CLI 명령을 실행하려면 NSX Container Plugin 컨테이너에 로그인하고 터미널을 연 후 nsxcli 명령을 실행합니다.
kubectl exec -it <pod name> nsxcli
명령 |
---|
copy file <filename> url <url> |
copy url <url> [file <filename>] |
del file <filename> |
exit |
get cli-output datetime |
get command history |
get core-dumps |
get file <filename> |
get files |
get version |
help |
목록 |
set cli-output datetime <datetime-arg> |
set history limit <history-size> |
유형 | 명령 | 참고 |
---|---|---|
상태 | get ncp-master status | Kubernetes와 TAS 모두에 해당 |
상태 | get ncp-nsx status | Kubernetes와 TAS 모두에 해당 |
상태 | get ncp-watcher <watcher-name> | Kubernetes와 TAS 모두에 해당 |
상태 | get ncp-watchers | Kubernetes와 TAS 모두에 해당 |
상태 | get ncp-k8s-api-server status | Kubernetes에만 해당 |
상태 | check projects | Kubernetes에만 해당 |
상태 | check project <project-name> | Kubernetes에만 해당 |
상태 | get ncp-restore status | Kubernetes에만 해당 |
상태 | get ncp-bbs status | TAS에만 해당 |
상태 | get ncp-capi status | TAS에만 해당 |
상태 | get ncp-policy-server status | TAS에만 해당 |
캐시 | get project-caches | Kubernetes에만 해당 |
캐시 | get project-cache <project-name> | Kubernetes에만 해당 |
캐시 | get namespace-caches | Kubernetes에만 해당 |
캐시 | get namespace-cache <namespace-name> | Kubernetes에만 해당 |
캐시 | get pod-caches | Kubernetes에만 해당 |
캐시 | get pod-cache <pod-name> | Kubernetes에만 해당 |
캐시 | get ingress-caches | Kubernetes에만 해당 |
캐시 | get ingress-cache <ingress-name> | Kubernetes에만 해당 |
캐시 | get ingress-cache <ingress-name> <namespace-name> | Kubernetes에만 해당 |
캐시 | get ingress-controllers | Kubernetes에만 해당 |
캐시 | get ingress-controller <ingress-controller-name> | Kubernetes에만 해당 |
캐시 | get network-policy-caches | Kubernetes에만 해당 |
캐시 | get network-policy-cache <network-policy-name> | Kubernetes에만 해당 |
캐시 | get network-policy-cache <network-policy-name> <namespace-name> | Kubernetes에만 해당 |
캐시 | get service-cache <service-id> | Kubernetes에만 해당 |
캐시 | get service-caches | Kubernetes에만 해당 |
캐시 | get asg-caches | TAS에만 해당 |
캐시 | get asg-cache <asg-ID> | TAS에만 해당 |
캐시 | get org-caches | TAS에만 해당 |
캐시 | get org-cache <org-ID> | TAS에만 해당 |
캐시 | get space-caches | TAS에만 해당 |
캐시 | get space-cache <space-ID> | TAS에만 해당 |
캐시 | get app-caches | TAS에만 해당 |
캐시 | get app-cache <app-ID> | TAS에만 해당 |
캐시 | get instance-caches <app-ID> | TAS에만 해당 |
캐시 | get instance-cache <app-ID> <instance-ID> | TAS에만 해당 |
캐시 | get policy-caches | TAS에만 해당 |
지원 | get ncp-log file <filename> | Kubernetes와 TAS 모두에 해당 |
지원 | get ncp-log-level[구성 요소] | Kubernetes와 TAS 모두에 해당 |
지원 | set ncp-log-level <log-level>[구성 요소] | Kubernetes와 TAS 모두에 해당 |
지원 | get support-bundle file <filename> | Kubernetes에만 해당 |
지원 | get node-agent-log file <filename> | Kubernetes에만 해당 |
지원 | get node-agent-log file <filename> <node-name> | Kubernetes에만 해당 |
유형 | 명령 |
---|---|
상태 | get node-agent-hyperbus status |
상태 | get node-agent-ovs status |
지원 | get node-agent-log-level |
지원 | set node-agent-log-level <log-level> |
캐시 | get container-cache <container-name> |
캐시 | get container-caches |
유형 | 명령 |
---|---|
상태 | get kube-proxy-k8s-api-server status |
상태 | get kube-proxy-watcher <watcher-name> |
상태 | get kube-proxy-watchers |
지원 | get kube-proxy-log-level |
지원 | set kube-proxy-log-level <log-level> |
모든 컨테이너에 대한 일부 명령 예
- 로컬 파일을 원격 대상에 복사합니다.copy file <filename> url <url>
예:
container> copy file support-bundle-0.tgz url scp://admin@192.168.210.200/home/admin/ admin@192.168.210.200's password: container> - 원격 파일을 로컬 파일에 복사합니다.copy url <url> [file <filename>]
예:
