like this and delete matching pod name like this
kubectl get pods --no-headers=true | awk '{print $1}' | grep keyword | xargs kubectl delete pod
I'm looking for a command like "gcloud config get-value project" that retrieves a project's name, but for a pod (it can retrieve any pod name that is running). I know you can get multiple pods with "kubectl get pods", but I would just like one pod name as the result.
I'm having to do this all the time:
kubectl get pods # add one of the pod names in next line
kubectl logs -f some-pod-frontend-3931629792-g589c some-app
I'm thinking along the lines of "gcloud config get-value pod". Is there a command to do that correctly?
There are many ways, here are some examples of solutions:
kubectl get pods -o name --no-headers=true
kubectl get pods -o=name --all-namespaces | grep kube-proxy
kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'
For additional reading, please take a look to these links:
kubernetes list all running pods name
Kubernetes list all container id
https://kubernetes.io/docs/tasks/access-application-cluster/list-all-running-container-images/
You can use the grep command to filter any output on stdout. So to get pods matching a specified pattern you can use a command like this:
> kubectl get pods --all-namespaces|grep grafana
Output:
monitoring kube-prometheus-grafana-57d5b4d79f-smkz6 2/2 Running 0 1h
To only output the pod name, you can use the awk command with a parameter of '{print $2}', which displays the second column of the previous output:
kubectl get pods --all-namespaces|grep grafana|awk '{print $2}'
To only display one line you can use the head command like so:
kubectl get pods --all-namespaces|grep grafana|awk '{print $2}'|head -n 1
This will output the last pod name :
kubectl get pods -o go-template --template ' {{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' | awk '{print $1}' | tail -n 1
if you want to fetch logs for a pod:
kubectl logs -f kubectl get pods -o go-template --template ' {{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' | awk '{print $1}' | tail -n 1
just run the command with a single quotes.
Links:
kubernetes list all running pods name
https://kubernetes.io/docs/tasks/access-application-cluster/list-all-running-container-images/
Hope this helps!!
Is it possible to delete POD in kubernetes based on creation time or age?
Example : I would like to delete all PODs which are older than 1 day. These PODs are orphaned , therefore no new PODs will be created.
This command will delete all PODs older than one day :
kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '$2 <= "'$(date -d 'yesterday' -Ins --utc | sed 's/+0000/Z/')'" { print $1 }' | xargs --no-run-if-empty kubectl delete pod
This command will delete all PODs older than 4 hours :
kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '$2 <= "'$(date -d'now-4 hours' -Ins --utc | sed 's/+0000/Z/')'" { print $1 }' | xargs --no-run-if-empty kubectl delete pod
We could do this with awk by doing a regex [0-9]+d directly on the AGE ($5, 5th column) column and then printing the corresponding NAME ($1, first column) column
kubectl delete pod $(kubectl get pod | awk 'match($5,/[0-9]+d/) {print $1}')
Test first to see what's matching:
kubectl get pod | awk 'match($5,/[0-9]+d/) {print $0}'
$0 means all columns
You can either add a liveness probe to track how long the pod alive and kill it when it's longer a certain period. Or you can schedule a CronJob
modified to work on mac:
# try the gnu versions: gxargs
brew install findutils coreutils
kubectl get pods -o go-template -n gui2 --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '$2 <= "'$(gdate -d '21 days ago' -Ins --utc | sed 's/+0000/Z/')'" { print $1 }' | gxargs --no-run-if-empty kubectl delete pod
Here is an alternative answer that uses kubectl, jq, and xargs.
It works locally for me on Mac, but I also uses it in a Kubernetes cronjob that runs debian-slim, so I think it works on both Mac and Linux.
The time is set in seconds (86400s here for 1 day).
kubectl get pod -o json | jq -r --argjson timestamp 86400 '.items[] | select (.metadata.creationTimestamp | sub("\\..*";"Z") | sub("\\s";"T") | fromdate < now - $timestamp).metadata.name' | xargs -r -L1 kubectl delete pod ;
Here's a variant of the answer by dansl1982 above that will delete all pods with a particular label in all namespaces.
kubectl get pods -A -l app=my-api -o go-template --template '{{range .items}}{{.metadata.namespace}} {{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '$3 <= "'$(date -d'now-4 hours' -Ins --utc | sed 's/+0000/Z/')'" { print $1 " " $2 }' | xargs -L 1 --no-run-if-empty kubectl delete pod -n $1 $2
I just saw some of my pods got evicted by kubernetes. What will happen to them? just hanging around like that or I have to delete them manually?
