bmctl
是 GKE on Bare Metal 的命令行工具,可简化集群创建和管理。本文档全面介绍了 bmctl
命令和相关标志。
准备工作
bmctl
使用应用默认凭据 (ADC) 验证集群规范 (clusterOperations.location
) 中的 location
值(如果未设置为 global
)。许多 bmctl
命令需要进行此验证。为使 ADC 正常工作,您需要执行以下任一操作:
将管理员工作站上的
GOOGLE_APPLICATION_CREDENTIALS
环境变量设置为服务帐号凭据文件的路径。使用 gcloud CLI 您的用户凭据作为应用默认凭据 (ADC):
gcloud auth application-default login
部分 bmctl
命令可让您通过标志指定凭据文件的路径。
备份
备份 Anthos clusters on Bare Metal 信息。
选项
-h, --help help for backup
备份集群
备份 Anthos on Bare Metal 集群,并将备份保存到 tar 文件中。
backup cluster [flags]
选项
--backup-file string path to the output backup files.
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--use-disk Perform the backup using the disk instead of in-memory buffer. This option only works when the command is run by the root user or with sudo.
--yes Perform the backup and do not prompt for confirmation (non-interactive mode).
如需详细了解如何使用 bmctl
备份和恢复集群,请参阅使用 bmctl 备份和恢复集群。
check
对集群或基础架构执行预检或健康检查。
选项
-h, --help help for check
检查插件
检查集群插件(例如 stackdriver-log-aggregator
、stackdriver-log-forwarder
和 gke-connect-agent
)的操作健康。
check add-ons [flags]
示例
# Do a health check for add-ons
bmctl check add-ons --cluster=cluster1
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for add-ons
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
检查集群
检查集群的健康状况或生成集群快照。
check cluster [flags]
示例
# Do a health check for cluster.
bmctl check cluster --cluster=cluster1
# Take a snapshot of the cluster (requires admin cluster to be available).
bmctl check cluster --snapshot --cluster=cluster1 --admin-kubeconfig=admin-kubeconfig
# Take a snapshot of the cluster nodes only (does not require admin cluster to be available).
bmctl check cluster --snapshot --cluster=cluster1 --snapshot-config=snapshot-config
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--login-user string The user to login to each node. This will be ignored when admin-kubeconfig is set. (default "root")
--node-ssh-key string The file contains ssh key to the nodes to capture snapshots against. While this flag is fully optional, when provided, nodes must also be provided.
--nodes strings The comma-separated IP address list of the nodes to capture snapshots against. While this flag is fully optional, when provided, node-ssh-key must also be provided.
--quiet During snapshot run suppress logging to stdout. (Console log is available in 'bmctl_diagnose_snapshot.log' file part of the snapshot)
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--service-account-key-file string The service account key file for uploading the snapshot. Please make sure this service account has the "roles/storage.admin" of its parent project for creating a Cloud Storage bucket and writing object to the bucket. Note that:
- this flag is defaulted to the environment variable GOOGLE_APPLICATION_CREDENTIALS, if not provided.
- this flag is ignored, if "--upload-to" flag is empty.
--since duration This Only returns logs newer than a relative duration like 5s, 4m, or 3h. It defaults to all logs.
--snapshot Takes a snapshot of the cluster's logs, configurations and other data if true.
--snapshot-config string The config file of the snapshot. When this flag is omitted, a default configuration is applied.
--snapshot-dry-run In dry-run mode, the command does not take the snapshot. Instead, it prints out the actions to be taken and the snapshot configuration.
--snapshot-output string The output file of the snapshot.
--snapshot-scenario string The scenario of the snapshot. This is ignored when --config flag is specified. The supported scenarios are:
- system: snapshot of system components, including their logs
- all: snapshot of all pods, including their logs (default "system")
--snapshot-temp-output-dir string The temporary landing directory for snapshot.
--upload-to string The Cloud Storage bucket name for uploading the snapshot. A new bucket will be created if it doesn't exist. Please follow the naming guidelines here(https://cloud.google.com/storage/docs/naming-buckets).