container> copy url scp://admin@192.168.210.200/home/admin/support-bundle-0.tgz admin@192.168.210.200's password: container>
NCP 컨테이너의 상태 명령
- NCP 마스터의 상태 표시 get ncp-master status
예:
kubenode> get ncp-master status This instance is not the NCP master Current NCP Master id is a4h83eh1-b8dd-4e74-c71c-cbb7cc9c4c1c Last master update at Wed Oct 25 22:46:40 2017 - NCP와 NSX Manager 간의 연결 상태 표시 get ncp-nsx status
예:
kubenode> get ncp-nsx status NSX Manager status: Healthy - 수신, 네임스페이스, 포드 및 서비스에 대한 감시자 상태 표시 get ncp-watchers get ncp-watcher <watcher-name>
예:
kubenode> get ncp-watchers pod: Average event processing time: 1145 msec (in past 3600-sec window) Current watcher started time: Mar 02 2017 10:51:37 PST Number of events processed: 1 (in past 3600-sec window) Total events processed by current watcher: 1 Total events processed since watcher thread created: 1 Total watcher recycle count: 0 Watcher thread created time: Mar 02 2017 10:51:37 PST Watcher thread status: Up namespace: Average event processing time: 68 msec (in past 3600-sec window) Current watcher started time: Mar 02 2017 10:51:37 PST Number of events processed: 2 (in past 3600-sec window) Total events processed by current watcher: 2 Total events processed since watcher thread created: 2 Total watcher recycle count: 0 Watcher thread created time: Mar 02 2017 10:51:37 PST Watcher thread status: Up ingress: Average event processing time: 0 msec (in past 3600-sec window) Current watcher started time: Mar 02 2017 10:51:37 PST Number of events processed: 0 (in past 3600-sec window) Total events processed by current watcher: 0 Total events processed since watcher thread created: 0 Total watcher recycle count: 0 Watcher thread created time: Mar 02 2017 10:51:37 PST Watcher thread status: Up service: Average event processing time: 3 msec (in past 3600-sec window) Current watcher started time: Mar 02 2017 10:51:37 PST Number of events processed: 1 (in past 3600-sec window) Total events processed by current watcher: 1 Total events processed since watcher thread created: 1 Total watcher recycle count: 0 Watcher thread created time: Mar 02 2017 10:51:37 PST Watcher thread status: Up kubenode> get ncp-watcher pod Average event processing time: 1174 msec (in past 3600-sec window) Current watcher started time: Mar 02 2017 10:47:35 PST Number of events processed: 1 (in past 3600-sec window) Total events processed by current watcher: 1 Total events processed since watcher thread created: 1 Total watcher recycle count: 0 Watcher thread created time: Mar 02 2017 10:47:35 PST Watcher thread status: Up - NCP와 Kubernetes API 서버 간의 연결 상태 표시 get ncp-k8s-api-server status
예:
kubenode> get ncp-k8s-api-server status Kubernetes ApiServer status: Healthy - 모든 프로젝트 또는 특정 프로젝트 확인 check projects check project <project-name>
예:
kubenode> check projects default: Tier-1 link port for router 1b90a61f-0f2c-4768-9eb6-ea8954b4f327 is missing Switch 40a6829d-c3aa-4e17-ae8a-7f7910fdf2c6 is missing ns1: Router 8accc9cd-9883-45f6-81b3-0d1fb2583180 is missing kubenode> check project default Tier-1 link port for router 1b90a61f-0f2c-4768-9eb6-ea8954b4f327 is missing Switch 40a6829d-c3aa-4e17-ae8a-7f7910fdf2c6 is missing - NCP와 TAS BBS 간의 연결 상태 확인 get ncp-bbs status
예:
node> get ncp-bbs status BBS Server status: Healthy - NCP와 TAS CAPI 간의 연결 상태 확인 get ncp-capi status
예:
node> get ncp-capi status CAPI Server status: Healthy - NCP와 TAS 정책 서버 간의 연결 상태 확인 get ncp-policy-server status
예:
node> get ncp-bbs status Policy Server status: Healthy
NCP 컨테이너의 캐시 명령
