bmctl adalah alat command line untuk Google Distributed Cloud yang menyederhanakan pembuatan dan pengelolaan cluster. Dokumen ini adalah referensi komprehensif untuk perintah bmctl dan flag terkait.
Sebelum memulai
bmctl menggunakan Kredensial Default Aplikasi (ADC)
untuk memvalidasi nilai location dalam spesifikasi cluster
(clusterOperations.location) saat tidak disetel ke global. Validasi ini diperlukan untuk banyak perintah bmctl. Agar ADC berfungsi, Anda harus melakukan salah satu hal berikut:
- Tetapkan variabel lingkungan - GOOGLE_APPLICATION_CREDENTIALSdi workstation admin Anda ke jalur file kredensial akun layanan.
- Gunakan gcloud CLI untuk kredensial pengguna Anda sebagai Kredensial Default Aplikasi (ADC): - gcloud auth application-default login
Beberapa perintah bmctl memungkinkan Anda menentukan jalur ke file kredensial dengan tanda.
cadangan
Mencadangkan informasi cluster.
Opsi
  -h, --help   help for backup
cluster cadangan
Mencadangkan cluster dan menyimpan cadangan ke dalam file tar.
backup cluster [flags]
Opsi
      --backup-file string                      path to the output backup files.
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for cluster
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
      --use-disk                                Perform the backup using the disk instead of in-memory
                                                buffer. This option only works when the command is run
                                                by the root user or with sudo.
      --yes                                     Perform the backup and do not prompt for confirmation
                                                (non-interactive mode).
Untuk mengetahui informasi selengkapnya tentang mencadangkan dan memulihkan cluster dengan bmctl, lihat
Mencadangkan dan memulihkan cluster dengan bmctl.
centang
Lakukan pemeriksaan preflight atau health check pada cluster atau infrastruktur Anda.
Opsi
  -h, --help   help for check
memeriksa add-on
Periksa kondisi operasional add-on cluster, seperti
stackdriver-log-aggregator, stackdriver-log-forwarder, dan
gke-connect-agent. 
check add-ons [flags]
Contoh
# Do a health check for add-ons
bmctl check add-ons --cluster=cluster1
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for add-ons
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
memeriksa cluster
Periksa kondisi cluster atau buat snapshot cluster.
check cluster [flags]
Contoh
# Do a health check for cluster.
bmctl check cluster --cluster=cluster1
# Take a snapshot of the cluster (requires admin cluster to be available).
bmctl check cluster --snapshot --cluster=cluster1 --admin-kubeconfig=admin-kubeconfig
# Take a snapshot of the cluster (requires admin cluster to be available) using 30 threads.
bmctl check cluster --snapshot --cluster=cluster1 --admin-kubeconfig=admin-kubeconfig --num-of-parallel-threads=30
# Take a snapshot of the cluster nodes only (does not require admin cluster to be available).
bmctl check cluster --snapshot --cluster=cluster1 --snapshot-config=snapshot-config
Opsi
      --bootstrap-cluster-pod-cidr string           Bootstrap cluster pod CIDR (default "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string       Bootstrap cluster service CIDR (default "10.96.0.0/27")
      --ca-file string                              The file contains the Node Agent server CA certificate for authenticating nodes to capture snapshots. While this flag is fully optional, when provided, nodes must also be provided.
      --cert-file string                            The file contains the Node Agent client certificate for authenticating with nodes to capture snapshots. While this flag is fully optional, when provided, nodes must also be provided.
  -c, --cluster cluster name                        Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
      --enforce-allowlist                           Enforces allowlist checking for kubectl/node commands executed as part of collecting snapshot that they are read-only. Commands not allowed will be skipped. (default true)
  -h, --help                                        help for cluster
      --ignore-validation-errors                    A validation error override, allowing to proceed despite the validation errors.
      --key-file string                             The file contains the Node Agent client private key for authenticating with nodes to capture snapshots. While this flag is fully optional, when provided, nodes must also be provided.
      --kubeconfig string                           Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
      --local                                       Save the snapshot on your workstation only. This will allow you to explicitly opt out of uploading the snapshot to Google Cloud.
      --login-user string                           The user to login to each node. This will be ignored when admin-kubeconfig is set. (default "root")
      --node-ssh-key string                         The file contains ssh key to the nodes to capture snapshots against. While this flag is fully optional, when provided, nodes must also be provided.
      --nodeagent-port int                          The Node Agent server port for the client side to connect to. This flag is optional and only applies with 'nodes' options; when provided, it will override the default port.
      --nodes strings                               The comma-separated IP address list of the nodes to capture snapshots against. While this flag is fully optional, when provided, node-ssh-key must also be provided.
