Kubernetes - Kubernetes——Label - 《CloudNative》

概述
标签管理
标签选择器
节点选择器
annotations资源注解

概述

一个 Label 是一个 key=value 的键值对，其中key与value由用户自己指定。
Label 可以附加到各种资源对象上，如 Node、Pod、 Service、RC，
一个资源对象可以定义任意数量的 Label，同一个 Label 也可以被添加到任意数量的资源对象上。

标签管理

Label 通常在资源对象定义时确定，也可以在对象创建后动态添加或删除。
通过kubectl label -h 查看使用规则

kubectl label -h 
Update the labels on a resource.
  *  A label key and value must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and
underscores, up to  63 characters each.
  *  Optionally, the key can begin with a DNS subdomain prefix and a single '/', like example.com/my-app
  *  If --overwrite is true, then existing labels can be overwritten, otherwise attempting to overwrite a label will
result in an error.
  *  If --resource-version is specified, then updates will use this resource version, otherwise the existing
resource-version will be used.
Examples:
  # Update pod 'foo' with the label 'unhealthy' and the value 'true'.
  kubectl label pods foo unhealthy=true
  # Update pod 'foo' with the label 'status' and the value 'unhealthy', overwriting any existing value.
  kubectl label --overwrite pods foo status=unhealthy
  # Update all pods in the namespace
  kubectl label pods --all status=unhealthy
  # Update a pod identified by the type and name in "pod.json"
  kubectl label -f pod.json status=unhealthy
  # Update pod 'foo' only if the resource is unchanged from version 1.
  kubectl label pods foo status=unhealthy --resource-version=1
  # Update pod 'foo' by removing a label named 'bar' if it exists.
  # Does not require the --overwrite flag.
  kubectl label pods foo bar-
Options:
      --all=false: Select all resources, including uninitialized ones, in the namespace of the specified resource types
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
      --dry-run='none': Must be "none", "server", or "client". If client strategy, only print the object that would be
sent, without sending it. If server strategy, submit server-side request without persisting the resource.
      --field-manager='kubectl-label': Name of the manager used to track field ownership.
      --field-selector='': Selector (field query) to filter on, supports '=', '==', and '!='.(e.g. --field-selector
key1=value1,key2=value2). The server only supports a limited number of field queries per type.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to update the labels
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
      --list=false: If true, display the labels for a given resource.
      --local=false: If true, label will NOT contact api-server but run locally.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file.
      --overwrite=false: If true, allow labels to be overwritten, otherwise reject label updates that overwrite existing
labels.
      --record=false: Record current kubectl command in the resource annotation. If set to false, do not record the
command. If set to true, record the command. If not set, default to updating the existing annotation value only if one
already exists.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --resource-version='': If non-empty, the labels update will only succeed if this is the current resource-version
for the object. Only valid when specifying a single resource.
  -l, --selector='': Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and
'!='.(e.g. -l key1=value1,key2=value2).
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
Usage:
  kubectl label [--overwrite] (-f FILENAME | TYPE NAME) KEY_1=VAL_1 ... KEY_N=VAL_N [--resource-version=version]
[options]
Use "kubectl options" for a list of global command-line options (applies to all commands).

添加标签

Label 的最常见的创建方式是使用 metadata.labels 字段，来为对象添加 Label。

apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
      env: test
spec:
  containers:
    - image: nginx
      name: nginx
      ports:
        - containerPort: 80
          protocol: TCP

查看标签

—show-labels 列出资源的标签

$ kubectl get pods nginx-pod --show-labels
NAME        READY   STATUS    RESTARTS   AGE   LABELS
nginx-pod   1/1     Running   0          19m   env=test

查看节点标签

kubectl get nodes --show-labels
NAME                STATUS   ROLES    AGE     VERSION    LABELS
k8s-control-plane   Ready    master   5h16m   v1.19.11   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,ingress-ready=true,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-control-plane,kubernetes.io/os=linux,node-role.kubernetes.io/master=

查看指定键的标签 -l 指定键的标签的资源。—show-labels 列出

$ kubectl get pods  -l env --show-labels
NAME        READY   STATUS    RESTARTS   AGE   LABELS
nginx-pod   1/1     Running   0          24m   env=test

动态添加

$ kubectl label pods/nginx-pod  service=nginx
pod/nginx-pod labeled

查看

$ kubectl get pods  -l service --show-labels
NAME        READY   STATUS    RESTARTS   AGE   LABELS
nginx-pod   1/1     Running   0          25m   env=test,service=nginx

修改标签

使用—overwrite参数修改标签。

$ kubectl label pods/ngin-pod  env=release  --overwrite

查看

$ kubectl get pods  nginx-pod  --show-labels
NAME        READY   STATUS    RESTARTS   AGE   LABELS
nginx-pod   1/1     Running   0          28m   env=release,service=nginx

修改多个标签空格分割

kubectl label --overwrite pods/nginx-deploy-7d5c9644b-xv44v -n default env=nginx version=1.17.1