- 프로젝트 또는 네임스페이스에 대한 내부 캐시 가져오기 get project-cache <project-name> get project-caches get namespace-cache <namespace-name> get namespace-caches
예:
kubenode> get project-caches default: logical-router: 8accc9cd-9883-45f6-81b3-0d1fb2583180 logical-switch: id: 9d7da647-27b6-47cf-9cdb-6e4f4d5a356d ip_pool_id: 519ff57f-061f-4009-8d92-3e6526e7c17e subnet: 10.0.0.0/24 subnet_id: f75fd64c-c7b0-4b42-9681-fc656ae5e435 kube-system: logical-router: 5032b299-acad-448e-a521-19d272a08c46 logical-switch: id: 85233651-602d-445d-ab10-1c84096cc22a ip_pool_id: ab1c5b09-7004-4206-ac56-85d9d94bffa2 subnet: 10.0.1.0/24 subnet_id: 73e450af-b4b8-4a61-a6e3-c7ddd15ce751 testns: ext_pool_id: 346a0f36-7b5a-4ecc-ad32-338dcb92316f labels: ns: myns project: myproject logical-router: 4dc8f8a9-69b4-4ff7-8fb7-d2625dc77efa logical-switch: id: 6111a99a-6e06-4faa-a131-649f10f7c815 ip_pool_id: 51ca058d-c3dc-41fd-8f2d-e69006ab1b3d subnet: 50.0.2.0/24 subnet_id: 34f79811-bd29-4048-a67d-67ceac97eb98 project_nsgroup: 9606afee-6348-4780-9dbe-91abfd23e475 snat_ip: 4.4.0.3 kubenode> get project-cache default logical-router: 8accc9cd-9883-45f6-81b3-0d1fb2583180 logical-switch: id: 9d7da647-27b6-47cf-9cdb-6e4f4d5a356d ip_pool_id: 519ff57f-061f-4009-8d92-3e6526e7c17e subnet: 10.0.0.0/24 subnet_id: f75fd64c-c7b0-4b42-9681-fc656ae5e435 kubenode> get namespace-caches default: logical-router: 8accc9cd-9883-45f6-81b3-0d1fb2583180 logical-switch: id: 9d7da647-27b6-47cf-9cdb-6e4f4d5a356d ip_pool_id: 519ff57f-061f-4009-8d92-3e6526e7c17e subnet: 10.0.0.0/24 subnet_id: f75fd64c-c7b0-4b42-9681-fc656ae5e435 kube-system: logical-router: 5032b299-acad-448e-a521-19d272a08c46 logical-switch: id: 85233651-602d-445d-ab10-1c84096cc22a ip_pool_id: ab1c5b09-7004-4206-ac56-85d9d94bffa2 subnet: 10.0.1.0/24 subnet_id: 73e450af-b4b8-4a61-a6e3-c7ddd15ce751 testns: ext_pool_id: 346a0f36-7b5a-4ecc-ad32-338dcb92316f labels: ns: myns project: myproject logical-router: 4dc8f8a9-69b4-4ff7-8fb7-d2625dc77efa logical-switch: id: 6111a99a-6e06-4faa-a131-649f10f7c815 ip_pool_id: 51ca058d-c3dc-41fd-8f2d-e69006ab1b3d subnet: 50.0.2.0/24 subnet_id: 34f79811-bd29-4048-a67d-67ceac97eb98 project_nsgroup: 9606afee-6348-4780-9dbe-91abfd23e475 snat_ip: 4.4.0.3 kubenode> get namespace-cache default logical-router: 8accc9cd-9883-45f6-81b3-0d1fb2583180 logical-switch: id: 9d7da647-27b6-47cf-9cdb-6e4f4d5a356d ip_pool_id: 519ff57f-061f-4009-8d92-3e6526e7c17e subnet: 10.0.0.0/24 subnet_id: f75fd64c-c7b0-4b42-9681-fc656ae5e435 - 포드에 대한 내부 캐시 가져오기 get pod-cache <pod-name> get pod-caches
예:
kubenode> get pod-caches nsx.default.nginx-rc-uq2lv: cif_id: 2af9f734-37b1-4072-ba88-abbf935bf3d4 gateway_ip: 10.0.0.1 host_vif: d6210773-5c07-4817-98db-451bd1f01937 id: 1c8b5c52-3795-11e8-ab42-005056b198fb ingress_controller: False ip: 10.0.0.2/24 labels: app: nginx mac: 02:50:56:00:08:00 port_id: d52c833a-f531-4bdf-bfa2-e8a084a8d41b vlan: 1 nsx.testns.web-pod-1: cif_id: ce134f21-6be5-43fe-afbf-aaca8c06b5cf gateway_ip: 50.0.2.1 host_vif: d6210773-5c07-4817-98db-451bd1f01937 id: 3180b521-270e-11e8-ab42-005056b198fb ingress_controller: False ip: 50.0.2.3/24 labels: app: nginx-new role: db tier: cache mac: 02:50:56:00:20:02 port_id: 81bc2b8e-d902-4cad-9fc1-aabdc32ecaf8 vlan: 3 kubenode> get pod-cache nsx.default.nginx-rc-uq2lv cif_id: 2af9f734-37b1-4072-ba88-abbf935bf3d4 gateway_ip: 10.0.0.1 host_vif: d6210773-5c07-4817-98db-451bd1f01937 id: 1c8b5c52-3795-11e8-ab42-005056b198fb ingress_controller: False ip: 10.0.0.2/24 labels: app: nginx mac: 02:50:56:00:08:00 port_id: d52c833a-f531-4bdf-bfa2-e8a084a8d41b vlan: 1 - 모든 수신 캐시 또는 특정 수신 캐시 가져오기 get ingress caches get ingress-cache <ingress-name> get ingress-cache <ingress-name> <namespace-name>
