吴桥做网站,优秀的wordpress主题,购物网站如何做,重庆公司网站 技术支持目录
node调度策略nodeName和nodeSelector
指定nodeName
指定nodeSelector
node亲和性
node节点亲和性
硬亲和性
软亲和性
污点与容忍度 本文主要介绍了在pod中#xff0c;与node相关的调度策略#xff0c;亲和性#xff0c;污点与容忍度等的内容
node调度策略node…目录
node调度策略nodeName和nodeSelector
指定nodeName
指定nodeSelector
node亲和性
node节点亲和性
硬亲和性
软亲和性
污点与容忍度 本文主要介绍了在pod中与node相关的调度策略亲和性污点与容忍度等的内容
node调度策略nodeName和nodeSelector
在创建pod等资源时可以通过调整字段进行node调度指定资源调度到满足何种条件的node
指定nodeName
vim testpod1.yaml
apiVersion: v1
kind: Pod
metadata:name: testpod1namespace: default labels:app: tomcat
spec:nodeName: ws-k8s-node1 #增加字段将这个pod调度到node1containers: - name: testimage: docker.io/library/tomcatimagePullPolicy: IfNotPresent
kubectl apply -f testpod1.yaml
kubectl get pods #可以看到已经调度到node1上了
testpod1 1/1 Running 0 116s 10.10.179.9 ws-k8s-node1 none none指定nodeSelector
vim testpod2.yaml
apiVersion: v1
kind: Pod
metadata:name: testpod2namespace: default labels:app: tomcat
spec:nodeSelector: #添加nodeSelector选项admin: ws #调度到具有adminws标签的node上containers: - name: testimage: docker.io/library/tomcatimagePullPolicy: IfNotPresent
kubectl apply -f testpod2.yaml
但因为我没有adminws标签的node所以应用后pod处于pending状态#现在我给node1的节点打个标签
#kubectl --help | grep -i label
#kubectl label --help
Examples:# Update pod foo with the label unhealthy and the value true#kubectl label pods foo unhealthytrue
kubectl label nodes ws-k8s-node1 adminws
#node/ws-k8s-node1 labeled
#调度情况恢复正常
kubectl get pods | grep testpod2
testpod2 1/1 Running 0 11m
#删除node标签
kubectl label nodes ws-k8s-node1 admin-
#删除testpod2
kubectl delete pods testpod2如果同时使用nodeName和nodeSelector则会报错亲和性错误无法正常部署 如果nodeName和nodeSelector指定的node同时满足这两项的条件就可以部署 node亲和性 亲和性在Kubernetes中起着重要作用通过定义规则和条件它允许我们实现精确的Pod调度、资源优化、高性能计算以及容错性和可用性的增强。通过利用亲和性我们可以更好地管理和控制集群中的工作负载并满足特定的业务需求。
#查看帮助
kubectl explain pods.spec.affinity
RESOURCE: affinity Object
DESCRIPTION:If specified, the pods scheduling constraintsAffinity is a group of affinity scheduling rules.
FIELDS:nodeAffinity Object #node亲和性Describes node affinity scheduling rules for the pod.podAffinity Object #pod亲和性Describes pod affinity scheduling rules (e.g. co-locate this pod in thesame node, zone, etc. as some other pod(s)).podAntiAffinity Object #pod反亲和性Describes pod anti-affinity scheduling rules (e.g. avoid putting this podin the same node, zone, etc. as some other pod(s)).node节点亲和性
在创建pod时会根据nodeaffinity来寻找最适合该pod的条件的node
#查找帮助
kubectl explain pods.spec.affinity.nodeAffinity
KIND: Pod
VERSION: v1
RESOURCE: nodeAffinity Object
DESCRIPTION:Describes node affinity scheduling rules for the pod.Node affinity is a group of node affinity scheduling rules.
FIELDS:preferredDuringSchedulingIgnoredDuringExecution []ObjectrequiredDuringSchedulingIgnoredDuringExecution Object#软亲和性如果所有都不满足条件也会找一个节点将就
preferredDuringSchedulingIgnoredDuringExecution
#硬亲和性必须满足如果不满足则不找节点宁缺毋滥
requiredDuringSchedulingIgnoredDuringExecution
硬亲和性
kubectl explain pods.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution
#nodeSelectorTerms []Object -required-
# Required. A list of node selector terms. The terms are ORed.
kubectl explain pods.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms
FIELDS:matchExpressions []Object #匹配表达式A list of node selector requirements by nodes labels.matchFields []Object #匹配字段A list of node selector requirements by nodes fields.