删除标签

删除标签(将键写为 key-，即可删除相应标签)

kubectl label pods/nginx-deploy-7d5c9644b-xv44v -n default application- version-

标签选择器

标签选择器用于表达标签的查询条件或选择标准，目前有两种标签选择器

基于等值关系（equality-based）

env=formal env!=test

操作符有=、==、和!=三种，其中前两个意义相同，都表示“等值”关系，最后一个表示”不等“关系
```
$ kubectl get pod -l env=release
NAME        READY   STATUS    RESTARTS   AGE
nginx-pod   1/1     Running   0          36m
```
基于集合关系(set-based)
KEY in （VALUE1，VALUE2…）
in : 指定的键名的值存在于给定的列表中即满足条件
eg
kubectl get pods -l “env in (formal,test)” —show-labels

KEY not in （VALUE1，VALUE2…）

notin : 指定的键名不存在于给定的列表中满足条件
eg:
kubectl get pods -l “env notin (test)” —show-labels
Kubernetes——Label - 图3

KEY:所有存在此键名标签的资源

kubectl get pods -l env —show-labels
Kubernetes——Label - 图4

!KEY:所有不存在此键名标签的资源

kubectl get pods -l ‘!env’ —show-labels
注：此处必须使用单引号
Kubernetes——Label - 图5

使用标签选择器时还将遵循以下逻辑：

同时指定的多个选择器之间的逻辑关系为“与”操作；
使用空值的标签选择器意味着每个资源对象都将被选中；
空的标签选择器将无法选出任何资源

定义标签选择器的方式：

matchLabels：通过直接给定键值对指定标签选择器；
matchExpressions：基于表达式指定的标签选择器列表，每个选择器如：”{key:KEY_NAME,operator:OPERATOR,values:[VALUE1,VALUE2,…]}”，选择器列表间为“逻辑非”关系；
使用ln或NotIn操作符时，其values非必须为非空的字符串列表，而使用Exists或DostNotExist时，其values必须为空。

节点选择器

Pod节点选择器是标签及标签选择器的一种应用，它能够让Pod对象基于集群中工作节点的标签来挑选倾向运行的目标节点

#[root@master1 ~]# kubectl explain  pods.spec.nodeSelector
KIND:     Pod
VERSION:  v1
FIELD:    nodeSelector <map[string]string>
DESCRIPTION:
     NodeSelector is a selector which must be true for the pod to fit on a node.
     Selector which must match a node's labels for the pod to be scheduled on
     that node. More info:
     https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

给node打标签：

kubectl label nodes <node-name> <label-key>=<label-value>

为节点打标签
Kubernetes——Label - 图6
配置pod资源

#[root@master1 all]# cat demonodesel.yaml 
apiVersion: v1
kind: Pod
metadata:
    name: demo-nodesel
spec:
    containers:
        - name: demo-nodesel
          image: nginx:1.14
    nodeSelector:
        service: web

需要说明的是，nodeSelector的方式比较简单直观，但是不够灵活，后面，它会被Node Affinity替代。

kubectl apply -f demonodesel.yaml
Kubernetes——Label - 图7
默认的，节点默认已经携带了一些标签，如kubernetes.io/hostname beta.kubernetes.io/os 和 beta.kubernetes.io/arch等，这些标签页可以直接由nodeselector使用，尤其是希望将Pod调度到某个特定的节点时，可以使用kubernetes.io/hostname直接绑定主机即可，当然也可直接使用nodeName字段直接指定目标主机

annotations资源注解

用于为资源提供元数据信息，其大小不受限制，可大可小，可为结构化或非结构化，其可以是人工添加也可以是系统默认添加的
时间戳，发行ID，GIT分支，PR号码、镜像哈希及仓库信息等
查看
kubectl describe pods PODNAME

[root@master1 all]# kubectl describe  pods    demo-nodesel
Name:               demo-nodesel
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               192.168.1.30/192.168.1.30
Start Time:         Wed, 20 Mar 2019 22:49:02 +0800
Labels:             <none>
Annotations:   #资源注解     kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"demo-nodesel","namespace":"default"},"spec":{"containers":[{"image":"nginx:1.14","...
Status:             Running
IP:                 172.17.50.9

管理资源注解
1 创建时在yaml文件中指定

apiVersion: v1
kind: Pod
metadata:
    name: demo-annot
    annotations: 
        name: nginx
spec:
    containers:
        - name: demo-annot
          image: nginx:1.14

查看

#[root@master1 all]# kubectl describe  pods    demo-annot
Name:               demo-annot
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               192.168.1.30/192.168.1.30
Start Time:         Wed, 20 Mar 2019 23:04:33 +0800
Labels:             <none>
Annotations:        kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"name":"nginx"},"name":"demo-annot","namespace":"default"},"spec":{"containers":[{"image":"n...
                    name=nginx

Kubernetes——Label

概述