예:
kubenode> get ingress-caches nsx.default.cafe-ingress: ext_pool_id: cc02db70-539a-4934-a938-5b851b3e485b lb_virtual_server: id: 895c7f43-c56e-4b67-bb4c-09d68459d416 lb_service_id: 659eefc6-33d1-4672-a419-344b877f528e name: dgo2-http type: http lb_virtual_server_ip: 5.5.0.2 name: cafe-ingress rules: host: cafe.example.com http: paths: path: /coffee backend: serviceName: coffee-svc servicePort: 80 lb_rule: id: 4bc16bdd-abd9-47fb-a09e-21e58b2131c3 name: dgo2-default-cafe-ingress/coffee kubenode> get ingress-cache nsx.default.cafe-ingress ext_pool_id: cc02db70-539a-4934-a938-5b851b3e485b lb_virtual_server: id: 895c7f43-c56e-4b67-bb4c-09d68459d416 lb_service_id: 659eefc6-33d1-4672-a419-344b877f528e name: dgo2-http type: http lb_virtual_server_ip: 5.5.0.2 name: cafe-ingress rules: host: cafe.example.com http: paths: path: /coffee backend: serviceName: coffee-svc servicePort: 80 lb_rule: id: 4bc16bdd-abd9-47fb-a09e-21e58b2131c3 name: dgo2-default-cafe-ingress/coffee kubenode> get ingress-cache tea-ingress tea-ns creation_timestamp: 2019-05-02T22:00:15Z default_backend: None labels: None loadbalancer_ingress: ip: 4.4.0.1 ip: 100.64.240.3 name: tea-ingress namespace: tea-ns rules: host: drink.example.com http: paths: backend: lb_pool: 28b36074-8bcc-43ed-bf41-6e3cf4b6fc68: algorithm: ROUND_ROBIN members: None service name: tea-svc port: number: 80 nsx_lb_rule: 36861dc4-7488-46a8-9820-ba846c97cb09: phase: HTTP_FORWARDING path: /tea tls: hosts: drink.example.com nsx_certificate: secretName: drink-secret uid: aa64e1aa-6d25-11e9-b86c-0050568c8767 - 모든 수신 컨트롤러 또는 특정 수신 컨트롤러에 대한 정보 가져오기(사용되지 않도록 설정된 컨트롤러 포함) get ingress controllers get ingress-controller <ingress-controller-name>
예:
kubenode> get ingress-controllers native-load-balancer: ingress_virtual_server: http: default_backend_tags: id: 895c7f43-c56e-4b67-bb4c-09d68459d416 pool_id: None https_terminated: default_backend_tags: id: 293282eb-f1a0-471c-9e48-ba28d9d89161 pool_id: None lb_ip_pool_id: cc02db70-539a-4934-a938-5b851b3e485b loadbalancer_service: first_avail_index: 0 lb_services: id: 659eefc6-33d1-4672-a419-344b877f528e name: dgo2-bfmxi t1_link_port_ip: 100.64.128.5 t1_router_id: cb50deb2-4460-45f2-879a-1b94592ae886 virtual_servers: 293282eb-f1a0-471c-9e48-ba28d9d89161 895c7f43-c56e-4b67-bb4c-09d68459d416 ssl: ssl_client_profile_id: aff205bb-4db8-5a72-8d67-218cdc54d27b vip: 5.5.0.2 nsx.default.nginx-ingress-rc-host-ed3og ip: 10.192.162.201 mode: hostnetwork pool_id: 5813c609-5d3a-4438-b9c3-ea3cd6de52c3 kubenode> get ingress-controller native-load-balancer ingress_virtual_server: http: default_backend_tags: id: 895c7f43-c56e-4b67-bb4c-09d68459d416 pool_id: None https_terminated: default_backend_tags: id: 293282eb-f1a0-471c-9e48-ba28d9d89161 pool_id: None lb_ip_pool_id: cc02db70-539a-4934-a938-5b851b3e485b loadbalancer_service: first_avail_index: 0 lb_services: id: 659eefc6-33d1-4672-a419-344b877f528e name: dgo2-bfmxi t1_link_port_ip: 100.64.128.5 t1_router_id: cb50deb2-4460-45f2-879a-1b94592ae886 virtual_servers: 293282eb-f1a0-471c-9e48-ba28d9d89161 895c7f43-c56e-4b67-bb4c-09d68459d416 ssl: ssl_client_profile_id: aff205bb-4db8-5a72-8d67-218cdc54d27b vip: 5.5.0.2 - 네트워크 정책 캐시 또는 특정 네트워크 정책 캐시 가져오기 get network-policy caches get network-policy-cache <network-policy-name> get network-policy-cache <network-policy-name> <namespace-name>