      --num-of-parallel-threads int                 The number of parallel threads used for processing snapshots. Note that --snapshot-config and --num-of-parallel-threads flags cannot be used at the same time. (default 10)
      --quiet                                       During snapshot run suppress logging to stdout.  (Console log is available in 'bmctl_diagnose_snapshot.log' file part of the snapshot)
      --reuse-bootstrap-cluster                     If true, use existing bootstrap cluster.
      --service-account-key-file string             The service account key file that is needed to upload the snapshot to your Google Cloud Storage bucket and provision a dedicated Google Cloud service account for your project to facilitate snapshot sharing with Google.
                                                    Make sure that the service account key has the ability to create and list buckets and objects in your project.
                                                    We recommend creating a custom role with the following permissions and assigning this custom role to your service account:
                                                    - storage.buckets.create
                                                    - storage.buckets.get
                                                    - storage.buckets.list
                                                    - storage.objects.create
                                                    - resourcemanager.projects.get
                                                    Note that all the storage permissions fall under the "roles/storage.admin" IAM role. You can also use that role, but it is too powerful and is not recommended
                                                    Note that:
                                                    - this flag is defaulted to the environment variable GOOGLE_APPLICATION_CREDENTIALS, if not provided.
                                                    - this flag is ignored, if "--upload-to" flag is empty.
      --since duration                              This Only returns logs newer than a relative duration like 5s, 4m, or 3h. It defaults to all logs.
      --snapshot                                    Takes a snapshot of the cluster's logs, configurations and other data if true.
                                                    Note that if a service account key is provided either throuh the flag --service-account-key-file or GOOGLE_APPLICATION_CREDENTIALS, the snapshot will be automatically uploaded to your Google Cloud Storage bucket. Also, a dedicated Google Cloud service account for your project will be provisioned for your project to facilitate snapshot sharing with Google.
                                                    Use --local to opt out of snapshot uploading.
      --snapshot-config --enforce_allowlist=false   The config file of the snapshot. When this flag is omitted, a default configuration is applied. An allowlist enforcing read-only commands is in effect by default, to bypass it specify --enforce_allowlist=false option. Note that --snapshot-config and --num-of-parallel-threads flags cannot be used at the same time.
      --snapshot-dry-run                            In dry-run mode, the command does not take the snapshot. Instead, it prints out the actions to be taken and the snapshot configuration.
      --snapshot-output string                      The output file of the snapshot.
      --snapshot-scenario string                    The scenario of the snapshot. This is ignored when --config flag is specified. The supported scenarios are:
                                                    - system: snapshot of system components, including their logs
                                                    - all: snapshot of all pods, including their logs (default "system")
      --snapshot-temp-output-dir string             The temporary landing directory for snapshot.
      --upload-to string                            The Google Cloud Storage bucket name for uploading the snapshot. A new bucket will be created if it doesn't exist. Please follow the naming guidelines here(https://cloud.google.com/storage/docs/naming-buckets).
periksa konfigurasi
Periksa file konfigurasi cluster.
check config [flags]
Contoh
# Do check for cluster1.yaml file
bmctl check config --cluster=cluster1
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for config
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
periksa gcp
Konektivitas cluster ke health check Google Cloud.
check gcp [flags]
Contoh
# Do a machines' Google Cloud connectivity health check for cluster
bmctl check gcp --cluster=cluster1
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for gcp
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
periksa kubernetes
Pemeriksaan kondisi Kubernetes.
check kubernetes [flags]
Contoh
# Do a kubernetes health check for cluster
bmctl check kubernetes --cluster=cluster1
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for kubernetes
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
memeriksa node
Periksa kondisi node.
check nodes [flags]
Contoh
# Do a health check for some provisioned nodes
bmctl check nodes --addresses=192.168.0.1,192.168.0.4
Opsi
      --addresses strings                       Node addresses, addresses should be a comma separated
                                                list, each address needs be a single IP address(e.g.,
                                                192.168.0.1)
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for nodes
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
periksa preflight
Pemeriksaan preflight.
Synopsis
Pemeriksaan preflight.
check preflight [flags]
Contoh
# Do a preflight check for cluster1.yaml in bmctl-workspace/cluster1
bmctl check preflight --cluster=cluster1
# If kubeconfig flag (for example, --kubeconfig=bmctl-workspace/cluster1/cluster1-kubeconfig) is
# included, the command will trigger a preflight check for upgrading the cluster
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for preflight
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
check vmruntimepfc
Pemeriksaan pra-penerbangan VM Runtime untuk GDC.
check vmruntimepfc [flags]
Contoh
# Do vmruntime preflight check,
    bmctl check vmruntimepfc --kubeconfig=$KUBECONFIG
Opsi
  -h, --help                help for vmruntimepfc
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
Untuk mengetahui informasi selengkapnya tentang pemeriksaan preflight, lihat Memahami pemeriksaan preflight.
konfigurasi
Konfigurasi akun layanan dan peran IAM serta aktifkan API di Google Cloud untuk autentikasi cluster identitas beban kerja.
