I'm looking to have a specific column, through my initial kubectl command
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o json ingressroute zz-oamtoto
This give me the json below
{
"apiVersion":"traefik.containo.us/v1alpha1",
"kind":"IngressRoute",
"metadata":{
"annotations":{
"kubectl.kubernetes.io/last-applied-configuration":"{"sum-up"}\n"
},
"creationTimestamp":"2021-02-23T11:17:56Z",
"generation":1,
"labels":{
"instance":"webzz"
},
"managedFields":[
{
"apiVersion":"traefik.containo.us/v1alpha1",
"fieldsType":"FieldsV1",
"fieldsV1":{
"f:metadata":{
"f:annotations":{
".":{
},
"f:kubectl.kubernetes.io/last-applied-configuration":{
}
},
"f:labels":{
".":{
},
"f:instance":{
}
}
},
"f:spec":{
".":{
},
"f:entryPoints":{
},
"f:routes":{
}
}
},
"manager":"kubectl",
"operation":"Update",
"time":"2021-02-23T11:17:56Z"
}
],
"name":"zz-oamtoto",
"namespace":"ebzz",
"resourceVersion":"61112315",
"selfLink":"/apis/traefik.containo.us/v1alpha1/namespaces/ebzz/ingressroutes/zz-oamtoto",
"uid":"42727XXX-dd9e-45e4-9c7d-1225aea125"
},
"spec":{
"entryPoints":[
"http"
],
"routes":[
{
"kind":"Rule",
"match":"Host(`ebzz.acme.com`)",
"middlewares":[
{
"name":"ebzz-ebzz-basicauth"
}
],
"services":[
{
"kind":"Service",
"name":"zz-oamtoto",
"port":1234
}
]
}
]
}
}
What I'm looking at is to find a specific column, the routes one and most of all, one of its specific sub-column
"match":"Host('ebzz.acme.com')"
I tried the command below
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o=custom-columns=svc:.spec.routes.-kind ingressroute zz-oamtoto
Which gives me this:
[map[kind:Rule match:Host(`ebzz.acme.com`) middlewares:[map[name:ebzz-ebzz-basicauth]] services:[map[kind:Service name:zz-oamtoto port:1234]]]]
What i've tried so far
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o=custom-columns=svc:.spec.routes[kind] ingressroute zz-oamtoto
It gives me this
svc
error: invalid array index kind
I've tried this as well
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o=custom-columns=svc:.spec.routes["kind"] ingressroute zz-oamtoto
But it gives me this
svc
error: invalid array index kind
After many trials, this one works
kubectl --context oam-ska-yo_jonnylee -n ebz get -o=custom-columns=.spec.routes[0].match ingressroute zz-oamtoto
The option custom-columns should give you the tuning if you are looking for a column.
For the first column, you are aiming to, you need to put a .spec followed by a dot and the column name, like this .spec.column_name
Once there, the routes column part, in this example, is an array. Therefore you need to put the [], followed by the number and then followed by the subname, here match. it gives you .spec.routes[0].match
Note: I use a svc in my initial kubectly query. It was a mistake, there is no use for that.
If I understood you correctly, you need
kubectl --context oam-ska-yo_jonnylee -n ebz get ingressroute zz-oamtoto --output=jsonpath={.spec.routes.match}
Here you can find more examples: kubectl Cheat Sheet
Related
I am new to k8s and need some help, plz.
I want to make a change in a pod's deployment configuration and change readOnlyRootFilesystem to false.
This is what I am trying to do, but it doesn't seem to work. Plz suggest what's wrong:
kubectl patch deployment eric-ran-rdm-singlepod -n vdu -o yaml -p {"spec":{"template":{"spec":{"containers":[{"name":"eric-ran-rdm-infra":{"securityContext":[{"readOnlyRootFilesystem":"true"}]}}]}}}}
enter image description here
Thanks very much!!
Your JSON is invalid. You need to make sure you are providing valid JSON and it should be in the correct structure as defined by the k8s API as well. You can use jsonlint.com.
{
"spec": {
"template": {
"spec": {
"containers": [
{
"name": "eric-ran-rdm-infra",
"securityContext": {
"readOnlyRootFilesystem": "true"
}
}
]
}
}
}
}
Note: I have only checked the syntax here and not checked/ tested the structure against the k8s API of this JSON here, but I think it should be right, please correct me if I am wrong.
It might be easier to specify a deployment in a .yaml file and just apply that using kubectl apply -f my_deployment.yaml.
First, you should fix your JSON syntax issue as suggested by #Mushroomator
{
"spec": {
"template": {
"spec": {
"containers": [
{
"name": "eric-ran-rdm-infra",
"securityContext": {
"readOnlyRootFilesystem": "true"
}
}
]
}
}
}
}
Then, JSON should also be specified with escape char before double quotes.
