10-Pod的基础管理下篇(标签管理)
一、什么是标签
所谓的标签就是用于为K8S集群的资源做标识,将来基于这个标签进行管理。
K8S一切皆资源,几乎K8S所有资源都支持标签进行管理。
二、查看K8S集群所有资源
[root@master231 pods]# kubectl api-resources
NAME SHORTNAMES APIVERSION NAMESPACED KIND
bindings v1 true Binding
componentstatuses cs v1 false ComponentStatus
configmaps cm v1 true ConfigMap
endpoints ep v1 true Endpoints
events ev v1 true Event
limitranges limits v1 true LimitRange
namespaces ns v1 false Namespace
nodes no v1 false Node
persistentvolumeclaims pvc v1 true PersistentVolumeClaim
persistentvolumes pv v1 false PersistentVolume
pods po v1 true Pod
podtemplates v1 true PodTemplate
replicationcontrollers rc v1 true ReplicationController
resourcequotas quota v1 true ResourceQuota
secrets v1 true Secret
serviceaccounts sa v1 true ServiceAccount
services svc v1 true Service
mutatingwebhookconfigurations admissionregistration.k8s.io/v1 false MutatingWebhookConfiguration
validatingwebhookconfigurations admissionregistration.k8s.io/v1 false ValidatingWebhookConfiguration
customresourcedefinitions crd,crds apiextensions.k8s.io/v1 false CustomResourceDefinition
apiservices apiregistration.k8s.io/v1 false APIService
controllerrevisions apps/v1 true ControllerRevision
daemonsets ds apps/v1 true DaemonSet
deployments deploy apps/v1 true Deployment
replicasets rs apps/v1 true ReplicaSet
statefulsets sts apps/v1 true StatefulSet
tokenreviews authentication.k8s.io/v1 false TokenReview
localsubjectaccessreviews authorization.k8s.io/v1 true LocalSubjectAccessReview
selfsubjectaccessreviews authorization.k8s.io/v1 false SelfSubjectAccessReview
selfsubjectrulesreviews authorization.k8s.io/v1 false SelfSubjectRulesReview
subjectaccessreviews authorization.k8s.io/v1 false SubjectAccessReview
horizontalpodautoscalers hpa autoscaling/v2 true HorizontalPodAutoscaler
cronjobs cj batch/v1 true CronJob
jobs batch/v1 true Job
certificatesigningrequests csr certificates.k8s.io/v1 false CertificateSigningRequest
leases coordination.k8s.io/v1 true Lease
bgpconfigurations crd.projectcalico.org/v1 false BGPConfiguration
bgppeers crd.projectcalico.org/v1 false BGPPeer
blockaffinities crd.projectcalico.org/v1 false BlockAffinity
caliconodestatuses crd.projectcalico.org/v1 false CalicoNodeStatus
clusterinformations crd.projectcalico.org/v1 false ClusterInformation
felixconfigurations crd.projectcalico.org/v1 false FelixConfiguration
globalnetworkpolicies crd.projectcalico.org/v1 false GlobalNetworkPolicy
globalnetworksets crd.projectcalico.org/v1 false GlobalNetworkSet
hostendpoints crd.projectcalico.org/v1 false HostEndpoint
ipamblocks crd.projectcalico.org/v1 false IPAMBlock
ipamconfigs crd.projectcalico.org/v1 false IPAMConfig
ipamhandles crd.projectcalico.org/v1 false IPAMHandle
ippools crd.projectcalico.org/v1 false IPPool
ipreservations crd.projectcalico.org/v1 false IPReservation
kubecontrollersconfigurations crd.projectcalico.org/v1 false KubeControllersConfiguration
networkpolicies crd.projectcalico.org/v1 true NetworkPolicy
networksets crd.projectcalico.org/v1 true NetworkSet
endpointslices discovery.k8s.io/v1 true EndpointSlice
events ev events.k8s.io/v1 true Event
flowschemas flowcontrol.apiserver.k8s.io/v1beta2 false FlowSchema
prioritylevelconfigurations flowcontrol.apiserver.k8s.io/v1beta2 false PriorityLevelConfiguration
ingressclasses networking.k8s.io/v1 false IngressClass
ingresses ing networking.k8s.io/v1 true Ingress
networkpolicies netpol networking.k8s.io/v1 true NetworkPolicy
runtimeclasses node.k8s.io/v1 false RuntimeClass
apiservers operator.tigera.io/v1 false APIServer
imagesets operator.tigera.io/v1 false ImageSet
installations operator.tigera.io/v1 false Installation
