In Kubernetes what is deletecollection?

↘锁芯ラ 提交于 2021-02-10 06:58:41

问题


When listing all the API resources in K8s you get:

$ kubectl api-resources -owide
NAME                              SHORTNAMES   APIGROUP                       NAMESPACED   KIND                             VERBS
bindings                                                                      true         Binding                          [create]
componentstatuses                 cs                                          false        ComponentStatus                  [get list]
configmaps                        cm                                          true         ConfigMap                        [create delete deletecollection get list patch update watch]
endpoints                         ep                                          true         Endpoints                        [create delete deletecollection get list patch update watch]
events                            ev                                          true         Event                            [create delete deletecollection get list patch update watch]
limitranges                       limits                                      true         LimitRange                       [create delete deletecollection get list patch update watch]
namespaces                        ns                                          false        Namespace                        [create delete get list patch update watch]
nodes                             no                                          false        Node                             [create delete deletecollection get list patch update watch]
persistentvolumeclaims            pvc                                         true         PersistentVolumeClaim            [create delete deletecollection get list patch update watch]
persistentvolumes                 pv                                          false        PersistentVolume                 [create delete deletecollection get list patch update watch]
pods                              po                                          true         Pod                              [create delete deletecollection get list patch update watch]
podtemplates                                                                  true         PodTemplate                      [create delete deletecollection get list patch update watch]
replicationcontrollers            rc                                          true         ReplicationController            [create delete deletecollection get list patch update watch]
resourcequotas                    quota                                       true         ResourceQuota                    [create delete deletecollection get list patch update watch]
secrets                                                                       true         Secret                           [create delete deletecollection get list patch update watch]
serviceaccounts                   sa                                          true         ServiceAccount                   [create delete deletecollection get list patch update watch]
services                          svc                                         true         Service                          [create delete get list patch update watch]
mutatingwebhookconfigurations                  admissionregistration.k8s.io   false        MutatingWebhookConfiguration     [create delete deletecollection get list patch update watch]
... etc ...

Many list the verb deletecollection which sounds useful, but I can't run it e.g.

$ kubectl deletecollection
Error: unknown command "deletecollection" for "kubectl"
Run 'kubectl --help' for usage.
unknown command "deletecollection" for "kubectl"

Nor can I find it in the docs except where it appears in the api-resources output above or mentioned as a verb.

Is there a way to deletecollection?

It sounds like it would be better than the sequence of grep/awk/xargs that I normally end up doing if it does do what I think it should do. i.e. delete all the pods of a certain type.


回答1:


The delete verb refers to deleting a single resource, for example a single Pod. The deletecollection verb refers to deleting multiple resources at the same time, for example multiple Pods using a label or field selector or all Pods in a namespace.

To give some examples from the API documentation:

  1. To delete a single Pod: DELETE /api/v1/namespaces/{namespace}/pods/{name}
  2. To delete multiple Pods (or, deletecollection):
    1. All pods in a namespace DELETE /api/v1/namespaces/{namespace}/pods
    2. All pods in a namespace matching a given label selector: DELETE /api/v1/namespaces/{namespace}/pods?labelSelector=someLabel%3dsomeValue

Regarding kubectl: You cannot invoke deletecollection explicitly with kubectl.

Instead, kubectl will infer on its own whether to use delete or deletecollection depending on how you invoke kubectl delete. When deleting a single source (kubectl delete pod $POD_NAME), kubectl will use a delete call and when using a label selector or simply deleting all Pods (kubectl delete pods -l $LABEL=$VALUE or kubectl delete pods --all), it will use the deletecollection verb.




回答2:


DeleteCollection it's not a kubectl command parameter.
When RBAC is active, it use verbs to define what type of access you have over a class of kubernetes objects. DeleteCollection is a verb used in a RBAC Role definition to authorize or not a deletion of objects of the same kind like pods or deployments or services.

Example of a yaml Role definition using verbs .

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: default
  name: pod-admin
rules:
- apiGroups: [""] # "" indicates the core API group
  resources: ["pods"]
  verbs: ["get", "watch", "list","delete", "deletecollection"] 






来源:https://stackoverflow.com/questions/57116578/in-kubernetes-what-is-deletecollection

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!