Following this way:
kubectl patch deployment eric-ran-rdm-singlepod -n vdu -o yaml -p {\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\": \"eric-ran-rdm-infra\",\"securityContext\":{\"readOnlyRootFilesystem\":\"true\"}}]}}}}
I would like to select, and list the crds which are containing the "v1beta1" in the
.spec.versions.*.name
The versions part of the crd object looks similar like this
"versions": [
{
"name": "v1alpha2",
"served": true,
"storage": true,
"subresources": {
"status": {}
},
"name": "v1beta1"
"served": true,
"storage": true,
"subresources": {
"status": {}
}
}
]
I tried some different queries like the following, but no success.
$ kubectl get crd -ojson | jq -r '.items[] | map(select(.spec.versions[] | contains("v1beta1"))).metadata.name'
jq: error (at <stdin>:250345): Cannot index string with string "spec"
Jsonpath solution would be also great. I tried something like this without success.
$ kubectl get crd -ojsonpath="{range .items.*.spec.versions.*}{.name[?(#=='v1beta1')].metadata.name}{'\n'}{end}"
Could someone help me please?
This will show the name using jsonpath: kubectl get crd -o jsonpath='{range .items[?(#.spec.versions[].name=="v1beta1")].metadata}{.name}{"\n"}'
You could base a jq solution on:
.spec.versions[] | select(.name | contains("v1beta1"))
or similar, e.g.
.spec.versions[] | select(.name | startswith("v1beta1"))
I want to access limits.memory variable returned by get command in k8s
kubectl get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used
USED
map[limits.memory:0 requests.cpu:0 requests.memory:0]
I tried many ways but couldn't succeed
[root#iaasn00126847 ~]# k get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used.limits.memory
returns nothing
Is there a delimiter to fetch the same
Try with jsonpath
kubectl get resourcequota default -n 103000-p4-dev -o jsonpath="{.status.used.limits\.memory}"
This is what I tried
$ kubectl apply -f https://k8s.io/examples/admin/resource/quota-mem-cpu.yaml
resourcequota/mem-cpu-demo created
$ kubectl get resourcequota
NAME CREATED AT
mem-cpu-demo 2019-10-09T06:38:39Z
$
$ kubectl get resourcequota mem-cpu-demo -o json
{
"apiVersion": "v1",
"kind": "ResourceQuota",
"metadata": {
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"ResourceQuota\",\"metadata\":{\"annotations\":{},\"name\":\"mem-cpu-demo\",\"namespace\":\"default\"},\"spec\":{\"hard\":{\"limits.cpu\":\"2\",\"limits.memory\":\"2Gi\",\"requests.cpu\":\"1\",\"requests.memory\":\"1Gi\"}}}\n"
},
"creationTimestamp": "2019-10-09T06:38:39Z",
"name": "mem-cpu-demo",
"namespace": "default",
"resourceVersion": "975",
"selfLink": "/api/v1/namespaces/default/resourcequotas/mem-cpu-demo",
"uid": "0d74d782-b717-4845-a0da-424776c05d45"
},
"spec": {
"hard": {
"limits.cpu": "2",
"limits.memory": "2Gi",
"requests.cpu": "1",
"requests.memory": "1Gi"
}
},
"status": {
"hard": {
"limits.cpu": "2",
"limits.memory": "2Gi",
"requests.cpu": "1",
"requests.memory": "1Gi"
},
"used": {
"limits.cpu": "0",
"limits.memory": "0",
"requests.cpu": "0",
"requests.memory": "0"
}
}
}
$
$ kubectl get resourcequota mem-cpu-demo -o jsonpath="{.status.used}"
map[limits.cpu:0 limits.memory:0 requests.cpu:0 requests.memory:0]$
$
$ kubectl get resourcequota mem-cpu-demo -o jsonpath="{.status.used.limits\.memory}"
0
$
$ kubectl get resourcequota mem-cpu-demo -o jsonpath="{.status.hard.limits\.memory}"
2Gi
$
For values with /, you don't need to escape them, but just the dots using brackets.
$ kubectl -n istio-system get service http2-service-ingress \
-o jsonpath="{.metadata.annotations['service\.beta\.kubernetes\.io/aws-load-balancer-type']}"
Since you key (limits.memory) contains dot, maybe you should try like this:
[root#iaasn00126847 ~]# k get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used.'limits\.memory'
There is no need to use jsonpath. You can still use the custom-columns output, but you need to put the key in (single or double) quotes, and escape all the dots, like this:
k get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used."limits\.memory"
I am currently using this with kubectl v1.17, to list nodes, as follows:
kubectl get nodes -o custom-columns=NAME:.metadata.name,ZONE:.metadata.labels.'topology\.kubernetes\.io/region'
kubectl get nodes -o custom-columns=NAME:.metadata.name,ZONE:.metadata.labels."topology\.kubernetes\.io/region"
I am using Stackdriver Monitoring API to get the metrics related to the containers. The JSON object returned from the API has the following details of the container.
