I am trying to deploy my app to Kubernetes running in Google Container
Engine.
The app can be found at: https://github.com/Industrial/docker-znc.
The Dockerfile is built into an image on Google Container Registry.
I have deployed the app in Kubernetes via the + button. I don't have the YAML
for this.
I have inserted a Secret in Kubernetes for the PEM file required by the app.
How do I get the YAML for the Deployment, Service and Pod created by
Kubernetes by filling in the form?
How do I get the Secret into my Pod for usage?
To get the yaml for a deployment (service, pod, secret, etc):
kubectl get deploy deploymentname -o yaml
How do I get the YAML for the Deployment, Service and Pod created by
Kubernetes by filling in the form?
kubectl get deployment,service,pod yourapp -o yaml --export
Answering #Sinaesthetic question:
any idea how to do it for the full cluster (all deployments)?
kubectl get deploy --all-namespaces -o yaml --export
The problem with this method is that export doesn't include the namespace. So if you want to export many resources at the same time, I recommend doing it per namespace:
kubectl get deploy,sts,svc,configmap,secret -n default -o yaml --export > default.yaml
Unfortunately kubernetes still doesn't support a true get all command, so you need to list manually the type of resources you want to export. You can get a list of resource types with
kubectl api-resources
The same issue is discussed at kubernetes GitHub issues page and the user "alahijani" made a bash script that exports all yaml and writes them to single files and folders.
Since this question ranks well on Google and since I found that solution very good, I represent it here.
Bash script exporting yaml to sub-folders:
for n in $(kubectl get -o=name pvc,configmap,serviceaccount,secret,ingress,service,deployment,statefulset,hpa,job,cronjob)
do
mkdir -p $(dirname $n)
kubectl get -o=yaml --export $n > $n.yaml
done
Another user "acondrat" made a script that do not use directories, which makes it easy to make a kubectl apply -f later.
Bash script exporting yaml to current folder:
for n in $(kubectl get -o=name pvc,configmap,ingress,service,secret,deployment,statefulset,hpa,job,cronjob | grep -v 'secret/default-token')
do
kubectl get -o=yaml --export $n > $(dirname $n)_$(basename $n).yaml
done
The last script does not include service account.
Now that --export is deprecated, to get the output from your resources in the 'original' format (just cleaned up, without any information about the current object state (unnecessary metadata in this circumstance)) you can do the following using yq v4.x:
kubectl get <resource> -n <namespace> <resource-name> -o yaml \
| yq eval 'del(.metadata.resourceVersion, .metadata.uid, .metadata.annotations, .metadata.creationTimestamp, .metadata.selfLink, .metadata.managedFields)' -
Syntax for downloading yaml's from kubernetes
kubectl get [resource type] -n [namespace] [resource Name] -o yaml > [New file name]
Create yaml file from running pod:
kubectl get po -n nginx nginx-deployment-755cfc7dcf-5s7j8 -o yaml > podDetail.yaml
Create replicaset yaml file from running pod:
kubectl get rs -n nginx -o yaml > latestReplicaSet.yaml
Create deployement yaml file from running pod:
kubectl get deploy -n nginx -o yaml > latestDeployement.yaml
Also its possible to use the view-last-applied command e.g.
kubectl apply view-last-applied services --all > services.yaml
which will return all the manifests applied to create services. Also you can specify a certain k8 resource by services/resource-name label.
If you need to get 'clean' export, removing the annotations added by Kubernetes, there's an opensource project that does that by piping the output of kubectl get - https://github.com/itaysk/kubectl-neat.
It removes the timestamp metadata, etc.
kubectl get pod mypod -o yaml | kubectl neat
kubectl get pod mypod -oyaml | kubectl neat -o json
Use this command to get yaml format of your service
kubectl get service servicename -n <namespace> -o yaml
You can put it in some file also
kubectl get service servicename -n <namespace> -o yaml > service.yaml
The following code will extract all your K8s definitions at once and place them on individual folders below the current folder.
for OBJ in $(kubectl api-resources --verbs=list --namespaced -o name)
do
for DEF in $(kubectl get --show-kind --ignore-not-found $OBJ -o name)
do
mkdir -p $(dirname $DEF)
kubectl get $DEF -o yaml \
| yq eval 'del(.metadata.resourceVersion, .metadata.uid, .metadata.annotations, .metadata.creationTimestamp, .metadata.selfLink, .metadata.managedFields)' - > $DEF.yaml
done
done
You can store output of deployed kubernetes service by using below command -
kubectl get svc -n -o yaml > svc-output.yaml
For deployments -
kubectl get deploy <deployment-name> -n <your-namespace> -o yaml > deploy-output.yaml
For Pod -
kubectl get pod <pod-name> -n <your-namespace> -o yaml > pod-output.yaml
You can get your secret details using below command -
kubectl get secret -n -o yaml
In order to use update your deployment file by using below command -
kubectl edit deploy -n
Under your pod template add below -
this will go under pod containers section to mount secret volume to container
volumeMounts:
- name: foo
mountPath: "/etc/foo"
readOnly: true
this will go inside your pod template section in deployment
volumes:
- name: foo
secret:
secretName: mysecret
for the 2nd question regarding the secret, this is from the k8s documentation. see https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets for more info.