检查配置
检查集群配置文件。
check config [flags]
示例
# Do check for cluster1.yaml file
bmctl check config --cluster=cluster1
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for config
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
检查 GCP
与 Google Cloud 健康检查的集群连接。
check gcp [flags]
示例
# Do a machines' Google Cloud connectivity health check for cluster
bmctl check gcp --cluster=cluster1
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for gcp
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
检查 Kubernetes
Kubernetes 健康检查。
check kubernetes [flags]
示例
# Do a kubernetes health check for cluster
bmctl check kubernetes --cluster=cluster1
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for kubernetes
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
检查节点
检查节点健康状况。
check nodes [flags]
示例
# Do a health check for some provisioned nodes
bmctl check nodes --addresses=192.168.0.1,192.168.0.4
选项
--addresses strings Node addresses, addresses should be a comma separated list, each address needs be a single IP address(e.g., 192.168.0.1)
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for nodes
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
检查预检
预检检查。
摘要
预检检查。
check preflight [flags]
示例
# Do a preflight check for cluster1.yaml in bmctl-workspace/cluster1
bmctl check preflight --cluster=cluster1. If kubeconfig flag (for example, --kubeconfig=bmctl-workspace/cluster1/cluster1-kubeconfig) is included, the command will trigger a preflight check for upgrading the cluster
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for preflight
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
如需详细了解预检检查,请参阅了解预检检查。
create
创建集群配置文件、集群或 Kubernetes 服务账号 (KSA)。
选项
-h, --help help for create
创建集群
根据集群配置文件创建集群。
摘要
创建 Anthos Bare Metal 资源。此命令将发出已创建集群的 kubeconfig。由于此文件包含集群的凭据,因此请务必确保其安全。此命令需要 serviceusage.services.get 权限来检查 Google Cloud 项目的 API 启用。
create cluster [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--force If true, ignore errors from preflight checks and validation except for Google Cloud check errors.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
如需详细了解如何创建集群,请参阅集群创建概览。
创建配置
创建集群配置文件。默认情况下,此文件在 bmctl-workspace/
create config [flags]
选项
-c, --cluster cluster name Cluster name, must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character
--create-service-accounts Auto create Google Cloud service accounts keys, if they do not already exist in workspace
--enable-apis Auto enable APIs used by Anthos Bare Metal cluster, for the Google Cloud project specified by project-id flag
--force Overwrite existing config
-h, --help help for config
--project-id string Google Cloud project where the new cluster will connect with via GKE hub and stackdriver logging/monitoring, required if --create-service-accounts or --enable-apis is true
创建 ksa
使用目标集群的 cluster-admin 角色创建 Kubernetes 服务账号。
Kubernetes 服务账号的默认名称为“kubernetes-service-account”,因此“--name”标志是可选的。
该命令会生成不记名令牌,您可以使用该令牌登录集群。
默认情况下,不记名令牌存储在 bmctl-workspace/
create ksa [flags]
选项
-c, --cluster string Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml.
-h, --help help for ksa
--ksa-name string Name of the kubernetes service account and default value is kubernetes-service-account. (default "kubernetes-service-account")
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
停用
在集群中停用 Anthos VM Runtime。
选项
-h, --help help for disable
停用 vmruntime
在集群中停用 Anthos VM Runtime。
disable vmruntime [flags]
选项
--force If true, delete all VM resources and disable vmruntime.
-h, --help help for vmruntime
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
如需详细了解如何在 GDC 上启用或停用虚拟机运行时,请参阅在 GDC 上启用或停用虚拟机运行时。
enable
在集群中启用 Anthos VM Runtime。
选项
-h, --help help for enable
启用 vmruntime
在集群中启用 Anthos VM Runtime。
enable vmruntime [flags]
选项
-h, --help help for vmruntime
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
如需详细了解如何在 GDC 上启用或停用虚拟机运行时,请参阅在 GDC 上启用或停用虚拟机运行时。
enroll
注册集群,以便由 Anthos On-Prem API 管理。
选项
-h, --help help for enroll
注册集群
注册集群,以便由 Anthos On-Prem API 管理。此注册通过客户端(例如 Google Cloud 控制台和 gcloud CLI)启用集群管理。
enroll cluster [flags]
选项
-c, --cluster string Cluster name.
--cluster-resource-name string Unique cluster name within a Google Cloud project/fleet. It is defaulted to be the same as the --cluster-name and they should be the same if possible. In case there is already another cluster with the same name enrolled in the project/fleet previously (under another admin cluster), this flag can be used to rename the cluster within the Google Cloud project/fleet.
-h, --help help for cluster
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--location location The Google Cloud location to enroll the user cluster. The "us-west1" location is the default. (default us-west1)
如需详细了解如何注册集群,请参阅将集群配置为由 GKE on Bare Metal 管理。
get
获取集群配置或集群凭据。
选项
-h, --help help for get
获取配置
获取集群配置文件。该命令会拉取目标集群的自定义资源并发出配置文件。
get config [flags]
选项
-c, --cluster string Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml.
-h, --help help for config
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
获取凭据
获取目标集群凭据。该命令会在管理员工作站的
get credentials [flags]
选项
-c, --cluster string Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml.
