Filtering Kubernetes Resources using Labels, Annotations, and Selectors
Last updated on 05 September, 2024You can use labels, annotations, and selectors to manage metadata attached to your Kubernetes objects. Labels and annotations define the data, and selectors are used for filtering data and for creating dynamic groups.
Labels
Labels are a type of metadata that you can attach to Kubernetes objects such as pods and services in the form of key-value pairs. Labels are intended to be used to specify identifying attributes of objects that are meaningful and relevant to users but do not directly imply semantics to the core system. Labels can be used to organize and select subsets of objects. Labels can be attached to objects at creation time and subsequently added and modified at any time. Each object can have a set of key/value labels defined. Each Key must be unique for a given object. For more information, see the official Kubernetes documentation on Labels and Selectors.
Following is the sample for adding labels to the Kubernetes resources.
Sample:
Labels:
app=argus
pod-template-hash=b7c9bdf5
In LogicMonitor, labels are displayed as resource properties in the following format:kubernetes.label.<key>:<value>
Annotations
Annotations are used to store arbitrary, non-identifying information about objects. You may use annotations to gather additional context about objects that you are investigating, such as the name of the team that developed the service. Unlike labels, you cannot use annotations in selectors to identify a subset of resources.
For more information, see the official Kubernetes documentation on Annotations.
Following is an example for adding annotations to Kubernetes resources:
Sample:
Annotations:
testAnnotation: annotationValue
In LogicMonitor, annotations are displayed as resource properties in the following format:kubernetes.annotation.<key>:<value>
Selectors
Selectors are used to identify objects tagged with particular labels in Kubernetes. You can use selectors to group the relevant resources. For example, you can use selectors to map the pods that share the same label for a service. For more information, see the official Kubernetes documentation on Labels and Selectors.
Following are the types of selectors that are set on various resources:
- nodeSelectors: Allows you to schedule a Pod onto a node whose labels match the nodeSelector labels that you have specified. For more information see Kubernetes documentation for nodeSelector.
- podSelectors: Selects the grouping of pods to which the policy applies. The example policy selects pods with the label “role=db”. An empty podSelector selects all pods in the namespace. For more information, see Kubernetes documentation for podSelector.
- LabelSelectors: To add labels to filter resources. For more information, see the LabelSelectors section.
Label Selectors
LabelSelectors enable you to identify the objects you have tagged with particular labels. There are two types of LabelSelectors:
matchLabels
matchLabels consists of key, and value pairs where the values are matched using equality-based requirements that allow filtering by label keys and values.
matchExpressions
matchExpressions consists of a key, operator, and values Set-based label requirements allow filtering keys according to a set of values.
MatchExpressions contain the following Operators
- IN
- NOTIN
- EXISTS
- DOESNOTEXISTS
Selector Properties
There are two selector formats:
kubernetes.spec.selector
(CSV format): For filtering resources with comma-separated format and for using kubectl.
E.g.:kubectl get pods -l 'abc=xyz, mno=prq'
kubernetes.spec.selector.appliesto
(Expression format): For creating custom queries for dynamic groups.
Examples
The following example illustrates the use of labels, annotations, and selectors.
Viewing Labels and Selectors for Kubernetes Resources
To view the properties information in the LogicMonitor portal, navigate to Resources > Devices > select the required device > Info tab.
Filtering the Kubernetes Resources
You can use the following property to filter Kubernetes resources that are available in the LogicMonitor portal:
- kubernetes.spec.selector: You can filter resources using the kubectl command.
Creating Dynamic groups using Selector
You can create dynamic groups by using kubernetes.spec.selector.appliesto property, complete the following steps. For more information on dynamic groups, see Auto-assign Devices.
- Navigate to Resources > Add > Group > Add Device Group.
- Enter the name and description of the device group.
- Enable the Auto-assign devices checkbox.
- Select custom query and enter the following:
kubernetes.label.app == “argus”
For more information on updating or adding expressions, see AppliesTo Scripting Syntax.
The applied selector filters the “argus” resources. You can also use this selector to filter Kubernetes resources.
Creating Dynamic Groups using Labels
You can create a dynamic group for Kubernetes resources using labels. For more information on dynamic groups, see Auto-assign Devices.
- Navigate to Resources > Add > Group > Add Device Group.
- Enter the name and description of the device group.
- Enable the Auto-assign devices checkbox.
- Select custom query and enter the following:
Kubernetes.labels.component == etcd
Creating Dynamic Groups using Annotations
You can create a dynamic group for Kubernetes resources using annotations. For more information on dynamic groups, see Auto-assign Devices.
- Navigate to Resources > Add > Group > Add Device Group.
- Enter the name and description of the device group.
- Enable the Auto-assign devices checkbox.
- Select custom query and enter the following:
kubernetes.annotation.agentVersion” and a value of “azure-mdsd-1.17.0
Note: If you want to modify or create filters, see Applying Filters while Monitoring Kubernetes Resources.