Opsi
  -h, --help   help for configure
mengonfigurasi project
Mengonfigurasi binding kebijakan IAM untuk autentikasi cluster workload identity. Membuat akun layanan yang diperlukan dan mengaktifkan API yang diperlukan.
configure projects [flags]
Opsi
      --admin-cluster string                admin cluster name
      --cloud-ops-service-account string    cloud ops service account
      --controller-service-account string   controller GCP service account
      --gcr-service-account string          GCR image pull service account
  -h, --help                                help for projects
      --location string                     GKE hub membership location (default "global")
      --project-id string                   GCP project used in GKE connect
      --proxy-url string                    proxy URL for accessing GCP services. If not specified,
                                            bmctl looks for env variables HTTPS_PROXY and HTTP_PROXY
      --user-clusters string                one or more comma-delimited user cluster names
Untuk mengetahui informasi selengkapnya tentang cara mengaktifkan dan menggunakan autentikasi cluster workload identity, lihat Autentikasi cluster workload identity.
buat
Buat file konfigurasi cluster, cluster, atau akun layanan Kubernetes (KSA).
Opsi
  -h, --help   help for create
buat cluster
Buat cluster dari file konfigurasi cluster.
Synopsis
Buat resource Google Distributed Cloud. Perintah ini akan memancarkan kubeconfig cluster yang dibuat. Pastikan untuk menjaga keamanan file ini karena berisi kredensial untuk cluster Anda. Perintah ini memerlukan izin serviceusage.services.get untuk memeriksa pengaktifan API untuk project Google Cloud Anda.
create cluster [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
      --force                                   If true, ignore errors from preflight checks and
                                                validation except for Google Cloud check errors.
  -h, --help                                    help for cluster
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
Untuk mengetahui informasi selengkapnya tentang cara membuat cluster, lihat Ringkasan pembuatan cluster.
buat konfigurasi
Buat file konfigurasi cluster. Secara default, file ini dibuat di folder bmctl-workspace/<cluster_name>.
create config [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
      --create-service-accounts                 Auto create GCP service accounts keys, if they do not
                                                already exist in workspace
      --enable-apis                             Auto enable APIs used by Bare Metal cluster,
                                                for the GCP Project specified by project-id flag
      --force                                   Overwrite existing config
  -h, --help                                    help for config
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --project-id string                       GCP project where the new cluster will connect with
                                                via GKE hub and stackdriver logging/monitoring,
                                                required if --create-service-accounts or
                                                --enable-apis is true
      --proxy-url string                        Proxy URL for accessing GCP services. If not
                                                specified, bmctl will look for env variable
                                                HTTPS_PROXY and HTTP_PROXY
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
create ksa
Buat akun layanan Kubernetes dengan peran cluster-admin dari cluster target.
Nama default akun layanan Kubernetes adalah kubernetes-service-account, sehingga tanda --name bersifat opsional.
Perintah ini akan menghasilkan token pembawa yang dapat Anda gunakan untuk login ke cluster.
Secara default, token pembawa disimpan di folder bmctl-workspace/<cluster_name>.
create ksa [flags]
Opsi
  -c, --cluster string      Cluster name, cluster config is expected to be placed under
                            <workspace dir>/<cluster name>/<cluster name>.yaml.
  -h, --help                help for ksa
      --ksa-name string     Name of the kubernetes service account and default value is
                            kubernetes-service-account. (default "kubernetes-service-account")
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
nonaktifkan
Menonaktifkan Runtime GVM untuk GDC di cluster.
Opsi
  -h, --help   help for disable
disable vmruntime
Menonaktifkan VM Runtime untuk GDC di cluster.
disable vmruntime [flags]
Opsi
      --force               If true, delete all VM resources and disable vmruntime.
  -h, --help                help for vmruntime
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
Untuk mengetahui informasi selengkapnya tentang cara mengaktifkan dan menonaktifkan VM Runtime di GDC, lihat Mengaktifkan atau menonaktifkan VM Runtime di GDC.
aktifkan
Aktifkan VM Runtime untuk GDC di cluster.
Opsi
  -h, --help   help for enable
enable vmruntime
Aktifkan VM Runtime untuk GDC di cluster.
enable vmruntime [flags]
Opsi
  -h, --help                help for vmruntime
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
Untuk mengetahui informasi selengkapnya tentang cara mengaktifkan dan menonaktifkan VM Runtime di GDC, lihat Mengaktifkan atau menonaktifkan VM Runtime di GDC.
get
Mendapatkan konfigurasi cluster atau kredensial cluster.