-h, --help help for credentials
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
install
执行软件安装操作。
选项
-h, --help help for install
安装 virtctl
将 virtctl 作为 kubectl 插件安装到当前机器中。virtctl 插件支持基本虚拟机操作,例如创建、连接和更改电源状态。
install virtctl [flags]
选项
-d, --dst-dir string The dir virtctl binary to be installed, this path must be a valid one within PATH env variable
-h, --help help for virtctl
move
在管理集群之间移动 Anthos Bare Metal 资源和所有依赖项。
- 目标集群命名空间可以包含其他资源,有冲突的资源会被替换。
move [flags]
选项
--cluster-move-timeout duration Cluster move timeout, default value is 15m. The input should contain the duration unit, e.g. 3600s, 60m or 1h. (default 15m0s)
--from-kubeconfig string kubeconfig file path for the source management cluster. If unspecified, will use the default discovered kubeconfig.
--from-kubeconfig-context string Context to be used within the kubeconfig file for the source management cluster. If empty, current context will be used.
-h, --help help for move
-n, --namespace string The namespace where the cluster resources are stored. If unspecified, the current context's namespace is used.
--to-kubeconfig string kubeconfig file path for the destination management cluster.
--to-kubeconfig-context string Context to be used within the kubeconfig file for the destination management cluster. If empty, current context will be used.
push
将 Docker 映像推送到私有注册表。
选项
-h, --help help for push
推送映像
将本地容器映像 tar 文件推送到私有注册表。
push images [flags]
选项
--cacert string Private registry CA certificate file path.
--dry-run Dry run.
--email string Email for private registry.
--force-push If set to true, will always push images even if images already exist in registry.
-h, --help help for images
--need-credential Whether credential is needed for private registry. (default true)
--password string Password for private registry authentication.
-r, --private-registry string Private registry path that stores all Anthos Bare Metal images.
Format should be <registry-name>/<optional-registry-namespace>.
--source string Path to Anthos Bare Metal container images compressed file.
-t, --threads int Push images with multiple threads. (default 4)
--username string Username for private registry authentication.
注册引导
将引导集群注册到 Hub API。
摘要
将引导集群注册到 Hub API。此命令将本地种类集群注册为管理员集群。该命令会等待集群在 Google Cloud 控制台中创建,并在集群成功创建后退出。
register bootstrap [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
--cloud-operation-service-account-key string Optional, service account key file used to access Google cloud service, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gcr-service-account-key string Optional, service account key file used to pull GCR images, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gke-agent-service-account-key string Optional, service account key file used to connect the GKE cluster in Google Cloud, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gke-register-service-account-key string Optional, service account key file used to register the cluster in Google Cloud, service account key specified by environment variable GOOGLE_APPLICATION_CREDENTIALS will be used to fetch or create the Service account.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for bootstrap
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--name string Mandatory, Name of the bootstrap cluster. bmctl will register the bootstrap cluster with this name with GKE Connect.
--project-id string Optional, Google Cloud project for GKE Connect. bmctl will register this bootstrap cluster into Google Cloud project temporarily, and un-register it after cluster is provisioned successfully.
--registry-mirror-ca string Registry mirror CA file.
--registry-mirror-credential string Registry mirror credential file.
--registry-mirror-endpoint string Registry mirror endpoint.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--ssh-client-cert string Optional, Path of the SSH certificate. ABM will use this ssh key certificate while sshing in the machines.
--ssh-key string Mandatory, Path of the SSH key. ABM will use this ssh key while sshing in the machines.
重置
将集群机器重置为安装之前的状态。
摘要
此命令会尝试撤消在先前安装尝试时所做的更改。这是尽力从部分安装故障中恢复的操作。
reset [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for reset
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
重置引导
删除引导集群。
reset bootstrap [flags]
示例
bmctl reset bootstrap
选项
-h, --help help for bootstrap
重置节点
将指定节点重置为安装 Anthos clusters on Bare Metal 之前的状态。
reset nodes [flags]
示例
bmctl reset nodes --addresses 10.200.0.3,10.200.0.4 --ssh-private-key-path /root/.ssh/id_rsa --login-user root --gcr-service-account-key gcr.json
选项
--addresses strings Node addresses, addresses should be a comma separated list, each address needs be a single IP address(e.g., 192.168.0.1)
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--force Optional. If provided, nodes will be forcefully removed from the cluster without running reset jobs.
--gcr-service-account-key string Optional, path to the service account json key to pull gcr images. Mutually exclusive with --cluster flag. If not provided, the environment variable GOOGLE_APPLICATION_CREDENTIALS will be used.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for nodes
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--login-user string login user to use to connect to the nodes. Mutually exclusive with --cluster flag. Optional and should be used together with --ssh-private-key-path. Default to root.
--registry-mirror-ca string Registry mirror CA file.
--registry-mirror-credential string Registry mirror credential file.
