Kubernetes节点维护脚本

Kubernetes Node 节点上，可能有一些基于 docker 命令的维护需求，可以通过脚本调用 docker inspect 等获取到更易读的信息。

Contents

1 列出所有业务容器
2 查看业务容器日志
3 查看容器TCP状态
4 进入容器mergedir
5 完整代码

列出所有业务容器

docker ps 列出的容器名称很长，不容易看出是哪个业务。通过 docker inspect，将获取到的容器输出为以下格式：

CONTAINER-ID   NETNS		 CPU	   MEM		APP		 NAMESPACE

1	CONTAINER-ID NETNS CPU MEM APP NAMESPACE

function lsapp() {
	echo "CONTAINER-ID   NETNS		 CPU	   MEM		APP		 NAMESPACE"
	for id in `docker ps |awk 'NR!=1{print $1}'`;do
		LOG="/tmp/docker_inspect_$id.log"
		docker inspect $id > $LOG
		dockerType=`cat $LOG |grep io.kubernetes.docker.type |awk -F'"' '{print $4}'`
		if [ "$dockerType"x == "container"x ];then
			ns=`cat $LOG |grep "io.kubernetes.pod.namespace" |awk -F'"' '{print $4}'`
			sandboxId=`cat $LOG |grep io.kubernetes.sandbox.id |awk -F'"' '{print $4}'`
			SANDLOG="/tmp/docker_inspect_$sandboxId.log"
			docker inspect $sandboxId > $SANDLOG
			app=`cat $SANDLOG |grep -w '"app"' |awk -F'"' '{print $4}'`
			if [ "$app"x == ""x ];then
				app=`cat $LOG |grep -w '"io.kubernetes.pod.name"' |awk -F'"' '{print $4}'`
			fi
			cpu=`cat $LOG |grep -w '"CpuShares"' |awk '{print $NF}' |tr -d ','`
			mem=`cat $LOG |grep -w '"Memory"' |awk '{print $NF}' |tr -d ',' |awk '{print int($0/1024/1024)"MB"}'`
			netns=`cat $SANDLOG |grep -w "SandboxKey" |awk -F'"' '{print $4}' |awk -F'/' '{print $NF}'`
			printf "%s  %-12s  %-15s	%-15s  %-15s	%-15s %s\n" "$id" "$netns" "`color $cpu`" "$mem" "$app" "$ns"
		else
			continue
		fi
	done
}

function lsapp() {

echo "CONTAINER-ID NETNS CPU MEM APP NAMESPACE"

for id in `docker ps |awk 'NR!=1{print $1}'`;do

LOG="/tmp/docker_inspect_$id.log"

docker inspect $id > $LOG

dockerType=`cat $LOG |grep io.kubernetes.docker.type |awk -F'"' '{print $4}'`

if [ "$dockerType"x == "container"x ];then

ns=`cat $LOG |grep "io.kubernetes.pod.namespace" |awk -F'"' '{print $4}'`

sandboxId=`cat $LOG |grep io.kubernetes.sandbox.id |awk -F'"' '{print $4}'`

SANDLOG="/tmp/docker_inspect_$sandboxId.log"

docker inspect $sandboxId > $SANDLOG

app=`cat $SANDLOG |grep -w '"app"' |awk -F'"' '{print $4}'`

if [ "$app"x == ""x ];then

app=`cat $LOG |grep -w '"io.kubernetes.pod.name"' |awk -F'"' '{print $4}'`

cpu=`cat $LOG |grep -w '"CpuShares"' |awk '{print $NF}' |tr -d ','`

mem=`cat $LOG |grep -w '"Memory"' |awk '{print $NF}' |tr -d ',' |awk '{print int($0/1024/1024)"MB"}'`

netns=`cat $SANDLOG |grep -w "SandboxKey" |awk -F'"' '{print $4}' |awk -F'/' '{print $NF}'`

printf "%s %-12s %-15s %-15s %-15s %-15s %s\n" "$id" "$netns" "`color $cpu`" "$mem" "$app" "$ns"

else

continue

done

}

查看业务容器日志

function taillog() {
	[ $# -lt 1 ] && helpinfo
	logpath=`docker inspect $1 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`
	if [ "$logpath"x == ""x ];then
		dockerid=`docker ps |grep "$1" |head -n1 |awk '{print $1}'`
		logpath=`docker inspect $dockerid 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`
	fi
	if [ "$logpath"x != ""x ];then
		tail -f $logpath
	fi
}

function taillog() {

[ $# -lt 1 ] && helpinfo

logpath=`docker inspect $1 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`

if [ "$logpath"x == ""x ];then

dockerid=`docker ps |grep "$1" |head -n1 |awk '{print $1}'`

logpath=`docker inspect $dockerid 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`

if [ "$logpath"x != ""x ];then

tail -f $logpath

}

查看容器TCP状态

在容器镜像没有 ss 或者 netstat 工具时，可以在宿主机上用 nsenter 来获取容器的 TCP 状态。首先获取到容器的网络命名空间，然后用 nsenter --net=$netns cmd 来查看，例如：

