K8S-控制器进阶之标签管理

控制器进阶 标签管理

Always 总是去仓库下载, Nerver 从不下载,

IfNotPresent：先加载本地，若无再去仓库下载
自主式pod资源 —不受控制器控制的pod

集群管理命令

]# kubectl cordon  node1    //标记node1 不被调度，pod将不会被调度到该node节点上面
]# kubectl   get nodes    
    NAME     STATUS                               ROLES    AGE   VERSION
    master   Ready                                master   48d   v1.17.11
    node1    Ready,SchedulingDisabled             <none>   48d   v1.17.11          //可以看到调度被关闭 
    node2    Ready                                <none>   48d   v1.17.11  
  
]# kubectl    uncordon    node1        //取消node1标记，node1恢复调度
    
集群node下线，pod驱逐
]# kubectl  drain node1     //node1节点pod驱逐，用于node下线等场景（可下线无状态服务）

关于label与taint可以参考：Kubernetes对Pod调度指定Node以及Node的Taint 和 Toleration

 

集群node标记污点，实现反亲pod与node反亲和性

亲和性：label 标签：实现pod与node的亲和性，只要标签相同都会被调度到这个node上面

反亲和性：taint：给node标记污点，只要node有这个标签，都不会被调度到这个node节点

pod标签管理

master ~]# kubectl  get pods  -l  app    //只显示标签为app的pod
NAME       READY   STATUS             RESTARTS   AGE
pod-demo   1/2     CrashLoopBackOff   4          4m12s

master ~]# kubectl  get pods  -L  app     //显示所有标签中带有app的pod
NAME                           READY   STATUS    RESTARTS   AGE     APP
nginx-9ffc7d87b-4gjtn          1/1             Running   3          4d
nginx-9ffc7d87b-5llww          1/1            Running   3          4d
nginx-9ffc7d87b-jrq2h          1/1             Running   3          4d
nginx-deploy-98c9d6c66-n25dd   1/1    Running   4          6d16h
pod-demo                               2/2          Running   5          4m32s   myapp

master ~]# kubectl  get pods  -l  app  --show-labels    //更详细的
NAME       READY   STATUS             RESTARTS   AGE     LABELS
pod-demo   1/2     CrashLoopBackOff   5          6m51s   app=myapp,tier=frontend

master ~]# kubectl  get pods  -L  app,run       //显示多个pod的标签值
NAME                           READY   STATUS    RESTARTS   AGE     APP     RUN
nginx-9ffc7d87b-4gjtn          1/1     Running   3          4d      nginx
nginx-9ffc7d87b-5llww          1/1     Running   3          4d      nginx
nginx-9ffc7d87b-jrq2h          1/1     Running   3          4d      nginx
nginx-deploy-98c9d6c66-n25dd   1/1     Running   4          6d16h   nginx-deploy
pod-demo                       1/2     Running   6          8m8s    myapp

 

pod增加或修改标签

说明：标签类型为key：vaule类型

master ~]# kubectl   get pods pod-demo --show-labels   //查看标签
NAME       READY   STATUS    RESTARTS   AGE   LABELS
pod-demo   2/2     Running   7          13m   app=myapp,tier=frontend

master ~]# kubectl  label pods  pod-demo release=stable    //增加标签

master ~]# kubectl  get pods  pod-demo --show-labels   //再次查看标签
NAME       READY   STATUS             RESTARTS   AGE   LABELS
pod-demo   1/2     CrashLoopBackOff   7          15m   app=myapp,release=stable,tier=frontend

master ~]# kubectl  label pods  pod-demo release=release   --overwrite    //当该标签已存在值需要加上--overwrite选项

master ~]# kubectl  get pods  pod-demo --show-labels    //再次查看
NAME       READY   STATUS             RESTARTS   AGE   LABELS
pod-demo   1/2     CrashLoopBackOff   8          20m   app=myapp,release=stable,tier=frontend

 

标签选择器：
等值关系：=，==，！=
集合关系：key in (value1,value2…) 或者 key not in (value1,value2…)
等值关系演示

master ~]# kubectl   get pod   --show-labels
NAME                           READY   STATUS             RESTARTS   AGE     LABELS
nginx-9ffc7d87b-4gjtn          1/1     Running            3          4d1h    pod-template-hash=9ffc7d87b,run=nginx
nginx-9ffc7d87b-5llww          1/1     Running            3          4d1h    pod-template-hash=9ffc7d87b,run=nginx
nginx-9ffc7d87b-jrq2h          1/1     Running            3          4d1h    pod-template-hash=9ffc7d87b,run=nginx
nginx-deploy-98c9d6c66-n25dd   1/1     Running       4      6d16h   pod-template-hash=98c9d6c66,run=nginx-deploy
pod-demo                    1/2     CrashLoopBackOff   9          28m     app=myapp,release=stable,tier=frontend

master ~]# kubectl  label pods nginx-deploy-98c9d6c66-n25dd release=canary   //增加标签

master ~]# kubectl   get pod   -l   release=stable   --show-labels  //查看标签release=stable的pod 

master ~]# kubectl   get pods -l   release  //查看标签为release的pod
NAME                           READY   STATUS             RESTARTS   AGE
nginx-deploy-98c9d6c66-n25dd   1/1     Running            4          6d16h
pod-demo                       1/2     CrashLoopBackOff   10         32m

master ~]# kubectl   get pods -l release,app    //查看标签为release且等于app的pod

master ~]# kubectl   get pods -l release=stable,app=myapp   //查看标签值release=stable,app=myapp的pod

master ~]# kubectl   get pod -l  release!=stable,release!=canary  --show-labels    //查看标签值不等于xxx且xxx不等于xxpod

集合关系演示

集合关系：key in (value1,value2...) 或者 key not in (value1,value2...)说明：value必须为非空字段
                    exists ，noexists  (values字段必须为空列表)
 
master ~]# kubectl   get pods -l "release in (stable,canary,aaa)"     //或的关系，有一个也行，没有就算了
NAME                           READY   STATUS             RESTARTS   AGE
nginx-deploy-98c9d6c66-n25dd   1/1     Running            4          6d21h
pod-demo                       1/2     CrashLoopBackOff   65         5h31m

-master ~]# kubectl   get pods -l "release notin (stable,canary,aaa)"    //取反
NAME                    READY   STATUS    RESTARTS   AGE
nginx-9ffc7d87b-4gjtn   1/1     Running   3          4d6h
nginx-9ffc7d87b-5llww   1/1     Running   3          4d6h
nginx-9ffc7d87b-jrq2h   1/1     Running   3          4d6h

nodeSelector 节点标签选择器
master ~]# kubectl   label nodes  k8s-node1 disktype=ssd   //对node节点打标签，在添加资源时，可以指定标签来运行

master yaml]# vim  pod-demo.yaml
apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
  annotations:     //资源注解
    rt/create-by: cluster-admin   //创建人
spec:
  containers:
    - name: nginx
      image: nginx:latest
      imagePullPolicy: IfNotPresent
      ports:
      - name: http
        containerPort: 80
    - name: busybox
      image: busybox:latest
      imagePullPolicy: IfNotPresent
      command:
      - "/bin/sh"
      - "-c"
      - "sleep 20"
  nodeSelector:       //Node标签选择器
    disktype: ssd       //新建的资源只会创建在拥有disktype: ssd标签的node上，当多个node拥有，根据调度算法轮询
  nodeName: k8s-node2     /或者可以直接指定运行在指定的node节点上