k8s的资源身份标签Labels（为找pod,不定义找不到pod）

知识点：

labels标签，在kubernetes我们会经常见到，它的功能非常关键，就相关于服务pod的身份证信息，如果我们创建一个deployment资源，它之所有能守护下面启动的N个pod以达到期望的数据，service之所以能把流量准确无误的转发到指定的pod上去，归根结底都是labels在这里起作用，下面我们来实际操作下，相信大家跟着操作完成后，就会理解labels的功效了。
.

一、实验环境：

Master1,node1,node2还原至单节点集群；Node1\node2上传nginx1.26.1

二、node1\node2容器运行时导入nginx:1.21.6的镜像

[root@node1 ~]# ls
anaconda-ks.cfg  busybox-1-28.tar.gz  calico.tar.gz  nginx-1.21.6.tar
[root@node1 ~]# ctr -n k8s.io images import nginx-1.21.6.tar 容器运行时导入nginx:1.21.6的镜像
unpacking docker.io/library/nginx:1.21.6 (sha256:94b808e393739b5363decf631a746d0241083                                                                             d40eb05f07200a6d1c0c16f54b8)...done
[root@node1 ~]#

[root@node2 ~]# ls
anaconda-ks.cfg  busybox-1-28.tar.gz  calico.tar.gz
[root@node2 ~]# ctr -n k8s.io images import nginx-1.21.6.tar 容器运行时导入nginx:1.21.6的镜像
unpacking docker.io/library/nginx:1.21.6 (sha256:94b808e393739b5363decf631a746d0241083                                                                             d40eb05f07200a6d1c0c16f54b8)...done
[root@node2 ~]#

三、master1创建nginx的无状态服务，镜像nginx:1.21.6，副本数为3

[root@master1 ~]# kubectl create deployment nginx --image=nginx:1.21.6 --replicas=3 创建nginx的无状态服务，镜像nginx:1.21.6，副本数为3
deployment.apps/nginx created  创建三个nginx的pod

四、查看pod信息

[root@master1 ~]# kubectl get pod -w		动态查看pod信息
NAME                     READY   STATUS    RESTARTS   AGE
nginx-745567d4b8-7x4bq   1/1     Running   0          22s
nginx-745567d4b8-lbmvs   1/1     Running   0          22s
nginx-745567d4b8-t8866   1/1     Running   0          22s
^C[root@master1 ~]#
[root@master1 ~]# kubectl get pod -o wide		查看pod的详细信息
NAME                     READY   STATUS    RESTARTS   AGE   IP               NODE    NOMINATED NODE   READINESS GATES
nginx-745567d4b8-7x4bq   1/1     Running   0          50s   10.244.166.130   node1 查看pod在那个节点运行的  <none>           <none>
nginx-745567d4b8-lbmvs   1/1     Running   0          50s   10.244.166.129   node1 查看pod在那个节点运行的   <none>           <none>
nginx-745567d4b8-t8866   1/1     Running   0          50s   10.244.104.2     node2   查看pod在那个节点运行的 <none>           <none>
[root@master1 ~]#

五、master1上查看nginx无状态具体生成的配置文件

[root@master1 ~]# kubectl get deployments.apps nginx -o yaml  查看nginx无状态具体生成的配置文件
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
  creationTimestamp: "2025-06-25T07:45:48Z"
  generation: 1
  labels:
    app: nginx		看标签的名称：nginx
  name: nginx
  namespace: default
  resourceVersion: "9632"
  uid: e37736d4-1d55-4e95-889c-3b3593a61ffd
spec:
  progressDeadlineSeconds: 600
  replicas: 3
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: nginx
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx
    spec:
      containers:
      - image: nginx:1.21.6
        imagePullPolicy: IfNotPresent
        name: nginx
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
status:
  availableReplicas: 3
  conditions:
  - lastTransitionTime: "2025-06-25T07:45:50Z"
    lastUpdateTime: "2025-06-25T07:45:50Z"
    message: Deployment has minimum availability.
    reason: MinimumReplicasAvailable
    status: "True"
    type: Available
  - lastTransitionTime: "2025-06-25T07:45:48Z"
    lastUpdateTime: "2025-06-25T07:45:50Z"
    message: ReplicaSet "nginx-745567d4b8" has successfully progressed.
    reason: NewReplicaSetAvailable
    status: "True"
    type: Progressing
  observedGeneration: 1
  readyReplicas: 3
  replicas: 3
  updatedReplicas: 3
[root@master1 ~]#