A quick workaround I use, is to delete all evicted pods manually after an incident. You can use this command:
kubectl get pods --all-namespaces -o json | jq '.items[] | select(.status.reason!=null) | select(.status.reason | contains("Evicted")) | "kubectl delete pods \(.metadata.name) -n \(.metadata.namespace)"' | xargs -n 1 bash -c
To delete pods in Failed state in namespace default
kubectl -n default delete pods --field-selector=status.phase=Failed
Evicted pods should be manually deleted. You can use following command to delete all pods in Error state.
kubectl get pods --all-namespaces --field-selector 'status.phase==Failed' -o json | kubectl delete -f -
Depending on if a soft or hard eviction threshold that has been met, the Containers in the Pod will be terminated with or without grace period, the PodPhase will be marked as Failed and the Pod deleted. If your Application runs as part of e.g. a Deployment, there will be another Pod created and scheduled by Kubernetes - probably on another Node not exceeding its eviction thresholds.
Be aware that eviction does not necessarily have to be caused by thresholds but can also be invoked via kubectl drain to empty a node or manually via the Kubernetes API.
To answer the original question: the evicted pods will hang around until the number of them reaches the terminated-pod-gc-threshold limit (it's an option of kube-controller-manager and is equal to 12500 by default), it's by design behavior of Kubernetes (also the same approach is used and documented for Jobs - https://kubernetes.io/docs/concepts/workloads/controllers/job/#job-termination-and-cleanup). Keeping the evicted pods pods around allows you to view the logs of those pods to check for errors, warnings, or other diagnostic output.
The bellow command delete all failed pods from all namespaces
kubectl get pods -A | grep Evicted | awk '{print $2 " -n " $1}' | xargs -n 3 kubectl delete pod
One more bash command to delete evicted pods
kubectl get pods | grep Evicted | awk '{print $1}' | xargs kubectl delete pod
Just in the case someone wants to automatically delete all evicted pods for all namespaces:
Powershell
Foreach( $x in (kubectl get po --all-namespaces --field-selector=status.phase=Failed --no-headers -o custom-columns=:metadata.name)) {kubectl delete po $x --all-namespaces }
Bash
kubectl get po --all-namespaces --field-selector=status.phase=Failed --no-headers -o custom-columns=:metadata.name | xargs kubectl delete po --all-namespaces
Kube-controller-manager exists by default with a working K8s installation. It appears that the default is a max of 12500 terminated pods before GC kicks in.
Directly from the K8s documentation:
https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/#kube-controller-manager
--terminated-pod-gc-threshold int32 Default: 12500
Number of terminated pods that can exist before the terminated pod garbage collector starts deleting terminated pods. If <= 0, the terminated pod garbage collector is disabled.
In case you have pods with a Completed status that you want to keep around:
kubectl get pods --all-namespaces --field-selector 'status.phase==Failed' -o json | kubectl delete -f -
Another way still with awk.
To prevent any human error that could make me crazy (deleting desirable pods), I check before the result of the get pods command :
kubectl -n my-ns get pods --no-headers --field-selector=status.phase=Failed
If that looks good, here we go :
kubectl -n my-ns get pods --no-headers --field-selector=status.phase=Failed | \
awk '{system("kubectl -n my-ns delete pods " $1)}'
Same thing with pods of all namespaces.
Check :
kubectl get -A pods --no-headers --field-selector=status.phase=Failed
Delete :
kubectl get -A pods --no-headers --field-selector status.phase=Failed | \
awk '{system("kubectl -n " $1 " delete pod " $2 )}'
OpenShift equivalent of Kalvin's command to delete all 'Evicted' pods:
eval "$(oc get pods --all-namespaces -o json | jq -r '.items[] | select(.status.phase == "Failed" and .status.reason == "Evicted") | "oc delete pod --namespace " + .metadata.namespace + " " + .metadata.name')"
To delete all the Evicted pods by force, you can try this one-line command:
$ kubectl get pod -A | sed -nr '/Evicted/s/(^\S+)\s+(\S+).*/kubectl -n \1 delete pod \2 --force --grace-period=0/e'
Tips: use the p modifier of s command of sed instead of e will just print the real command to do the deletion job:
$ kubectl get pod -A | sed -nr '/Evicted/s/(^\S+)\s+(\S+).*/kubectl -n \1 delete pod \2 --force --grace-period=0/p'
below command will get all evicted pods from the default namespace and delete them
kubectl get pods | grep Evicted | awk '{print$1}' | xargs -I {} kubectl delete pods/{}
Here is the 'official' guide for how to hard code the threshold(if you do not want to see too many evicted pods): kube-controll-manager
But a known problem is how to have kube-controll-manager installed...
When we have too many evicted pods in our cluster, this can lead to network load as each pod, even though it is evicted is connected to the network and in case of a cloud Kubernetes cluster, will have blocked an IP address, which can lead to exhaustion of IP addresses too if you have a fixed pool of IP addresses for your cluster.
Also, when we have too many pods in Evicted status, it becomes difficult to monitor the pods by running the kubectl get pod command as you will see too many evicted pods, which can be a bit confusing at times.
To delete and evicted pod run the following command
kubectl delete pod <podname> -n <namespace>
what if you have many evicted pods
kubectl get pod -n <namespace> | grep Evicted | awk '{print $1}' | xargs kubectl delete pod -n <namespace>