Opsi
  -h, --help   help for get
mendapatkan konfigurasi
Dapatkan file konfigurasi cluster. Perintah ini menarik resource kustom cluster target dan mengeluarkan file konfigurasi.
get config [flags]
Opsi
  -c, --cluster string      Cluster name, cluster config is expected to be placed under
                            <workspace dir>/<cluster name>/<cluster name>.yaml.
  -h, --help                help for config
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
Untuk mengetahui informasi selengkapnya, lihat Mendapatkan detail konfigurasi cluster.
mendapatkan kredensial
Dapatkan kredensial cluster target. Perintah ini akan membuat file kubeconfig di folder <workspace dir>/<cluster name> di workstation admin.
get credentials [flags]
Opsi
  -c, --cluster string      Cluster name, cluster config is expected to be placed under
                            <workspace dir>/<cluster name>/<cluster name>.yaml.
  -h, --help                help for credentials
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
Untuk mengetahui informasi selengkapnya, lihat Mendapatkan kredensial cluster.
menginstal
Melakukan operasi penginstalan software.
Opsi
  -h, --help   help for install
instal virtctl
Instal virtctl ke mesin saat ini sebagai plugin kubectl. Plugin virtctl mendukung operasi VM dasar, seperti membuat, menghubungkan, dan mengubah status daya.
install virtctl [flags]
Opsi
  -d, --dst-dir string   The dir virtctl binary to be installed, this path must be a valid one within
                          PATH env variable
  -h, --help             help for virtctl
move
Memindahkan resource Google Distributed Cloud dan semua dependensi antar-cluster pengelolaan.
- Namespace cluster target dapat berisi resource tambahan, resource yang bertentangan akan diganti.
move [flags]
Opsi
      --cluster-move-timeout duration     Cluster move timeout, default value is 15m. The input should
                                          contain the duration unit, e.g. 3600s, 60m or 1h. (default
                                          15m0s)
      --from-kubeconfig string            kubeconfig file path for the source management cluster. If
                                          unspecified, will use the default discovered kubeconfig.
      --from-kubeconfig-context string    Context to be used within the kubeconfig file for the source
                                          management cluster. If empty, current context will be used.
  -h, --help                              help for move
  -n, --namespace string                  The namespace where the cluster resources are stored. If
                                          unspecified, the current context's namespace is used.
      --to-kubeconfig string              kubeconfig file path for the destination management cluster.
      --to-kubeconfig-context string      Context to be used within the kubeconfig file for the
                                          destination management cluster. If empty, current context
                                          will be used.
nodeagent
Kelola deployment Agen Node.
Synopsis
Menyediakan perintah untuk mengelola layanan Agen Node pada node cluster.
Opsi
  -h, --help   help for nodeagent
nodeagent deploy
Deploy dengan SSH Node Agent Service ke node yang ditentukan.
Synopsis
Deploy layanan Node Agent ke satu atau beberapa node target dalam cluster tertentu menggunakan SSH.
Perintah ini dapat menginstal atau menginstal ulang Agen Node. Skrip ini terhubung melalui SSH dan melakukan langkah-langkah yang diperlukan, termasuk mentransfer biner, secara opsional membuat dan mentransfer sertifikat, serta menyiapkan layanan systemd.
Tindakan ini memerlukan akses SSH dan hak istimewa sudo di node target.
Perintah ini menangani penyiapan awal Node Agent dan pemulihannya.
Target node dapat ditentukan dengan beberapa cara: secara langsung menggunakan tanda --nodes, melalui file konfigurasi cluster menggunakan tanda --cluster, atau dengan merujuk resource kustom cluster.
nodeagent deploy [flags]
Opsi
      --cluster string             Name of the target cluster (required).
      --concurrency int            Number of parallel node deployments. (default 25)
      --deploy-creds               Deploy the server certificate, private key and client CA to nodes. (default true)
      --enforce-host-key-verify    Verifies the remote host's SSH key against known_hosts (recommended). (default true)
      --generate-ca-creds          Generate necessary CAs and client credentials for Node Agent.
  -h, --help                       help for deploy
      --key-algorithm string       The private key algorithm for the CA, client certificatem and server certificate. (default "rsa")
      --key-length int             The private key length for the CA, client certificate and server certificate. (default 4096)
      --kubeconfig string          Path to the cluster kubeconfig.
      --nodeagent-version string   The Node Agent version to pull. (default "0.0.0-gke.0")
      --nodes strings              List of node IPs to deploy to (comma-delimited).
      --non-interactive            Run non-interactively, skipping all user prompts.