六、打pod标签：查看某一个nginx-745567d4b8-4shfm pod的具体文件信息

[root@master1 ~]# kubectl get pod nginx-745567d4b8-7x4bq -o yaml		查看某一个nginx-745567d4b8-4shfm pod的具体文件信息
apiVersion: v1
kind: Pod
metadata:
  annotations:
    cni.projectcalico.org/containerID: f95ae4d026f3f32ba3b80b61437b6b85aa99d549a2edf5e9a127f89d736ebe07
    cni.projectcalico.org/podIP: 10.244.166.130/32
    cni.projectcalico.org/podIPs: 10.244.166.130/32
  creationTimestamp: "2025-06-25T07:45:48Z"
  generateName: nginx-745567d4b8-
  labels:
    app: nginx
    pod-template-hash: 745567d4b8
  name: nginx-745567d4b8-7x4bq
  namespace: default

七、将nginx无状态服务发布出去，端口80，目标端口80，名称：nginx；查看nginx信息

[root@master1 ~]# kubectl expose deployment nginx --port=80 --target-port=80 --name=nginx 将nginx无状态服务发布出去，端口80，目标端口80，名称：nginx
service/nginx exposed
[root@master1 ~]# kubectl get svc nginx 查看nginx信息
NAME    TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
nginx   ClusterIP   10.103.19.177   <none>        80/TCP    11s
[root@master1 ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP   5d23h
nginx        ClusterIP   10.103.19.177   <none>        80/TCP    15s
[root@master1 ~]# kubectl describe svc nginx	查看nginx服务的详细信息
Name:              nginx
Namespace:         default
Labels:            app=nginx
Annotations:       <none>
Selector:          app=nginx
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.103.19.177			集群IP
IPs:               10.103.19.177
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.104.2:80,10.244.166.129:80,10.244.166.130:80  末端节点（pod是k8s的最小单位），指pod的IP，有几个pod，有几个IP
Session Affinity:  None
Events:            <none>
[root@master1 ~]#

八、查看pod的详细信息

[root@master1 ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
nginx-745567d4b8-7x4bq   1/1     Running   0          29m
nginx-745567d4b8-lbmvs   1/1     Running   0          29m
nginx-745567d4b8-t8866   1/1     Running   0          29m
[root@master1 ~]# kubectl get pods -o wide		查看pod的详细信息
NAME                     READY   STATUS    RESTARTS   AGE   IP               NODE    NOMINATED NODE   READINESS GATES
nginx-745567d4b8-7x4bq   1/1     Running   0          30m   10.244.166.130   node1  出现的IP地址和末端节点是一一对应的 <none>           <none>
nginx-745567d4b8-lbmvs   1/1     Running   0          30m   10.244.166.129   node1   出现的IP地址和末端节点是一一对应的<none>           <none>
nginx-745567d4b8-t8866   1/1     Running   0          30m   10.244.104.2     node2  出现的IP地址和末端节点是一一对应的 <none>           <none>

九、访问集群IP

[root@master1 ~]# curl 10.103.19.177		访问集群IP
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@master1 ~]#