Create a secret or use an existing one. Multiple pods can reference the same secret.
Modify your Pod definition to add a volume under spec.volumes[]. Name the volume anything, and have a spec.volumes[].secret.secretName field equal to the name of the secret object.
Add a spec.containers[].volumeMounts[] to each container that needs the secret. Specify spec.containers[].volumeMounts[].readOnly = true and spec.containers[].volumeMounts[].mountPath to an unused directory name where you would like the secrets to appear.
Modify your image and/or command line so that the program looks for files in that directory. Each key in the secret data map becomes the filename under mountPath.
I have used this and it works fine.
Like mentioned above "--export" is one option to get the manifest corresponding to the kubeernetes objects
But "--export" is considered to be buggy and there is a proposal to deprecate it
Currently the better option is to do "-o yaml" or "-o json" and remove the unnecessary fields
The main difference is "--export" is expected to remove the cluster specific settings (e.g. cluster service IP of a k8s service). But it is found to be inconsistent in this regard
All services
kubectl get service --all-namespaces -o yaml > all-service.yaml
All deployments
kubectl get deploy --all-namespaces -o yaml > all-deployment.yaml
We can get the contents associated with any kind from a Kubernetes cluster through the command line if you have the read access.
kubectl get <kind> <kindname> -n <namespace> -o <yaml or json>
For example, if you want to export a deployment from a namespace follow the below command -
kubectl get deploy mydeploy -n mynamespace -o yaml > mydeploy.yaml
kubectl get deploy mydeploy -n mynamespace -o json > mydeploy.json
To get all yaml file deployments backup (not a specific deployment):
kubectl get deployments -n <namespace> -o yaml > deployments.yaml
for getting all yaml file services backup (not a specific deployment):
kubectl get services -n <namespace> -o yaml > services.yaml
enjoy it.
To get YAML for current running deployment on kubernetes, you can run this command:
kubectl get deployment <deployment_name> -o yaml
To generate YAML for deployment you can run the imperative command.
kubectl create deployment <deployment_name>--image=<image_name> -o yaml
To generate and export the deployment you can run the imperative command.
kubectl create deployment <deployment_name>--image=<image_name> --dry-run=client -o yaml > example.yaml
kubectl -n <namespace> get <resource type> <resource Name> -o yaml
With the command above, any resource defined in Kubernetes can be exported in YAML format.
You can try use kube-dump bash script
With this utility, you can save Kubernetes cluster resources as a pure yaml manifest without unnecessary metadata.
GitHub repository
Review of the utility in blog page
We can get yaml for deployed resources using below command.
kubectl get <resource name> -o yaml
OR
kubectl get <resource name> <name of pod> -o yaml
example:-
kubectl get deploy Nginx -o yaml
above commands will give you yaml output.
if you want to store the output into any file you can use below command.
kubectl get pod nginx -o yaml > Nginx-pod.yaml
above command will redirect you output to Nginx-pod.yaml in your courrent directory.
If you need to view and edit the file use:
kubectl edit service servicename
You can get the yaml files of the resources using this command
kubectl -n <namespace> get <resource type> <resource Name> -o yaml
To get the secret into your pod,
use something like this
env
- valueFrom
secretKeyRef:
name: secret_name
key: key_name
or
envFrom
- secretRef:
name: secret_name
Is only minor difference from #Janos Lenart's answer!
kubectl get deploy deploymentname -o yaml > outputFile.yaml will do
I know it is too old to answer, but hopefully, someone will find it helpful.
We can try below command to fetch a kind export from all namespace -
kubectl get <kind> --all-namespaces --export -o yaml
Related
if i apply some config to kubernetes with kubectl like:
kubectl apply -f config.yaml
Is there any command to read or show this config? I need update some things in config, but I'm on another pc and I dont have configs here, so I need get them from kubectl first, is it possible? Thanks!
simple way : cat the file
cat config.yaml
indirect way:
kubectl apply -f config.yaml --dry-run=client -o yaml
for brevity
kubectl create -f config.yaml --dry-run=client -o yaml
You can copy ~/.kube/config from one machine to another, you can then access your cluster using kubectl on the other machine. From there you can do kubectl get configmap <name> -o yaml > config.yaml, edit the saved config.yaml and re-apply with kubectl apply -f config.yaml.
I am on a GCP k8s cluster. I want to be sure that no pods or other kubernetes resources are using a particular ConfigMap first, before deleting the ConfigMap. Is there a kubectl command that I can use to check what is using a ConfigMap?
You could export all your resources and grep for the config map name.
