In order to manage heterogeneous and differently configured hosts, in order to facilitate the operation and maintenance management of Pods, Kubernetes provides many cluster management configuration and management functions. The space divided by namespace is used for pod scheduling by creating labels and taints for node nodes Wait
Node
Node is a working node of the kubernetes cluster, which can be a physical machine or a virtual machine.
Node status
Node includes the following status information
- Address
HostName: Can be replaced by the --hostname-override parameter in kubelet.
ExternalIP: IP address that can be routed outside the cluster.
InternalIP: IP used inside the cluster, which cannot be accessed outside the cluster. - Condition
OutOfDisk: True
Ready when the disk space is low : The Node controller has not received the status report of the node as Unknown within 40 seconds, and the health is True, otherwise it is False.
MemoryPressure: True when node has no memory pressure, otherwise False.
DiskPressure: True when node has no disk pressure, otherwise False. - Capacity
CPU
memory
The maximum number of
Pods that can be run Info: Some version information of the node, such as OS, kubernetes, docker, etc.
Node management
Disable pod scheduling to
kubectl cordon on this node
Expel all pod
kubectl drains on this node
This command will delete all Pods on this node (except DaemonSet) and restart them on other nodes. Usually this
command is used when the node needs maintenance . Direct use of this command will automatically call kubectl cordon
Namespace
You can use namespaces to create multiple "virtual clusters" in a Kubernetes cluster. These namespaces can be completely isolated, or you can use a method to allow services in one namespace to access services in other namespaces. When we deployed the kubernetes1.6 cluster in CentOS, we used a good service that spans the namespace. For example, services under Traefik ingress and kube-system namespace can provide services for the entire cluster. These need to be defined through RBAC. Level of color to achieve
When it is suitable to use multiple namespaces
because namespace can provide a unique namespace, so it can achieve partial environmental isolation. When your project and staff are numerous, you can consider different namespaces based on project attributes, such as production, testing, and development
Use of Namespace
Get what namespace
kubectl get ns in the cluster
By default, the cluster will have two namespaces, default and kube-system.
You can use -n to specify the namespace of the operation when executing the kubectl command.
The user's common application default is under default, and applications related to cluster management that provide services for the entire cluster are generally deployed under the
namespace of the kube-system , such as kubedns, heapseter, EFK that we deploy when installing the kubernetes cluster. Waiting is under this namespace. In addition, not all resource objects will correspond to the namespace, node and persistentVolume do not belong to any namespace
Label
Label is a key-value pair attached to an object (such as Pod). It can be specified when the object is created, or at any time after the object is created. The value of Labels has no meaning to the system itself, only to the user
Label can map the organizational structure to the system architecture (like Conway's law), which can make it easier to manage microservices. You can label the object with the following types of labels
"release" : "stable" , "release" : "canary"
"environment" : "dev" , "environment" : "qa" , "environment" : "production"
"tier" : "frontend" , "tier" : "backend" , "tier" : "cache"
"partition" : "customerA" , "partition" : "customerB"
"track" : "daily" , "track" : "weekly"
"team" : "teamA" , "team:" : "teamB"
Grammar and character set
The composition of the label key:
- 63 characters
- You can use prefixes, use / separate, the prefix must be a DNS subdomain, and cannot exceed 253 characters. The label created by the automatic component in the system must specify the
prefix, kubernetes.io/ is reserved by kubernetes - The starting point must be a letter ⺟ (any type can be written) or a number, with a hyphen, underscore and dot
The composition of Label value:
- 63 characters
- The starting point must be a letter ⺟ (any type can be written) or a number, with a hyphen, underscore and dot
Label selector
Label is not unique, many objects may have the same label.
Through the label selector, the client / user can specify an object collection, and operate on the object collection through the label selector
There are two types of label selectors:
- Equality-based: You can use =, ==,! = operators, you can use commas to separate multiple expressions
- set-based: can use the in, notin, operator, the operator also can not directly write a key label, showing the filter has a!
a key of the key object ⽽ regardless of what value is the value! Object without the label
$ kubectl get pods -l environment=production,tier=frontend
$ kubectl get pods -l 'environment in (production),tier in (frontend)'
$ kubectl get pods -l 'environment in (production, qa)'
$ kubectl get pods -l 'environment,environment notin (frontend)'
Set label selector in API object
在 service 、 replicationcontroller 等object中有对pod的label selector,使⽤⽅法只能使⽤等于操作,例如:
selector:
component: redis
在 Job 、 Deployment 、 ReplicaSet 和 DaemonSet 这些object中,⽀持set-based的过滤,例如
selector:
matchLabels:
component: redis
matchExpressions:
- {key: tier, operator: In, values: [cache]}
- {key: environment, operator: NotIn, values: [dev]}
Annotation
annotation. Annotation can associate Kubernetes resource objects to arbitrary non-identifying metadata. These metadata can be retrieved using clients (such as tools and libraries)
Both Label and Annotation can associate metadata to Kubernetes resource objects. Label is mainly used to select objects, you can select objects that meet specific conditions. In contrast, annotations cannot be used to identify and select objects. The metadata in the annotation can be more or less, it can be structured or unstructured, or it can contain characters that are not allowed in the label.
Both annotation and label are key / value key-value mapping structures:
"annotations": {
"key1": "value1",
"key2": "value2"
}
Object information that can be recorded in the annotation
- Declares the fields managed by the configuration layer. Using annotations to associate such fields can be used to distinguish the following configuration sources: default values set by the client or server, automatically generated fields, or automatically generated auto-scaling and auto-sizing system configuration fields.
- Create information, version information or mirror information. For example, time stamp, version number, git branch, PR serial number, image hash value, and warehouse address.
- Pointer to record logs, monitor, analyze or audit storage warehouse
- Can be used to debug client (library or tool) information, such as name, version, and creation information.
- User information, as well as tool or system source information, such as URL information of related objects from the Kubernetes state.
- Lightweight deployment tool metadata, such as configuration or checkpoints.
- The phone or contact method of the person in charge, or a list of information that can find relevant information, such as a team site.