十、将nginx服务的标签修改为nginxaaa

[root@master1 ~]# kubectl patch services nginx -p '{"spec":{"selector":{"app":"nginxaa                                                                             a"}}}'			将nginx服务的标签修改为nginxaaa
service/nginx patched
[root@master1 ~]# kubectl describe svc nginx		查看nginx服务的详细信息
Name:              nginx
Namespace:         default
Labels:            app=nginx
Annotations:       <none>
Selector:          app=nginxaaa
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.103.19.177
IPs:               10.103.19.177
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         <none>						末端节点信息丢失
Session Affinity:  None
Events:            <none>
[root@master1 ~]# kubectl get pod
NAME                     READY   STATUS    RESTARTS   AGE
nginx-745567d4b8-7x4bq   1/1     Running   0          40m
nginx-745567d4b8-lbmvs   1/1     Running   0          40m
nginx-745567d4b8-t8866   1/1     Running   0          40m


[root@master1 ~]# curl 10.103.59.182
curl: (7) Failed to connect to 10.103.59.182 port 80: Connection refused  报错信息是：连接拒绝

十一、将nginx服务的标签修改为nginx

[root@master1 ~]#  kubectl patch services nginx -p '{"spec":{"selector":{"app":"nginx"                                                                             }}}'  将nginx服务的标签修改为nginx
service/nginx patched
[root@master1 ~]# kubectl describe svc nginx		查看nginx服务的详细信息
Name:              nginx
Namespace:         default
Labels:            app=nginx
Annotations:       <none>
Selector:          app=nginx
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.103.19.177
IPs:               10.103.19.177
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.104.2:80,10.244.166.129:80,10.244.166.130:80		末端节点信息又回来了
Session Affinity:  None
Events:            <none>
[root@master1 ~]# kubectl get pod
NAME                     READY   STATUS    RESTARTS   AGE
nginx-745567d4b8-7x4bq   1/1     Running   0          41m
nginx-745567d4b8-lbmvs   1/1     Running   0          41m
nginx-745567d4b8-t8866   1/1     Running   0          41m
[root@master1 ~]# curl 10.103.19.177			访问集群IP(访问又变正常，显示了测试页面)
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@master1 ~]#

十二、pod出现的状态有几种：

pod出现的状态有几种：

running正在运行
ContainerCreating容器在创建
ImageError镜像未拉取成功
CrashLoopbackOFF 容器崩溃

一、CrashLoopBackOff 的核心原因

应用程序错误

代码异常、未捕获的错误或依赖缺失导致容器启动后立即崩溃。

示例：应用启动时抛出未处理的异常或死锁。

配置问题

环境变量缺失或错误、启动命令/参数配置错误、配置文件路径错误。

示例：数据库连接字符串配置错误（如 DATABASE_URL 格式不正确）。

资源不足

内存或 CPU 资源限制过低，导致容器启动失败或运行时崩溃（如 OOMKilled）。

排查方法：通过 kubectl describe pod 查看资源事件。

依赖服务不可用

依赖的数据库、API 或其他服务未就绪或网络不通。

示例：MySQL 未启动，导致应用无法连接。

权限问题

容器无权限访问文件系统、网络接口或敏感资源（如 Secrets）。

探针配置错误

Liveness/Readiness 探针设置不当（如路径错误或超时过短），导致健康检查失败并触发重启

排除故障：

二、排查步骤与解决方案

1. 查看容器日志

bashbash复制bash复制kubectl logs <pod-name> –previous # 查看崩溃容器的日志

关键信息：日志中可能包含崩溃原因（如数据库连接失败、文件权限错误）。

2. 检查 Pod 事件

bashbash复制复制kubectl describe pod <pod-name>

关注事件：如 Back-off restarting failed container、OOMKilled 或依赖服务连接失败提示

CrashLoopBackOff 是 Kubernetes 中容器启动失败的典型表现，需通过日志、事件和资源配置逐步排查。核心原则是：定位具体错误 → 验证配置 → 调整资源 → 优化探针。若问题仍无法解决，可结合临时调试容器或联系镜像维护方进一步分析

Error错误