tigerastatuses operator.tigera.io/v1 false TigeraStatus
poddisruptionbudgets pdb policy/v1 true PodDisruptionBudget
podsecuritypolicies psp policy/v1beta1 false PodSecurityPolicy
bgpconfigurations bgpconfig,bgpconfigs projectcalico.org/v3 false BGPConfiguration
bgppeers projectcalico.org/v3 false BGPPeer
blockaffinities blockaffinity,affinity,affinities projectcalico.org/v3 false BlockAffinity
caliconodestatuses caliconodestatus projectcalico.org/v3 false CalicoNodeStatus
clusterinformations clusterinfo projectcalico.org/v3 false ClusterInformation
felixconfigurations felixconfig,felixconfigs projectcalico.org/v3 false FelixConfiguration
globalnetworkpolicies gnp,cgnp,calicoglobalnetworkpolicies projectcalico.org/v3 false GlobalNetworkPolicy
globalnetworksets projectcalico.org/v3 false GlobalNetworkSet
hostendpoints hep,heps projectcalico.org/v3 false HostEndpoint
ipamconfigurations ipamconfig projectcalico.org/v3 false IPAMConfiguration
ippools projectcalico.org/v3 false IPPool
ipreservations projectcalico.org/v3 false IPReservation
kubecontrollersconfigurations projectcalico.org/v3 false KubeControllersConfiguration
networkpolicies cnp,caliconetworkpolicy,caliconetworkpolicies projectcalico.org/v3 true NetworkPolicy
networksets netsets projectcalico.org/v3 true NetworkSet
profiles projectcalico.org/v3 false Profile
clusterrolebindings rbac.authorization.k8s.io/v1 false ClusterRoleBinding
clusterroles rbac.authorization.k8s.io/v1 false ClusterRole
rolebindings rbac.authorization.k8s.io/v1 true RoleBinding
roles rbac.authorization.k8s.io/v1 true Role
priorityclasses pc scheduling.k8s.io/v1 false PriorityClass
csidrivers storage.k8s.io/v1 false CSIDriver
csinodes storage.k8s.io/v1 false CSINode
csistoragecapacities storage.k8s.io/v1beta1 true CSIStorageCapacity
storageclasses sc storage.k8s.io/v1 false StorageClass
volumeattachments storage.k8s.io/v1 false VolumeAttachment
三、响应式打标签
1.查看现有的Pod的标签
[root@master231 pods]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-resources 1/1 Running 0 161m <none>
2.为Pod打标签
[root@master231 pods]# kubectl label pods xiuxian-resources apps=test address=changping
pod/xiuxian-resources labeled
[root@master231 pods]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-resources 1/1 Running 0 161m apps=test,address=changping
3.修改标签
[root@master231 pods]# kubectl label pods xiuxian-resources apps=test address=beijing --show-labels
4.删除标签
[root@master231 pods]# kubectl label pods xiuxian-resources apps-
pod/xiuxian-resources unlabeled
四、声明式管理标签
1.官方编写说明
[root@master231 mytest]# kubectl explain po.metadata.labels
KIND: Pod
VERSION: v1
FIELD: labels <map[string]string>
DESCRIPTION:
Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services. More info: http://kubernetes.io/docs/user-guide/labels
2.创建标签
2.1 编写资源清单
[root@master231 pods]# cat 09-pods-labels.yaml
apiVersion: v1
kind: Pod
metadata:
name: xiuxian-labels
# 为资源打标签,可以自定义键值对,将来可以基于标签进行过滤
labels:
apps: xiuxian
spec:
nodeName: worker233
containers:
- image: dezyan/gametest:gametest
name: c1
resources:
requests:
cpu: 0.5
memory: 1Gi
limits:
cpu: 1.5
memory: 2Gi
command:
- tail
- -f
- /etc/hosts
imagePullPolicy: IfNotPresent
2.2 创建pod观察标签信息
[root@master231 pods]# kubectl create -f 09-pods-labels.yaml
pod/xiuxian-labels created
[root@master231 pods]#
[root@master231 pods]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-labels 1/1 Running 0 5s apps=xiuxian
3.修改标签
3.1编写资源清单
[root@master231 pods]# cat 09-pods-labels.yaml
apiVersion: v1
kind: Pod
metadata:
name: xiuxian-labels
# 为资源打标签,可以自定义键值对,将来可以基于标签进行过滤
#修改原标签值即可
labels:
apps: FanRenXiuXianZhuan
spec:
……………………
3.2 验证
#注意要使用apply,使用Create会报错
# 非幂等性命令,说白了,就是无法重复执行!
[root@master231 pods]# kubectl create -f 09-pods-labels.yaml
Error from server (AlreadyExists): error when creating "09-pods-labels.yaml": pods "xiuxian-labels" already exists
# 幂等性命令,可以执行多次,如果资源存在则尝试更新,若资源不存在则尝试创建。
[root@master231 pods]# kubectl apply -f 09-pods-labels.yaml
[root@master231 pods]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-labels 1/1 Running 0 2m13s apps=FanRenXiuXianZhuan
4.删除标签
把资源清单中的标签注释即可
[root@master231 pods]# cat 09-pods-labels.yaml
apiVersion: v1
kind: Pod
metadata:
name: xiuxian-labels
# 为资源打标签,可以自定义键值对,将来可以基于标签进行过滤
#labels:
# apps: FanRenXiuXianZhuan
spec:
五、声明式和响应式的区别
相同点:
都可以管理资源。
不同点:
- 1.声明式修改需要先更改配置文件,而后apply配置文件使之生效,将来传输比较方便;
- 2.响应式修改立即生效,将来配置时基于文件传输不太方便,需要单独使用shell脚本来实现;
六、基于标签管理Pod
1.环境准备
1.1 创建资源
[root@master231 pods]# kubectl apply -f 01-pods-single-xiuxian.yaml
pod/xiuxian-xixi created
#无标签
[root@master231 pods]# kubectl get pods -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
xiuxian-labels 1/1 Running 0 11m 10.100.140.89 worker233 <none> <none> <none>
xiuxian-xixi 1/1 Running 0 23s 10.100.140.90 worker233 <none> <none> <none>
1.2 为资源打标签
[root@master231 pods]# kubectl label pod xiuxian-labels class=linux96
pod/xiuxian-labels labeled
[root@master231 pods]# kubectl label pod xiuxian-xixi school=IMNC
pod/xiuxian-xixi labeled
[root@master231 pods]# kubectl label pod xiuxian-xixi class=linux97
pod/xiuxian-xixi labeled
[root@master231 pods]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-labels 1/1 Running 0 12m class=linux96
xiuxian-xixi 1/1 Running 0 75s class=linux97,school=IMNC
2.基于标签过滤Pod之包含特定标签
[root@master231 pods]# kubectl get pods --show-labels -l class
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-labels 1/1 Running 0 13m class=linux96
xiuxian-xixi 1/1 Running 0 114s class=linux97,school=IMNC
3.基于标签过滤pod之含特定值
[root@master231 pods]# kubectl get pod --show-labels -l "class in (linux96)"
NAME READY STATUS RESTARTS AGE LABELS
xiuxian-labels 1/1 Running 0 16m class=linux96
[root@master231 pods]# kubectl get pod --show-labels -l "class notin (linux96)"
xiuxian-xixi 1/1 Running 0 114s class=linux97,school=IMNC
4.基于标签删除资源
[root@master231 pods]# # kubectl delete pod --show-labels -l "class notin (linux96)"
xiuxian-labels 1/1 Running 0 13m class=linux96
本文来自博客园,作者:丁志岩,转载请注明原文链接:https://www.cnblogs.com/dezyan/p/18815918
浙公网安备 33010602011771号