# nsenter --net=/var/run/docker/netns/893ddbaab579 ss -ant
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
LISTEN     0      128                                     *:80                                                  *:*                  
LISTEN     0      128                                    :::9000                                               :::*

# nsenter --net=/var/run/docker/netns/893ddbaab579 ss -ant

State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 *:80 *:*

LISTEN 0 128 :::9000 :::*

代码如下。

function ssant() {
	[ $# -lt 1 ] && helpinfo
	sandboxid=`docker ps |grep $1 |grep "POD" |head -n1 |awk '{print $1}'`
	netns=`docker inspect $sandboxid | grep -w "SandboxKey" |awk -F'"' '{print $4}'`
	nsenter --net=$netns ss -ant
}

function ssant() {

[ $# -lt 1 ] && helpinfo

sandboxid=`docker ps |grep $1 |grep "POD" |head -n1 |awk '{print $1}'`

netns=`docker inspect $sandboxid | grep -w "SandboxKey" |awk -F'"' '{print $4}'`

nsenter --net=$netns ss -ant

}

进入容器mergedir

function mergedir() {
	[ $# -lt 1 ] && helpinfo
	merge=`docker inspect $1 | grep "MergedDir" |awk -F'"' '{print $4}'`
	echo $merge
}

function mergedir() {

[ $# -lt 1 ] && helpinfo

merge=`docker inspect $1 | grep "MergedDir" |awk -F'"' '{print $4}'`

echo $merge

}

完整代码

#!/bin/bash
 
function color()
{
	echo -e "\033[41m$1\033[0m"
}
 
NETNSPRE="/var/run/docker/netns/"
 
function lsapp() {
	echo "CONTAINER-ID   NETNS		 CPU	   MEM		APP		 NAMESPACE"
	for id in `docker ps |awk 'NR!=1{print $1}'`;do
		LOG="/tmp/docker_inspect_$id.log"
		docker inspect $id > $LOG
		dockerType=`cat $LOG |grep io.kubernetes.docker.type |awk -F'"' '{print $4}'`
		if [ "$dockerType"x == "container"x ];then
			ns=`cat $LOG |grep "io.kubernetes.pod.namespace" |awk -F'"' '{print $4}'`
			sandboxId=`cat $LOG |grep io.kubernetes.sandbox.id |awk -F'"' '{print $4}'`
			SANDLOG="/tmp/docker_inspect_$sandboxId.log"
			docker inspect $sandboxId > $SANDLOG
			app=`cat $SANDLOG |grep -w '"app"' |awk -F'"' '{print $4}'`
			if [ "$app"x == ""x ];then
				app=`cat $LOG |grep -w '"io.kubernetes.pod.name"' |awk -F'"' '{print $4}'`
			fi
			cpu=`cat $LOG |grep -w '"CpuShares"' |awk '{print $NF}' |tr -d ','`
			mem=`cat $LOG |grep -w '"Memory"' |awk '{print $NF}' |tr -d ',' |awk '{print int($0/1024/1024)"MB"}'`
			netns=`cat $SANDLOG |grep -w "SandboxKey" |awk -F'"' '{print $4}' |awk -F'/' '{print $NF}'`
			printf "%s  %-12s  %-15s	%-15s  %-15s	%-15s %s\n" "$id" "$netns" "`color $cpu`" "$mem" "$app" "$ns"
		else
			continue
		fi
	done
}
 
function taillog() {
	[ $# -lt 1 ] && helpinfo
	logpath=`docker inspect $1 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`
	if [ "$logpath"x == ""x ];then
		dockerid=`docker ps |grep "$1" |head -n1 |awk '{print $1}'`
		logpath=`docker inspect $dockerid 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`
	fi
	if [ "$logpath"x != ""x ];then
		tail -f $logpath
	fi
}
 