예:
kubenode> get network-policy-caches nsx.testns.allow-tcp-80: dest_labels: None dest_pods: 50.0.2.3 match_expressions: key: tier operator: In values: cache name: allow-tcp-80 np_dest_ip_set_ids: 22f82d76-004f-4d12-9504-ce1cb9c8aa00 np_except_ip_set_ids: np_ip_set_ids: 14f7f825-f1a0-408f-bbd9-bb2f75d44666 np_isol_section_id: c8d93597-9066-42e3-991c-c550c46b2270 np_section_id: 04693136-7925-44f2-8616-d809d02cd2a9 ns_name: testns src_egress_rules: None src_egress_rules_hash: 97d170e1550eee4afc0af065b78cda302a97674c src_pods: 50.0.2.0/24 src_rules: from: namespaceSelector: matchExpressions: key: tier operator: DoesNotExist matchLabels: ns: myns ports: port: 80 protocol: TCP src_rules_hash: e4ea7b8d91c1e722670a59f971f8fcc1a5ac51f1 kubenode> get network-policy-cache nsx.testns.allow-tcp-80 dest_labels: None dest_pods: 50.0.2.3 match_expressions: key: tier operator: In values: cache name: allow-tcp-80 np_dest_ip_set_ids: 22f82d76-004f-4d12-9504-ce1cb9c8aa00 np_except_ip_set_ids: np_ip_set_ids: 14f7f825-f1a0-408f-bbd9-bb2f75d44666 np_isol_section_id: c8d93597-9066-42e3-991c-c550c46b2270 np_section_id: 04693136-7925-44f2-8616-d809d02cd2a9 ns_name: testns src_egress_rules: None src_egress_rules_hash: 97d170e1550eee4afc0af065b78cda302a97674c src_pods: 50.0.2.0/24 src_rules: from: namespaceSelector: matchExpressions: key: tier operator: DoesNotExist matchLabels: ns: myns ports: port: 80 protocol: TCP src_rules_hash: e4ea7b8d91c1e722670a59f971f8fcc1a5ac51f1 kubenode> get network-policy-cache test-network-policy playground egress_rules: ports: port: 5978 protocol: TCP to: ipBlock: cidr: 10.0.0.0/24 id: playground test-network-policy ingress_rules: from: ipBlock: cidr: 192.167.0.1/24 except: 192.167.0.22/30 namespaceSelector: matchLabels: project: playground3 podSelector: matchLabels: role: testing isolation_section: id: a2746857-59cd-48ed-90d7-fd0a26395d68 labels: external_id: a815e70a-0646-11ea-940b-0050569e8e8f name: is-k8scluster-playground-test-network-policy rules: 1049: action: DROP destinations: is_valid: True target_display_name: tgt-k8scluster-playground-test-network-policy target_id: 2f01d2f1-7496-4e67-a856-4829c56923cb target_type: IPSet direction: IN name: ir-k8scluster-playground-test-network-policy sources: None name: test-network-policy namespace: playground pod_match_expression: operator: match_labels values: role: testing2 policy_section: id: 0fc97658-0588-4af7-b958-1eaf6141e817 labels: external_id: a815e70a-0646-11ea-940b-0050569e8e8f name: k8scluster-playground-test-network-policy rules: 1053: action: ALLOW destinations: is_valid: True target_display_name: tgt-k8scluster-playground-test-network-policy target_id: 2f01d2f1-7496-4e67-a856-4829c56923cb target_type: IPSet direction: IN name: ir-k8scluster-playground-test-network-policy-all sources: is_valid: True target_display_name: src-k8scluster-playground-test-network-policy-all target_id: b0573576-ff87-49c2-8279-79858c6329b4 target_type: IPSet policy_types: ingress egress target_ip_set: id: 2f01d2f1-7496-4e67-a856-4829c56923cb ip_addresses: 192.168.0.35 192.168.0.37 labels: match_expr_hash: 9915edba71061de777bd58ca054745debc14dcf5 role: testing2 name: tgt-k8scluster-playground-test-network-policy - 모든 ASG 캐시 또는 특정 ASG 캐시 가져오기 get asg-caches get asg-cache <asg-ID>
예:
node> get asg-caches edc04715-d04c-4e63-abbc-db601a668db6: fws_id: 3c66f40a-5378-46d7-a7e2-bee4ba72a4cc name: org-85_tcp_80_asg rules: destinations: 66.10.10.0/24 ports: 80 protocol: tcp rule_id: 4359 running_default: False running_spaces: 75bc164d-1214-46f9-80bb-456a8fbccbfd staging_default: False staging_spaces: node> get asg-cache edc04715-d04c-4e63-abbc-db601a668db6 fws_id: 3c66f40a-5378-46d7-a7e2-bee4ba72a4cc name: org-85_tcp_80_asg rules: destinations: 66.10.10.0/24 ports: 80 protocol: tcp rule_id: 4359 running_default: False running_spaces: 75bc164d-1214-46f9-80bb-456a8fbccbfd staging_default: False staging_spaces: - 모든 조직 캐시 또는 특정 조직 캐시 가져오기 get org-caches get org-cache <org-ID>
예:
node> get org-caches ebb8b4f9-a40f-4122-bf21-65c40f575aca: ext_pool_id: 9208a8b8-57d7-4582-9c1f-7a7cefa104f5 isolation: isolation_section_id: d6e7ff95-4737-4e34-91d4-27601897353f logical-router: 94a414a2-551e-4444-bae6-3d79901a165f logical-switch: id: d74807e8-8f74-4575-b26b-87d4fdbafd3c ip_pool_id: 1b60f16f-4a30-4a3d-93cc-bfb08a5e3e02 subnet: 50.0.48.0/24 subnet_id: a458d3aa-bea9-4684-9957-d0ce80d11788 name: org-50 snat_ip: 70.0.0.49 spaces: e8ab7aa0-d4e3-4458-a896-f33177557851 node> get org-cache ebb8b4f9-a40f-4122-bf21-65c40f575aca ext_pool_id: 9208a8b8-57d7-4582-9c1f-7a7cefa104f5 isolation: isolation_section_id: d6e7ff95-4737-4e34-91d4-27601897353f logical-router: 94a414a2-551e-4444-bae6-3d79901a165f logical-switch: id: d74807e8-8f74-4575-b26b-87d4fdbafd3c ip_pool_id: 1b60f16f-4a30-4a3d-93cc-bfb08a5e3e02 subnet: 50.0.48.0/24 subnet_id: a458d3aa-bea9-4684-9957-d0ce80d11788 name: org-50 snat_ip: 70.0.0.49 spaces: e8ab7aa0-d4e3-4458-a896-f33177557851 - 모든 공간 캐시 또는 특정 공간 캐시 가져오기 get space-caches get space-cache <space-ID>
예:
node> get space-caches global_security_group: name: global_security_group running_nsgroup: 226d4292-47fb-4c2e-a118-449818d8fa98 staging_nsgroup: 7ebbf7f5-38c9-43a3-9292-682056722836 7870d134-7997-4373-b665-b6a910413c47: name: test-space1 org_id: a8423bc0-4b2b-49fb-bbff-a4badf21eb09 running_nsgroup: 4a3d9bcc-be36-47ae-bff8-96448fecf307 running_security_groups: aa0c7c3f-a478-4d45-8afa-df5d5d7dc512 staging_security_groups: aa0c7c3f-a478-4d45-8afa-df5d5d7dc512 node> get space-cache 7870d134-7997-4373-b665-b6a910413c47 name: test-space1 org_id: a8423bc0-4b2b-49fb-bbff-a4badf21eb09 running_nsgroup: 4a3d9bcc-be36-47ae-bff8-96448fecf307 running_security_groups: aa0c7c3f-a478-4d45-8afa-df5d5d7dc512 staging_security_groups: aa0c7c3f-a478-4d45-8afa-df5d5d7dc512 - 모든 애플리케이션 캐시 또는 특정 애플리케이션 캐시 가져오기 get app-caches get app-cache <app-ID>
예:
node> get app-caches aff2b12b-b425-4d9f-b8e6-b6308644efa8: instances: b72199cc-e1ab-49bf-506d-478d: app_id: aff2b12b-b425-4d9f-b8e6-b6308644efa8 cell_id: 0dda88bc-640b-44e7-8cea-20e83e873544 cif_id: 158a1d7e-6ccc-4027-a773-55bb2618f51b gateway_ip: 192.168.5.1 host_vif: 53475dfd-03e4-4bc6-b8ba-3d803725cbab id: b72199cc-e1ab-49bf-506d-478d index: 0 ip: 192.168.5.4/24 last_updated_time: 1522965828.45 mac: 02:50:56:00:60:02 port_id: a7c6f6bb-c472-4239-a030-bce615d5063e state: RUNNING vlan: 3 name: hello2 rg_id: a8423bc0-4b2b-49fb-bbff-a4badf21eb09 space_id: 7870d134-7997-4373-b665-b6a910413c47 node> get app-cache aff2b12b-b425-4d9f-b8e6-b6308644efa8 instances: b72199cc-e1ab-49bf-506d-478d: app_id: aff2b12b-b425-4d9f-b8e6-b6308644efa8 cell_id: 0dda88bc-640b-44e7-8cea-20e83e873544 cif_id: 158a1d7e-6ccc-4027-a773-55bb2618f51b gateway_ip: 192.168.5.1 host_vif: 53475dfd-03e4-4bc6-b8ba-3d803725cbab id: b72199cc-e1ab-49bf-506d-478d index: 0 ip: 192.168.5.4/24 last_updated_time: 1522965828.45 mac: 02:50:56:00:60:02 port_id: a7c6f6bb-c472-4239-a030-bce615d5063e state: RUNNING vlan: 3 name: hello2 org_id: a8423bc0-4b2b-49fb-bbff-a4badf21eb09 space_id: 7870d134-7997-4373-b665-b6a910413c47 - 애플리케이션의 모든 인스턴스 캐시 또는 특정 인스턴스 캐시 가져오기 get instance-caches <app-ID> get instance-cache <app-ID> <instance-ID>