      --port string                The Node Agent port. (default "9192")
      --pull-binaries              Download Node Agent binaries.
      --sa-key string              Path to the service account key to pull from GCS and GCR.
      --server-cert-validity int   The validity for the server certificate. (default 1825)
      --ssh-key string             Path to the SSH private key file. (default "~/.ssh/id_rsa")
      --ssh-user string            SSH username for connecting to nodes. (default "root")
nodeagent enable
Mengaktifkan mode Agen Node untuk cluster yang sedang berjalan.
Synopsis
Mengaktifkan mode Agen Node untuk cluster.
Perintah ini mengubah konfigurasi cluster dan juga membuat atau memperbarui kredensial terkait yang diperlukan agar mode ini berfungsi.
Saat mode Agen Node aktif, pengelolaan cluster ditangani oleh Agen Node yang berjalan langsung di setiap node.
nodeagent enable [flags]
Opsi
      --client-ca-key-path string   Path for the client certificate key file.
      --client-ca-path string       Path for the client ca certificate file.
      --client-cert-path string     Path for the client cacertificate file.
      --client-key-path string      Path for the client private key file.
  -c, --cluster string              Name of the target cluster (required).
      --ensure-status               Ensure Node Agent running status on all node in the cluster. (default true)
  -h, --help                        help for enable
  -k, --kubeconfig string           Path to the kubeconfig file (required).
      --port string                 The Node Agent port. (default "9192")
      --server-ca-key-path string   Path for the server ca key file.
      --server-ca-path string       Path for the server ca file.
nodeagent rotate-credentials
Merotasi kredensial Agen Node pada node tertentu menggunakan SSH dan dalam cluster.
Synopsis
Memutar kredensial nodeagentd di satu atau beberapa node target menggunakan SSH. Perintah ini juga memperbarui kredensial Agen Node yang sesuai yang disimpan dalam cluster.
Perintah ini dapat menggilir kredensial Agen Node. Tindakan ini memerlukan akses SSH dan hak istimewa sudo di node target.
Target node dapat ditentukan dengan beberapa cara: secara langsung menggunakan tanda --nodes, melalui file konfigurasi cluster menggunakan tanda --cluster, atau dengan merujuk resource kustom cluster.
nodeagent rotate-credentials [flags]
Opsi
      --cluster string             Name of the target cluster (required).
      --concurrency int            Number of parallel node deployments. (default 25)
      --enforce-host-key-verify    Verify remote host's SSH key against known_hosts. (default true)
      --generate-ca-creds          Generate necessary CAs and client credentials for Node Agent.
  -h, --help                       help for rotate-credentials
      --key-algorithm string       The private key algorithm for the CA, client certificatem and server certificate. (default "rsa")
      --key-length int             The private key length for the CA, client certificate and server certificate. (default 4096)
      --kubeconfig string          Path to the cluster kubeconfig.
      --nodes strings              List of node IPs to deploy to (comma-delimited).
      --non-interactive            Run non-interactively, skipping all user prompts.
      --server-cert-validity int   The validity for the server certificate. (default 1825)
      --ssh-key string             Path to the SSH private key file. (default "~/.ssh/id_rsa")
      --ssh-user string            SSH username for connecting to nodes. (default "root")
status nodeagent
Periksa status berjalan Node Agent di node cluster.
Synopsis
Periksa status berjalan Node Agent di node cluster.
Target node dapat ditentukan dengan beberapa cara: secara langsung menggunakan tanda --nodes, melalui file konfigurasi cluster menggunakan tanda --cluster, atau dengan merujuk resource kustom cluster.
nodeagent status [flags]
Opsi
      --client-cert-path string   Path for the client certificate file.
      --client-key-path string    Path for the client private key file.
  -c, --cluster string            Name of the target cluster (required).
  -h, --help                      help for status
  -k, --kubeconfig string         Path to the kubeconfig file.
      --nodes strings             List of node IPs to deploy to (comma-delimited).
      --port string               The Node Agent port. (default "9192")
      --server-ca-path string     Path for the server ca file.
push
Kirim image Docker ke registry pribadi.
Opsi
  -h, --help   help for push
mendorong gambar
Kirim file tar image container lokal ke registry pribadi.
push images [flags]
Opsi
      --cacert string             Private registry CA certificate file path.
      --dry-run                   Dry run.
      --email string              Email for private registry.
      --force-push                If set to true, will always push images even if images already exist
                                  in registry.
      --format string             Format of images in the source file. Should be one of tarball or oci
                                  (default). (default "oci")
  -h, --help                      help for images
      --need-credential           Whether credential is needed for private registry. (default true)
      --password string           Password for private registry authentication.
  -r, --private-registry string   Private registry path that stores all bare metal images.
