列出 K8s 中的所有 API 资源时,您会得到:
$ kubectl api-resources -owide
NAME SHORTNAMES APIGROUP NAMESPACED KIND VERBS
bindings true Binding [create]
componentstatuses cs false ComponentStatus [get list]
configmaps cm true ConfigMap [create delete deletecollection get list patch update watch]
endpoints ep true Endpoints [create delete deletecollection get list patch update watch]
events ev true Event [create delete deletecollection get list patch update watch]
limitranges limits true LimitRange [create delete deletecollection get list patch update watch]
namespaces ns false Namespace [create delete get list patch update watch]
nodes no false Node [create delete deletecollection get list patch update watch]
persistentvolumeclaims pvc true PersistentVolumeClaim [create delete deletecollection get list patch update watch]
persistentvolumes pv false PersistentVolume [create delete deletecollection get list patch update watch]
pods po true Pod [create delete deletecollection get list patch update watch]
podtemplates true PodTemplate [create delete deletecollection get list patch update watch]
replicationcontrollers rc true ReplicationController [create delete deletecollection get list patch update watch]
resourcequotas quota true ResourceQuota [create delete deletecollection get list patch update watch]
secrets true Secret [create delete deletecollection get list patch update watch]
serviceaccounts sa true ServiceAccount [create delete deletecollection get list patch update watch]
services svc true Service [create delete get list patch update watch]
mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration [create delete deletecollection get list patch update watch]
... etc ...
许多人列出了动词
deletecollection$ kubectl deletecollection
Error: unknown command "deletecollection" for "kubectl"
Run 'kubectl --help' for usage.
unknown command "deletecollection" for "kubectl"
我也无法在文档中找到它,除非它出现在上面的 api-resources 输出中或作为动词提及。
有办法删除收藏吗?
听起来,如果它确实做了我认为应该做的事情,那么它会比我通常最终执行的 grep/awk/xargs 序列更好。即删除某种类型的所有 pod。
动词
deletedeletecollection给出 API 文档中的一些示例:
DELETE /api/v1/namespaces/{namespace}/pods/{name}deletecollectionDELETE /api/v1/namespaces/{namespace}/podsDELETE /api/v1/namespaces/{namespace}/pods?labelSelector=someLabel%3dsomeValue关于 kubectl:您不能使用
deletecollectionkubectl相反,
kubectldeletedeletecollectionkubectl deletekubectl delete pod $POD_NAMEdeletekubectl delete pods -l $LABEL=$VALUEkubectl delete pods --alldeletecollectionDeleteCollection 它不是 kubectl 命令参数。
当 RBAC 处于活动状态时,它使用动词来定义您对一类 kubernetes 对象拥有的访问类型。
DeleteCollection 是 RBAC 角色定义中使用的动词,用于授权或不删除同类对象(例如 Pod、部署或服务)。
使用动词的 yaml 角色定义示例。
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: default
name: pod-admin
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["pods"]
verbs: ["get", "watch", "list","delete", "deletecollection"]