예:
node> get instance-caches aff2b12b-b425-4d9f-b8e6-b6308644efa8 b72199cc-e1ab-49bf-506d-478d: app_id: aff2b12b-b425-4d9f-b8e6-b6308644efa8 cell_id: 0dda88bc-640b-44e7-8cea-20e83e873544 cif_id: 158a1d7e-6ccc-4027-a773-55bb2618f51b gateway_ip: 192.168.5.1 host_vif: 53475dfd-03e4-4bc6-b8ba-3d803725cbab id: b72199cc-e1ab-49bf-506d-478d index: 0 ip: 192.168.5.4/24 last_updated_time: 1522965828.45 mac: 02:50:56:00:60:02 port_id: a7c6f6bb-c472-4239-a030-bce615d5063e state: RUNNING vlan: 3 node> get instance-cache aff2b12b-b425-4d9f-b8e6-b6308644efa8 b72199cc-e1ab-49bf-506d-478d app_id: aff2b12b-b425-4d9f-b8e6-b6308644efa8 cell_id: 0dda88bc-640b-44e7-8cea-20e83e873544 cif_id: 158a1d7e-6ccc-4027-a773-55bb2618f51b gateway_ip: 192.168.5.1 host_vif: 53475dfd-03e4-4bc6-b8ba-3d803725cbab id: b72199cc-e1ab-49bf-506d-478d index: 0 ip: 192.168.5.4/24 last_updated_time: 1522965828.45 mac: 02:50:56:00:60:02 port_id: a7c6f6bb-c472-4239-a030-bce615d5063e state: RUNNING vlan: 3 - 모든 정책 캐시 가져오기 get policy-caches
예:
node> get policy-caches aff2b12b-b425-4d9f-b8e6-b6308644efa8: fws_id: 3fe27725-f139-479a-b83b-8576c9aedbef nsg_id: 30583a27-9b56-49c1-a534-4040f91cc333 rules: 8272: dst_app_id: aff2b12b-b425-4d9f-b8e6-b6308644efa8 ports: 8382 protocol: tcp src_app_id: f582ec4d-3a13-440a-afbd-97b7bfae21d1 f582ec4d-3a13-440a-afbd-97b7bfae21d1: nsg_id: d24b9f77-e2e0-4fba-b258-893223683aa6 rules: 8272: dst_app_id: aff2b12b-b425-4d9f-b8e6-b6308644efa8 ports: 8382 protocol: tcp src_app_id: f582ec4d-3a13-440a-afbd-97b7bfae21d1 - NCP에서 서비스 캐시를 가져옵니다. get service-cache <service-id>
예:
kubenode> get service-cache d3d3b69d-2fc9-11e9-9046-00505691efa7 lb_persistence_profile: None loadbalancer_ingress: ip: 11.11.64.8 ip: 100.64.144.3 loadbalancer_ip: None name: tcp-svc-lb namespace: cafe service_type: LoadBalancer snat_pool: None deletion_timestamp: None port_nums: 80 ports: lb_pool: e017377f-3e34-4acc-9a7e-583bb16fb8ba: algorithm: ROUND_ROBIN members: None lb_vs: ef6f4104-0fcb-42e5-95e5-6b9b7f5ef818: ip_address: 11.11.64.8 ip_pool_id: 1d0dfac7-d707-448a-ad79-e101fafa3e23 persistence_profile_id: d29cfef5-0caf-4d21-ae01-b2173bb3db36 pool_id: e017377f-3e34-4acc-9a7e-583bb16fb8ba name: tcp nodePort: 31836 port: 80 protocol: TCP targetPort: 80
NCP 컨테이너의 지원 명령
- 파일 저장소에 NCP 지원 번들 저장
지원 번들은 레이블이 tier:nsx-networking인 포드의 모든 컨테이너에 대한 로그 파일로 구성됩니다. 번들 파일은 tgz 형식으로 되어 있으며 CLI 기본 파일 저장소 디렉토리 /var/vmware/nsx/file-store에 저장됩니다. CLI file-store 명령을 사용하여 번들 파일을 원격 사이트에 복사할 수 있습니다.
get support-bundle file <filename>예:
kubenode>get support-bundle file foo Bundle file foo created in tgz format kubenode>copy file foo url scp://nicira@10.0.0.1:/tmp - 파일 저장소에 NCP 로그 저장
로그 파일은 tgz 형식으로 CLI 기본 파일 저장소 디렉토리 /var/vmware/nsx/file-store에 저장됩니다. CLI file-store 명령을 사용하여 번들 파일을 원격 사이트에 복사할 수 있습니다.
get ncp-log file <filename>예:
kubenode>get ncp-log file foo Log file foo created in tgz format - 파일 저장소에 노드 에이전트 로그 저장
하나의 노드 또는 모든 노드의 노드 에이전트 로그를 저장합니다. 로그는 tgz 형식으로 CLI 기본 파일 저장소 디렉토리 /var/vmware/nsx/file-store에 저장됩니다. CLI file-store 명령을 사용하여 번들 파일을 원격 사이트에 복사할 수 있습니다.
get node-agent-log file <filename> get node-agent-log file <filename> <node-name>예:
kubenode>get node-agent-log file foo Log file foo created in tgz format - 전체 또는 특정 구성 요소에 대한 로그 수준을 가져오고 설정합니다.