                                  Format should be <registry-name>/<optional-registry-namespace>.
      --source string             Path to bare metal container images compressed file.
  -t, --threads int               Push images with multiple threads. (default 4)
      --username string           Username for private registry authentication.
Untuk mengetahui informasi tentang cara menyiapkan dan menggunakan mirror registry untuk image container bare metal, lihat Menggunakan mirror registry untuk image container.
register
Mendaftarkan resource.
Opsi
  -h, --help   help for register
register bootstrap
Daftarkan cluster bootstrap ke Hub API.
Synopsis
Daftarkan cluster bootstrap ke Hub API. Perintah ini mendaftarkan cluster Kind lokal sebagai cluster admin. Perintah menunggu cluster dibuat di konsol Google Cloud dan keluar setelah cluster berhasil dibuat.
register bootstrap [flags]
Opsi
      --bootstrap-cluster-pod-cidr string               Bootstrap cluster pod CIDR (default
                                                        "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string           Bootstrap cluster service CIDR (default
                                                        "10.96.0.0/27")
      --cloud-operation-service-account-key string      Optional, service account key file used to
                                                        access Google cloud service, service account
                                                        key specified by environment variable
                                                        GOOGLE_APPLICATION_CREDENTIALS will be used to
                                                        fetch or create the Service account.
      --enable-apis                                     Auto enable APIs used by bare metal
                                                        cluster, for the GCP Project specified by
                                                        project-id flag
      --gcr-service-account-key string                  Optional, service account key file used to
                                                        pull Artifact Registry images, service account key
                                                        specified by environment variable
                                                        GOOGLE_APPLICATION_CREDENTIALS will be used to
                                                        fetch or create the Service account.
      --gke-agent-service-account-key string            Optional, service account key file used to
                                                        connect the GKE cluster in Google Cloud,
                                                        service account key specified by environment
                                                        variable GOOGLE_APPLICATION_CREDENTIALS will
                                                        be used to fetch or create the Service
                                                        account.
      --gke-register-service-account-key string         Optional, service account key file used to
                                                        register the cluster in Google Cloud, service
                                                        account key specified by environment variable
                                                        GOOGLE_APPLICATION_CREDENTIALS will be used to
                                                        fetch or create the Service account.
  -h, --help                                            help for bootstrap
      --ignore-validation-errors                        A validation error override, allowing to
                                                        proceed despite the validation errors.
      --location string                                 Optional, Location of the GKEHub Membership,
                                                        e.g. us-central1. If unspecified, global will
                                                        be used. (default "global")
      --name string                                     Mandatory (either --name or
                                                        --target-cluster-name needs to be provided),
                                                        Name of the bootstrap cluster. bmctl will
                                                        register the bootstrap cluster with this name
                                                        with GKE Connect.
      --project-id string                               Optional, GCP project for GKE Connect. bmctl
                                                        will register this bootstrap cluster into GCP
                                                        project temporarily, and un-register it after
                                                        cluster is provisioned successfully.
      --registry-mirror-ca string                       Registry mirror CA file.
      --registry-mirror-credential string               Registry mirror credential file.
      --registry-mirror-endpoint string                 Registry mirror endpoint.
      --reuse-bootstrap-cluster                         If true, use existing bootstrap cluster.
      --ssh-client-cert string                          Optional, Path of the SSH certificate. ABM
                                                        will use this ssh key certificate while sshing
                                                        in the machines.
      --ssh-key string                                  Mandatory, Path of the SSH key. ABM will use
                                                        this ssh key while sshing in the machines.
      --target-cluster-name string                      Optional, The target cluster name.
reset
Reset mesin cluster ke status sebelum penginstalan.
Synopsis
Perintah ini mencoba mengurungkan perubahan yang dilakukan pada upaya penginstalan sebelumnya. Ini adalah upaya terbaik yang dimaksudkan untuk digunakan untuk memulihkan dari kegagalan penginstalan sebagian.
reset [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for reset
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
reset bootstrap
Hapus cluster bootstrap.
reset bootstrap [flags]
Contoh
bmctl reset bootstrap
Opsi
  -h, --help   help for bootstrap
reset node
Mereset node tertentu dalam cluster ke status pra-instal dengan menghapusnya dari cluster. Jika node tidak dapat diakses, Anda dapat menggunakan
opsi --force untuk melewati langkah reset. Jika bidang kontrol cluster tidak dapat diakses, Anda dapat menggunakan opsi --ssh-private-key-path, --login-user, dan --gcr-service-account-key untuk mereset node yang ditentukan ke status pra-instal tanpa menghapusnya dari cluster.
reset nodes [flags]
Contoh
bmctl reset nodes --addresses 10.200.0.10,10.200.0.11 --cluster cluster1 --kubeconfig admin-kubeconfig
Opsi
      --addresses strings                       Node addresses, addresses should be a comma separated list, each address needs be a single IP address(e.g., 192.168.0.1)
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed under <workspace dir>/<cluster name>/<cluster name>.yaml
      --force                                   Optional. If provided, nodes will be forcefully removed from the cluster without running reset jobs.