function helpinfo() {
	echo "$0 ls						list apps"
	echo "$0 log containerid or app	tail log of container"
	echo "$0 ss  app				run ss in container net namespace"
	echo "$0 cd  containerid		cd container mergedir"
	exit 1
}
 
function ssant() {
	[ $# -lt 1 ] && helpinfo
	sandboxid=`docker ps |grep $1 |grep "POD" |head -n1 |awk '{print $1}'`
	netns=`docker inspect $sandboxid | grep -w "SandboxKey" |awk -F'"' '{print $4}'`
	nsenter --net=$netns ss -ant
}
 
function mergedir() {
	[ $# -lt 1 ] && helpinfo
	merge=`docker inspect $1 | grep "MergedDir" |awk -F'"' '{print $4}'`
	echo $merge
}
 
case $1 in
	ls) lsapp;;
	log) taillog $2;;
	ss) ssant $2;;
	cd) mergedir $2;;
	*) helpinfo;;
esac

#!/bin/bash

function color()

{

echo -e "\033[41m$1\033[0m"

}

NETNSPRE="/var/run/docker/netns/"

function lsapp() {

echo "CONTAINER-ID NETNS CPU MEM APP NAMESPACE"

for id in `docker ps |awk 'NR!=1{print $1}'`;do

LOG="/tmp/docker_inspect_$id.log"

docker inspect $id > $LOG

dockerType=`cat $LOG |grep io.kubernetes.docker.type |awk -F'"' '{print $4}'`

if [ "$dockerType"x == "container"x ];then

ns=`cat $LOG |grep "io.kubernetes.pod.namespace" |awk -F'"' '{print $4}'`

sandboxId=`cat $LOG |grep io.kubernetes.sandbox.id |awk -F'"' '{print $4}'`

SANDLOG="/tmp/docker_inspect_$sandboxId.log"

docker inspect $sandboxId > $SANDLOG

app=`cat $SANDLOG |grep -w '"app"' |awk -F'"' '{print $4}'`

if [ "$app"x == ""x ];then

app=`cat $LOG |grep -w '"io.kubernetes.pod.name"' |awk -F'"' '{print $4}'`

cpu=`cat $LOG |grep -w '"CpuShares"' |awk '{print $NF}' |tr -d ','`

mem=`cat $LOG |grep -w '"Memory"' |awk '{print $NF}' |tr -d ',' |awk '{print int($0/1024/1024)"MB"}'`

netns=`cat $SANDLOG |grep -w "SandboxKey" |awk -F'"' '{print $4}' |awk -F'/' '{print $NF}'`

printf "%s %-12s %-15s %-15s %-15s %-15s %s\n" "$id" "$netns" "`color $cpu`" "$mem" "$app" "$ns"

else

continue

done

}

function taillog() {

[ $# -lt 1 ] && helpinfo

logpath=`docker inspect $1 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`

if [ "$logpath"x == ""x ];then

dockerid=`docker ps |grep "$1" |head -n1 |awk '{print $1}'`

logpath=`docker inspect $dockerid 2>/dev/null|grep "LogPath" |awk -F'"' '{print $4}'`

if [ "$logpath"x != ""x ];then

tail -f $logpath

}

function helpinfo() {

echo "$0 ls list apps"

echo "$0 log containerid or app tail log of container"

echo "$0 ss app run ss in container net namespace"

echo "$0 cd containerid cd container mergedir"

exit 1

}

function ssant() {

[ $# -lt 1 ] && helpinfo

sandboxid=`docker ps |grep $1 |grep "POD" |head -n1 |awk '{print $1}'`

netns=`docker inspect $sandboxid | grep -w "SandboxKey" |awk -F'"' '{print $4}'`

nsenter --net=$netns ss -ant

}

function mergedir() {

[ $# -lt 1 ] && helpinfo

merge=`docker inspect $1 | grep "MergedDir" |awk -F'"' '{print $4}'`

echo $merge

}

case $1 in

ls) lsapp;;

log) taillog $2;;

ss) ssant $2;;

cd) mergedir $2;;

*) helpinfo;;

esac

知行近思

知行合一，切问近思

Kubernetes节点维护脚本

列出所有业务容器

查看业务容器日志

查看容器TCP状态

进入容器mergedir

完整代码

发表回复取消回复

列出所有业务容器

查看业务容器日志

查看容器TCP状态

进入容器mergedir

完整代码

相关文章:

发表回复 取消回复

发表回复取消回复