사용 가능한 로그 수준은 NOTSET, DEBUG, INFO, WARNING, ERROR 및 CRITICAL입니다.
사용 가능한 구성 요소는 nsx_ujo.ncp, nsx_ujo.ncp.k8s, nsx_ujo.ncp.pcf, vmware_nsxlib.v3, nsxrpc 및 nsx_ujo.ncp.nsx입니다.
get ncp-log-level [component] set ncp-log-level <log level> [component]예:
kubenode> get ncp-log-level NCP log level is INFO kubenode> get ncp-log-level nsx_ujo.ncp nsx_ujo.ncp log level is INFO kubenode>set ncp-log-level DEBUG NCP log level is changed to DEBUG kubenode> set ncp-log-level DEBUG nsx_ujo.ncp nsx_ujo.ncp log level has been changed to DEBUG
NSX 노드 에이전트 컨테이너의 상태 명령
- 이 노드의 노드 에이전트와 HyperBus 사이의 연결 상태 표시 get node-agent-hyperbus status
예:
kubenode> get node-agent-hyperbus status HyperBus status: Healthy
NSX 노드 에이전트 컨테이너의 캐시 명령
- NSX 노드 에이전트 컨테이너의 내부 캐시 가져오기 get container-cache <container-name> get container-caches
예:
kubenode> get container-caches cif104: ip: 192.168.0.14/32 mac: 50:01:01:01:01:14 gateway_ip: 169.254.1.254/16 vlan_id: 104 kubenode> get container-cache cif104 ip: 192.168.0.14/32 mac: 50:01:01:01:01:14 gateway_ip: 169.254.1.254/16 vlan_id: 104
NSX Kube Proxy 컨테이너의 상태 명령
- Kube Proxy와 Kubernetes API 서버 간의 연결 상태 표시 get ncp-k8s-api-server status
예:
kubenode> get kube-proxy-k8s-api-server status Kubernetes ApiServer status: Healthy - Kube Proxy 감시자 상태 표시 get kube-proxy-watcher <watcher-name> get kube-proxy-watchers
예:
kubenode> get kube-proxy-watchers endpoint: Average event processing time: 15 msec (in past 3600-sec window) Current watcher started time: May 01 2017 15:06:24 PDT Number of events processed: 90 (in past 3600-sec window) Total events processed by current watcher: 90 Total events processed since watcher thread created: 90 Total watcher recycle count: 0 Watcher thread created time: May 01 2017 15:06:24 PDT Watcher thread status: Up service: Average event processing time: 8 msec (in past 3600-sec window) Current watcher started time: May 01 2017 15:06:24 PDT Number of events processed: 2 (in past 3600-sec window) Total events processed by current watcher: 2 Total events processed since watcher thread created: 2 Total watcher recycle count: 0 Watcher thread created time: May 01 2017 15:06:24 PDT Watcher thread status: Up kubenode> get kube-proxy-watcher endpoint Average event processing time: 15 msec (in past 3600-sec window) Current watcher started time: May 01 2017 15:06:24 PDT Number of events processed: 90 (in past 3600-sec window) Total events processed by current watcher: 90 Total events processed since watcher thread created: 90 Total watcher recycle count: 0 Watcher thread created time: May 01 2017 15:06:24 PDT Watcher thread status: Up - 노드에서 OVS 흐름 덤프 dump ovs-flows
예:
kubenode> dump ovs-flows NXST_FLOW reply (xid=0x4): cookie=0x0, duration=8.876s, table=0, n_packets=0, n_bytes=0, idle_age=8, priority=100,ip actions=ct(table=1) cookie=0x0, duration=8.898s, table=0, n_packets=0, n_bytes=0, idle_age=8, priority=0 actions=NORMAL cookie=0x0, duration=8.759s, table=1, n_packets=0, n_bytes=0, idle_age=8, priority=100,tcp,nw_dst=10.96.0.1,tp_dst=443 actions=mod_tp_dst:443 cookie=0x0, duration=8.719s, table=1, n_packets=0, n_bytes=0, idle_age=8, priority=100,ip,nw_dst=10.96.0.10 actions=drop cookie=0x0, duration=8.819s, table=1, n_packets=0, n_bytes=0, idle_age=8, priority=90,ip,in_port=1 actions=ct(table=2,nat) cookie=0x0, duration=8.799s, table=1, n_packets=0, n_bytes=0, idle_age=8, priority=80,ip actions=NORMAL cookie=0x0, duration=8.856s, table=2, n_packets=0, n_bytes=0, idle_age=8, actions=NORMAL