      --gcr-service-account-key string          Optional, path to the service account json key to pull gcr images. Mutually exclusive with --cluster flag. If not provided, the environment variable GOOGLE_APPLICATION_CREDENTIALS will be used.
  -h, --help                                    help for nodes
      --ignore-validation-errors                A validation error override, allowing to proceed despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin cluster. IF not provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
      --login-user string                       login user to use to connect to the nodes. Mutually exclusive with --cluster flag. Optional and should be used together with --ssh-private-key-path. Default to root.
      --registry-mirror-ca string               Registry mirror CA file.
      --registry-mirror-credential string       Registry mirror credential file.
      --registry-mirror-endpoint string         Registry mirror endpoint.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
      --ssh-private-key-path string             path to the ssh private key to connect to the nodes. Either --cluster or --ssh-private-key-path should be provided, but not both. Use this flag to reset the machines if the original cluster yaml is no longer available.
Untuk mengetahui informasi selengkapnya tentang penggunaan bmctl reset nodes untuk mengembalikan node cluster ke
status pra-penginstalan atau menghapus cluster, lihat
Mereset node yang gagal di Google Distributed Cloud.
pulihkan
Memulihkan cluster atau mencoba mendapatkan kembali kuorum untuk cluster.
Synopsis
Pulihkan cluster. Jika digunakan tanpa sub-perintah cluster, perintah ini akan mencoba memulihkan cluster ketersediaan tinggi dari hilangnya kuorum. Jika digunakan dengan sub-perintah cluster, perintah ini akan memulihkan cluster dari file cadangan.
restore [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be
                                                placed under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
      --control-plane-node string               IP for the surviving host address, should be a
                                                single IP address(e.g., 192.168.0.1).
  -h, --help                                    help for restore
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       kubeconfig file path for the management cluster. This
                                                only needs to be provided if restoring a broken user
                                                cluster.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
memulihkan cluster
Memulihkan cluster dari file cadangan.
restore cluster [flags]
Opsi
      --backup-file string                      path to the backup file of the cluster.
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for cluster
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       path to the kubeconfig of the management cluster.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
      --use-disk                                Perform the restore using the disk instead of
                                                in-memory buffer. This option only works when the
                                                command is run by the root user or with sudo.
Untuk mengetahui informasi selengkapnya tentang mencadangkan dan memulihkan cluster dengan bmctl, lihat
Mencadangkan dan memulihkan cluster dengan bmctl.
update
Perbarui resource cluster.
Opsi
  -h, --help   help for update
update cluster
Perbarui konfigurasi cluster dan node pool. Perintah ini menerapkan perubahan yang dibuat dalam file konfigurasi cluster. Secara default, file konfigurasi, <cluster_name>.yaml disimpan di folder bmctl-workspace/<cluster_name>/ di workstation admin.
update cluster [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
  -h, --help                                    help for cluster
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
Untuk mengetahui informasi selengkapnya tentang cara mengupdate cluster dengan bmctl, lihat
Mengupdate cluster. Untuk melihat file konfigurasi cluster mana yang dapat diubah, lihat
Referensi kolom konfigurasi cluster.
perbarui kredensial
Perbarui kredensial cluster.
Synopsis
Perbarui kredensial cluster. Perintah ini memperbarui kredensial cluster admin dan kredensial cluster pengguna yang dikelola oleh cluster admin.
update credentials [flags]
Opsi
      --bootstrap-cluster-pod-cidr string                     Bootstrap cluster pod CIDR (default
                                                              "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string                 Bootstrap cluster service CIDR (default
                                                              "10.96.0.0/27")
      --cloud-operations-service-account-key-path string      New credential: path to cloud operations
                                                              service account  key.
  -c, --cluster cluster name                                  Cluster name, cluster config is expected
                                                              to be placed under
                                                              <workspace dir>/<cluster name>/<cluster name>.yaml
      --gcr-key-path string                                   New credential: path to GCR service
                                                              account key.
      --gke-connect-agent-service-account-key-path string     New credential: path to gke connect
                                                              agent service account key.
      --gke-connect-register-service-account-key-path string  New credential: path to gke connect
                                                              register service account key.
  -h, --help                                                  help for credentials
      --ignore-validation-errors                              A validation error override, allowing
                                                              to proceed despite the validation errors.