--registry-mirror-endpoint string Registry mirror endpoint.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--ssh-private-key-path string path to the ssh private key to connect to the nodes. Either --cluster or --ssh-private-key-path should be provided, but not both. Use this flag to reset the machines if the original cluster yaml is no longer available.
如需详细了解如何使用 bmctl reset nodes
将集群节点恢复到安装前的状态或删除集群,请参阅重置节点并删除集群。
恢复
恢复集群或尝试恢复集群的仲裁。
摘要
恢复 Anthos on Bare Metal 集群。在没有集群子命令的情况下使用此命令时,此命令会尝试从仲裁丢失中恢复高可用性集群。与集群子命令搭配使用时,该命令会从备份文件中恢复集群。
restore [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--control-plane-node string IP for the surviving host address, should be a single IP address(e.g., 192.168.0.1).
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for restore
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string kubeconfig file path for the management cluster. This only needs to be provided if restoring a broken user cluster.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
恢复集群
从备份文件恢复 Anthos on Bare Metal 集群。
restore cluster [flags]
选项
--backup-file string path to the backup file of the cluster.
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string path to the kubeconfig of the management cluster.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--use-disk Perform the restore using the disk instead of in-memory buffer. This option only works when the command is run by the root user or with sudo.
如需详细了解如何使用 bmctl
备份和恢复集群,请参阅使用 bmctl 备份和恢复集群。
unenroll
取消注册集群。
选项
-h, --help help for unenroll
取消注册集群
取消注册 Anthos on Bare Metal 集群。此命令会停用通过 Anthos On-Prem API 管理集群的功能。取消注册后,您将无法通过 Google Cloud 控制台和 gcloud CLI 来管理集群。
unenroll cluster [flags]
选项
-c, --cluster string Cluster name.
-h, --help help for cluster
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
更新
更新 Anthos clusters on Bare Metal 资源。
选项
-h, --help help for update
更新集群
更新集群和节点池配置。此命令会应用在集群配置文件中所做的更改。默认情况下,配置文件
update cluster [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
如需详细了解如何使用 bmctl
更新集群,请参阅更新集群。如需查看哪些集群配置文件是可变的,请参阅集群配置字段参考文档。
更新凭据
更新集群凭据
摘要
更新 Anthos on Bare Metal 集群的凭据。此命令会更新管理员集群凭据以及由员集群管理的用户集群的凭据。
update credentials [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
--cloud-operations-service-account-key-path string New credential: path to cloud operations service account key.
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gcr-key-path string New credential: path to GCR service account key.
--gke-connect-agent-service-account-key-path string New credential: path to gke connect agent service account key.
--gke-connect-register-service-account-key-path string New credential: path to gke connect register service account key.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for credentials
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--ssh-private-key-path string New credential: path to ssh private key.
更新凭据证书授权机构
更新 Anthos on Bare Metal 集群上的证书授权机构。
选项
-h, --help help for certificate-authorities
从父命令继承的选项
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
更新凭据证书授权机构轮替
轮替证书授权机构
update credentials certificate-authorities rotate [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for rotate
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
从父命令继承的选项
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
upgrade
就地将 Anthos on Bare Metal 集群升级到新版本。
选项
-h, --help help for upgrade
升级集群
升级 Anthos on Bare Metal 集群。
摘要
升级 Anthos on Bare Metal 集群。此命令会从集群配置文件中读取目标版本,并将目标集群升级到指定版本。集群配置文件中的所有其他更改都会被忽略。该命令需要 serviceusage.services.get 权限,以检查配置文件中指定的 Google Cloud 项目的 API 启用情况。
upgrade cluster [flags]
选项
--bootstrap-cluster-pod-cidr string Bootstrap cluster pod CIDR (default "192.168.122.0/24")
--bootstrap-cluster-service-cidr string Bootstrap cluster service CIDR (default "10.96.0.0/27")
-c, --cluster cluster name Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
--cluster-update-timeout duration Cluster update timeout, default value is 24h. The input should contain the duration unit, e.g. 3600s, 60m or 1h. (default 24h0m0s)
--force If true, ignore errors from preflight checks.
--gkehub-endpoint gkehub-endpoint Sets the URL endpoint for GKEHub API HTTP requests. Can be set to "prod", "staging" or "autopush". The "prod" endpoint is the default. (default prod)
-h, --help help for cluster
--ignore-validation-errors A validation error override, allowing to proceed despite the validation errors.
--kubeconfig string Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
--reuse-bootstrap-cluster If true, use existing bootstrap cluster.
--skip-bootstrap-cidr-check If true, skip checking CIDR and the number of nodes to determine whether upgrade would succeed.
如需详细了解集群升级,请参阅以下文档:
version
输出 bmctl 版本。
version [flags]
选项
-h, --help help for version
-o, --output string Output format of version string. Support version, commit.