什么是标签?
标签其实就是分组
标签其实就一对 key/value ,被关联到对象上,比如Pod,标签的使用我们倾向于能够表示对象的特殊特点,就是一眼就看出了这个Pod是干什么的,标签可以用来划分特定的对象(比如版本,服务类型等),标签可以在创建一个对象的时候直接定义,也可以在后期随时修改,每一个对象可以拥有多个标签,但是,key值必须是唯一的。创建标签之后也可以方便我们对资源进行分组管理。如果对pod打标签之后就可以使用标签来查看、删除指定的pod。(慎重!!!)
在k8s中,大部分资源都可以打标签。
给pod资源打标签
cpp
#对已经存在的pod打标签
[root@k8s-master01 ~]# kubectl label pods pod-first release=v1
#查看标签是否打成功
[root@k8s-master01 ~]# kubectl get pods pod-first --show-labels查看资源标签
cpp
#查看默认名称空间下所有pod资源的标签
[root@k8s-master01 ~]# kubectl get pods --show-labels
#查看默认名称空间下指定pod具有的所有标签
[root@k8s-master01 ~]# kubectl get pods pod-first --show-labels
#列出默认名称空间下标签key是release的pod,不显示标签
[root@k8s-master01 ~]# kubectl get pods -l release
#列出默认名称空间下标签key是release、值是v1的pod,不显示标签
[root@k8s-master01 ~]# kubectl get pods -l release=v1
#列出默认名称空间下标签key是release的所有pod,并打印对应的标签值
[root@k8s-master01 ~]# kubectl get pods -L release
#查看所有名称空间下的所有pod的标签
[root@k8s-master01 ~]# kubectl get pods --all-namespaces --show-labels使用yaml文件生成标签
cpp
#使用yaml文件生成标签
#yaml文件在更新时是不会中断业务的,所以使用很方便
#查看pod标签
[root@k8s-master pki]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
pod-test 1/1 Running 0 9h app=nginx129
#修改podyaml文件
[root@k8s-master ~]# vim nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-test
namespace: test
labels:
app: nginx129
app1: nginx129 #添加一个标签
spec:
containers:
- name: nginx129
ports:
- containerPort: 80
image: nginx:latest
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 0.5
memory: 1024Mi
#更新配置文件
[root@k8s-master ~]# kubectl apply -f nginx-pod.yaml
pod/pod-test configured
#会多出一个新添加的标签 app1=nginx129 (--show-labels显示所有标签)
#显示pod的所有标签
[root@k8s-master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
pod-test 1/1 Running 0 9h app1=nginx129,app=nginx129
#输出当前已经运行的,被系统的补齐的pod的yaml文件
[root@k8s-master ~]# kubectl get pod pod-test -o yaml
-----------------
restartPolicy: Always #单一pod里的Always不生效,在pod控制器里边重启策略才生效
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
--------------------------
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt #所有pod都信任真证书
[root@k8s-master ~]# kubectl delete pod pod-test #删除检测重启策略会不会生效
pod "pod-test" deleted
[root@k8s-master ~]# kubectl get pod #不生效
No resources found in test namespace.
[root@k8s-master ~]# kubectl apply -f nginx-pod.yaml #更新配置文件
pod/pod-test created
[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod-test 1/1 Running 0 20s
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-test 1/1 Running 0 51s 10.244.36.73 k8s-node1 <none> <none>使用命令生成标签
cpp
#使用命令生成标签
#添加新标签
[root@k8s-master ~]# kubectl label pods pod-test app2=nginx129
pod/pod-test labeled
# (--show-labels显示所有标签)
[root@k8s-master ~]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
pod-test 1/1 Running 0 4m36s app1=nginx129,app2=nginx129,app=nginx129创建一个新pod,并创建nginx129容器
cpp
#创建一个新pod,并创建nginx129容器
[root@k8s-master ~]# vim nginx-pod.yaml
---------------------------------------
apiVersion: v1
kind: Pod
metadata:
name: pod-test1
namespace: test
labels:
app: nginx129
app1: nginx129
spec:
containers:
- name: nginx129
ports:
- containerPort: 80
image: nginx:latest
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 0.5
memory: 1024Mi
---------------------------------------
[root@k8s-master ~]# kubectl apply -f nginx-pod.yaml
pod/pod-test1 created
[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod-test 1/1 Running 0 20m
pod-test1 1/1 Running 0 11s
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-test 1/1 Running 0 20m 10.244.36.73 k8s-node1 <none> <none>
pod-test1 1/1 Running 0 25s 10.244.169.149 k8s-node2 <none> <none>
#可以通过delete pod -l 指向标签来删除pod (标签是app=nginx129)
[root@k8s-master ~]# kubectl delete pod -l app=nginx129
pod "pod-test" deleted
pod "pod-test1" deleted
#查看所有名称空间下的所有pod的标签
[root@k8s-master ~]# kubectl get pods --all-namespaces --show-labels资源限制
节点资源不足,导致调度失败
cpp
#节点资源不足,导致调度失败
[root@k8s-master ~]# vim nginx-pod2.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod2
spec:
containers:
- name: nginx2
image: nginx
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: '8'
memory: '8Gi'
requests:
cpu: '6'
#更新配置会报错,因为我们给的是4核4G
[root@k8s-master ~]# kubectl apply -f nginx-pod2.yaml
Error from server (Forbidden): error when creating "nginx-pod2.yaml": pods "nginx-pod2" is forbidden: exceeded quota: mem-cpu-quota, requested: limits.cpu=8,limits.memory=8Gi,requests.cpu=6,requests.memory=8Gi, used: limits.cpu=0,limits.memory=0,requests.cpu=0,requests.memory=0, limited: limits.cpu=4,limits.memory=4Gi,requests.cpu=2,requests.memory=2Gi
#当资源配额配置不符合,但是更新配置成功了,并不代表成功,是node节点无法连接所在命名空间资源不足
cpp
##创建命名空间并设置资源限制
[root@k8s-master ~]# vim c2409.txt
apiVersion: v1
kind: Namespace
metadata:
name: c2409
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: mem-cpu-quota
namespace: c2409
spec:
hard:
requests.cpu: '2'
requests.memory: '2Gi'
limits.cpu: '4'
limits.memory: '4Gi'
###创建pod
[root@k8s-master ~]# vim nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod2
namespace: c2409
spec:
containers:
- name: nginx2
image: nginx
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: '8'
memory: '8Gi'
requests:
cpu: '6'
memory: '2Gi'
##提交后的报错信息
[root@k8s-master ~]# kubectl apply -f nginx.yaml
Error from server (Forbidden): error when creating "nginx.yaml": pods "nginx-pod2" is forbidden: exceeded quota: mem-cpu-quota, requested: limits.cpu=8,limits.memory=8Gi,requests.cpu=6, used: limits.cpu=0,limits.memory=0,requests.cpu=0, limited: limits.cpu=4,limits.memory=4Gi,requests.cpu=2