      --kubeconfig string                                     Optional, path to the kubeconfig file
                                                              for the admin cluster. IF not provided,
                                                              will fall back to read env var
                                                              ANTHOS_ADMIN_KUBECONFIG.
      --node-agent-client-cert-path string                    New credential: path to Node Agent
                                                              client certificates.
      --node-agent-client-private-key-path string             New credential: path to Node Agent
                                                              client private key.
      --node-agent-server-ca-path string                      New credential: path to Node Agent
                                                              server CA.
      --reuse-bootstrap-cluster                               If true, use existing bootstrap cluster.
      --ssh-private-key-path string                           New credential: path to ssh private key.
update credentials certificate-authorities
Perbarui certificate authority di cluster.
Opsi
  -h, --help   help for certificate-authorities
Opsi yang diwarisi dari perintah induk
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
update credentials certificate-authorities rotate
Merotasi certificate authority.
update credentials certificate-authorities rotate [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
      --cluster-ca-cert-path string             New credential: path to custom cluster CA certificate.
      --cluster-ca-private-key-path string      New credential: path to custom cluster CA private key.
      --etcd-ca-cert-path string                New credential: path to custom etcd CA certificate.
      --etcd-ca-private-key-path string         New credential: path to custom etcd CA private key.
      --front-proxy-ca-cert-path string         New credential: path to custom front proxy CA
                                                certificate.
      --front-proxy-ca-private-key-path string  New credential: path to custom front proxy CA private
                                                key.
  -h, --help                                    help for rotate
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
````
#### Options inherited from parent commands
```none
      --kubeconfig string   Optional, path to the kubeconfig file for the admin cluster. IF not
                            provided, will fall back to read env var ANTHOS_ADMIN_KUBECONFIG.
upgrade
Mengupgrade cluster di tempat ke versi baru.
Opsi
  -h, --help   help for upgrade
upgrade cluster
Mengupgrade cluster.
Synopsis
Mengupgrade cluster. Perintah ini membaca versi target dari file konfigurasi cluster dan mengupgrade cluster target ke versi yang ditentukan. Semua perubahan lain dalam file konfigurasi cluster akan diabaikan. Perintah ini memerlukan izin serviceusage.services.get untuk memeriksa pengaktifan API untuk project Google Cloud yang ditentukan dalam file konfigurasi.
upgrade cluster [flags]
Opsi
      --bootstrap-cluster-pod-cidr string       Bootstrap cluster pod CIDR (default
                                                "192.168.122.0/24")
      --bootstrap-cluster-service-cidr string   Bootstrap cluster service CIDR (default
                                                "10.96.0.0/27")
  -c, --cluster cluster name                    Cluster name, cluster config is expected to be placed
                                                under
                                                <workspace dir>/<cluster name>/<cluster name>.yaml
      --cluster-update-timeout duration         Cluster update timeout, default value is 24h. The
                                                input should contain the duration unit, e.g. 3600s,
                                                60m or 1h. (default 24h0m0s)
      --force                                   If true, ignore errors from preflight checks.
  -h, --help                                    help for cluster
      --ignore-validation-errors                A validation error override, allowing to proceed
                                                despite the validation errors.
      --kubeconfig string                       Optional, path to the kubeconfig file for the admin
                                                cluster. IF not provided, will fall back to read env
                                                var ANTHOS_ADMIN_KUBECONFIG.
      --reuse-bootstrap-cluster                 If true, use existing bootstrap cluster.
      --skip-bootstrap-cidr-check               If true, skip checking CIDR and the number of nodes
                                                to determine whether upgrade would succeed.
      --skip-preflight                          If true, skip standalone preflight checks.
upgrade intermediate-version
Mencetak versi perantara yang akan diupgrade cluster terlebih dahulu saat melakukan upgrade melewati versi minor.
Synopsis
Mencetak versi perantara yang akan diupgrade cluster terlebih dahulu saat melakukan upgrade melewati versi minor.
Lewati upgrade versi minor memungkinkan cluster diupgrade dua versi minor. Cluster di 1.31.x yang diupgrade ke 1.33.z akan mengikuti jalur upgrade 1.31.x -> 1.32.y -> 1.33.z dengan 1.32.y adalah versi perantara.
upgrade intermediate-version [flags]
Opsi
  -h, --help   help for intermediate-version
Untuk mengetahui informasi selengkapnya tentang upgrade cluster, lihat dokumentasi berikut:
- Mengupgrade cluster
- Praktik terbaik untuk upgrade cluster Google Distributed Cloud
- Siklus proses dan tahapan upgrade cluster
versi
Mencetak versi bmctl
version [flags]
Opsi
  -h, --help            help for version
  -o, --output string   Output format of version string. Supported options: [version, commit,
                        metadata-digest]