You can use this script to export all selected resources (select resources in the RESOURCES category)
NAMESPACE="your_namespace"
RESOURCES="configmap secret daemonset deployment service"
for resource in ${RESOURCES};do
rsrcs=$(kubectl -n ${NAMESPACE} get -o json ${resource}|jq '.items[].metadata.name'|sed "s/\"//g")
for r in ${rsrcs};do
dir="${NAMESPACE}/${resource}"
mkdir -p "${dir}"
kubectl -n ${NAMESPACE} get -o yaml ${resource} ${r} > "${dir}/${r}.yaml"
done
done
Next, you can use grep -nr your_config_map_name your_directory(your name space in this case)
this will show you the files that contain the config map, I.E resources that use it.
I am getting error while copying the kubernetes secret from one namespace to another:
kubectl get secret secret1 --namespace=test --export -o=yaml | kubectl apply --namespace=test1 -f -
Error: unknown flag: --export
See 'kubectl get --help' for usage.
error: no objects passed to apply
--export option has been deprecated in version 1.14 and removed in version 1.18. If you are using kubernetes version 1.18 or above, you can try using below command (using sed) to copy secret from one namespace to other.
kubectl get secret secret1 --namespace=test -o yaml | sed 's/namespace: test/namespace: test1/g' | kubectl create -f -
Thanks,
Export is deprecated in latest version of Openshift. We can directly do it like below in openshift. Replace oc with kubectl if you are in kubernates.
oc get virtualservices --all-namespaces -o yaml > project.yaml --> for all namespaces
oc get virtualservices -n <your-namespace>-all-namespaces -o yaml > project.yaml
Actually you should be good just without --export
This command works for me to copy secret between contexts:
kubectl get secret <secret> --context <context_1> -o yaml | kubectl apply --context <context_2> -f -
How to find, that which yaml file was used for the deployment of any kubernetes resource.
I checked "kubectl describe", it doesn't list the same, is there anyway to know.
use case:
I want to update the yaml and redeploy, one option, I guess is to generate the yaml from running resource, update and redeploy.
any suggestions ?
To get yaml for your k8s application deployment.
Use this
kubectl get deploy my-deployment -o yaml --export
OR
kubectl get pod my-pod -o yaml --export
OR
kubectl get svc my-svc -o yaml --export
Editing is also simple.
kubectl get deploy my-deployment -o yaml --export > my-deployment.yml
<Edit the my-deployment.yml file and kubectl apply -f my-deployment.yml>
OR
kubectl edit deployment my-deployment
Hope this helps.
You can use the following command to get the content of an yaml file, that was used to create a deployment:
kubectl apply view-last-applied <resource_type> <resource_name>
In your case it will be similar to:
kubectl apply view-last-applied deployment <deployment_name>
I think you can choose here from two options.
Option 1:
You can grep all YAMLs looking for specific annotations or labels.
$ grep "app: nginx-test" *.yaml
or
$ grep -e "prometheus.io/scheme: http" *.yaml
When you find proper file you can edit it (vi, nano, etc) and apply.
$ kubectl apply -f [yaml-name]
Option 2:
When you know name of your deployment you can edit it.
$ kubectl edit deployment [deployment-name]
You will see current deployment YAML with a status: section which describing current status of deployment. If you don't like vi, you can use nano instead
$ KUBE_EDITOR="nano" kubectl edit [deployment-name]
If you want to create YAML from your current deployment I would advise you to use kubectl edit with --export flag. It will removes unneeded information (like status: from previous comment).
$ kubectl get deploy [your-deployment] -oyaml --export >> newDeployment.yaml
Hope it will help.
I've created several resources using k8s Ansible module. Now I'd like to export the resources into Kubernetes manifests (so I don't need to use Ansible anymore). I've started by exporting a Service:
$ kubectl get svc myservice -o yaml --export > myservice.yaml
$ kubectl apply -f myservice.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
service/myservice configured
Why do I get the the warning? And why there's service/myservice configured and not service/myservice unchanged? Is there a better way to export resources?
You're doing right, don't worry about the warning.
If you want to get rid of it, you have to delete all the generation, selfLink and so on keys.
Yes, you are doing it right.
Let me show you small trick:
kubectl get svc myservice -o yaml --export | sed -e '/status:/d' -e '/creationTimestamp:/d' -e '/selfLink: [a-z0-9A-Z/]\+/d' -e '/resourceVersion: "[0-9]\+"/d' -e '/phase:/d' -e '/uid: [a-z0-9-]\+/d' > myservice.yaml
Will generate proper yaml file without status, creationTimestamp, selfLink, resourceVersion, phase and uid.
You get the warning because you're using kubectl apply on a resource that you previously created with kubectl create. If you create the initial Service with kubectl apply, you shouldn't get the warning.
The configured instead of unchanged might be because of some metadata or generated data that is also included in the output of kubectl get svc myservice -o yaml --export.