Example:
{
"metric": {
"type": "container.googleapis.com/container/cpu/utilization"
},
"resource": {
"type": "gke_container",
"labels": {
"zone": "us-central1-a",
"pod_id": "1138528c-c36e-11e9-a1a7-42010a800198",
"project_id": "auto-scaling-springboot",
"cluster_name": "load-test",
"container_name": "",
"namespace_id": "f0965889-c36d-11e9-9e00-42010a800198",
"instance_id": "3962380509873542383"
}
},
"metricKind": "GAUGE",
"valueType": "DOUBLE",
"points": [
{
"interval": {
"startTime": "2019-09-04T04:00:00Z",
"endTime": "2019-09-04T04:00:00Z"
},
"value": {
"doubleValue": 0.050707947222229495
}
}
]
}
When I execute kubectl describe pod [pod name], I get none of these information unique to a container. Therefore I am unable to identify the results corresponding to a container.
Therfore, how to I get the pod ID so that I'll be able to identify it?
Use kubectl jsonpath
To get a specific pod's UID:
$ kubectl get pods -n <namespace> <pod-name> -o jsonpath='{.metadata.uid}'
$ kubectl get pods -n kube-system kubedb-66f78 -o jsonpath='{.metadata.uid}'
275ecb36-5aa8-4c2a-9c47-d8bb681b9aff⏎
Use kubectl custom-columns
List all PodName along with its UID of a namespace:
$ kubectl get pods -n <namespace> -o custom-columns=PodName:.metadata.name,PodUID:.metadata.uid
$ kubectl get pods -n kube-system -o custom-columns=PodName:.metadata.name,PodUID:.metadata.uid
PodName PodUID
coredns-6955765f44-8kp9t 0ae5c03d-5fb3-4eb9-9de8-2bd4b51606ba
coredns-6955765f44-ccqgg 6aaa09a1-241a-4013-b706-fe80ae371206
etcd-kind-control-plane c7304563-95a8-4428-881e-422ce3e073e7
kindnet-jgb95 f906a249-ab9d-4180-9afa-4075e2058ac7
kube-apiserver-kind-control-plane 971165e8-6c2e-4f99-8368-7802c1e55e60
kube-controller-manager-kind-control-plane a0dce3a7-a734-485d-bfee-8ac3de6bb486
kube-proxy-27wgd d900c0b2-dc21-46b5-a97e-f30e830aa9be
kube-scheduler-kind-control-plane 9c6f2399-4986-4259-9cd7-875eff1d7198
Use Unix/Linux command grep
You can use kubectl get pods along with grep.
$ kubectl get pods -n <namespace> <pod-name> -o yaml | grep uid
uid: bcfbdfb5-ce0f-11e9-b83e-080027d4916d
Optionally, you can try this:
$ kubectl get pod -n <namespace> <pod_name> -o jsonpath='{.metadata.uid}'
I can use kubectl to see to which subjects a cluster role is applied, eg:
kubectl get clusterrolebindings system:node --all-namespaces -o json
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRoleBinding",
....
....
"subjects": [
{
"apiGroup": "rbac.authorization.k8s.io",
"kind": "Group",
"name": "system:nodes"
}
]
}
I would like to get this info the other way around, eg: I want to list all policies applied to the "system:nodes" subject.
How can I do that?
There is no API for the reverse index. You can look up bindings and filter on ones containing the expected subject. For example, using bash, jq, and kubectl:
# $1 is kind (User, Group, ServiceAccount)
# $2 is name ("system:nodes", etc)
# $3 is namespace (optional, only applies to kind=ServiceAccount)
function getRoles() {
local kind="${1}"
local name="${2}"
local namespace="${3:-}"
kubectl get clusterrolebinding -o json | jq -r "
.items[]
|
select(
.subjects[]?
|
select(
.kind == \"${kind}\"
and
.name == \"${name}\"
and
(if .namespace then .namespace else \"\" end) == \"${namespace}\"
)
)
|
(.roleRef.kind + \"/\" + .roleRef.name)
"
}
$ getRoles Group system:authenticated
ClusterRole/system:basic-user
ClusterRole/system:discovery
$ getRoles ServiceAccount attachdetach-controller kube-system
ClusterRole/system:controller:attachdetach-controller