#匹配表达式
kubectl explain pods.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms.matchExpressions
key string -required-
operator string -required-
values []string
#可用operator- DoesNotExist- Exists- Gt- In- Lt- NotIn#
vim ying-pod.yaml
apiVersion: v1
kind: Pod
metadata:name: ying-podlabels:app: tomcatuser: ws
spec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: name #去找keynameopertor: In # name ws或wws values:- ws- wss containers:- name: test1namespace: defaultimage: docker.io/library/tomcatimagePullPolicy: IfNotPresentkubectl apply -f ying-pod.yaml
#需要namews或namewws但是没有节点有标签而且是硬亲和
#所以pod会处于pending状态
kubectl get pods | grep ying
ying-pod 0/1 Pending 0 15m
#修改node标签
kubectl label nodes ws-k8s-node1 namews
#开始构建并且已经到node1节点了
kubectl get pod -owide | grep ying
ying-pod 0/1 ContainerCreating 0 80s none ws-k8s-node1 none none
#删除标签
kubectl label nodes ws-k8s-node1 name-软亲和性
vim ruan-pod.yaml
apiVersion: v1
kind: Pod
metadata:name: ruan-podnamespace: default
spec:containers:- name: testimage: docker.io/library/alpineimagePullPolicy: IfNotPresentaffinity:nodeAffinity:preferredDuringSchedulingIgnoredDuringExecution: #必选preference和weight- preference:matchExpressions:- key: nameoperate: In #还有ExistsGtLtNotIn等values:- wsweight: 50 #软亲和性有“权重”说法权重更高的更优先范围1-100- preference:matchExpressions:- key: nameoperate: Invalues:- wwsweight: 70 #设置的比上面的高用以做测试
kubectl apply -f ruan-pod.yaml#不满足条件所以随机找一个进行调度能看到调度到了node2上
kubectl get pod -owide | grep ruan
ruan-pod 0/1 ContainerCreating 0 3m24s none ws-k8s-node2 none none#修改node1的标签namews
kubectl label nodes ws-k8s-node1 namews
kubectl delete -f ruan-pod.yaml #删除再重新创建
kubectl apply -f ruan-pod.yaml
kubectl get pods -owide | grep ruan #调整到了node1上
ruan-pod 0/1 ContainerCreating 0 2s none ws-k8s-node1 none none#修改node2的标签namewws此时node2权重比node1高
kubectl label nodes ws-k8s-node2 namewss
kubectl delete -f ruan-pod.yaml
kubectl apply -f ruan-pod.yaml
kubectl get pods -owide | grep ruan #没有变化还在node1
ruan-pod 0/1 ContainerCreating 0 4m29s none ws-k8s-node1 none none
#因为yaml的匹配顺序已经匹配到了namews如果没有另外标签不同的则不会变化#修改ruan-pod.yaml
...- preference:matchExpressions:- key: nameoperator: Invalues:- wsweight: 50- preference:matchExpressions:- key: namesoperator: Invalues:- wwsweight: 70
...
#添加node2标签name1wws权重比node1高且标签key不同
kubectl label nodes ws-k8s-node2 nameswws
kubectl delete -f ruan-pod.yaml
kubectl apply -f ruan-pod.yaml
kubectl get po -owide | grep ruan #可以看到ruan-pod已经回到了node2上
ruan-pod 0/1 ContainerCreating 0 3m47s none ws-k8s-node2 none none#清理环境
kubectl label nodes ws-k8s-node1 name-
kubectl label nodes ws-k8s-node2 names-
kubectl delete -f ruan-pod.yaml
kubectl delete -f ying-pod.yaml --fore --grace-period0 #强制删除污点与容忍度 污点类似于标签可以给node打taints如果pod没有对node上的污点有容忍那么就不会调度到该node上。 在创建pod时可以通过tolerations来定义pod对于污点的容忍度
#查看node上的污点
#master节点是默认有污点
kubectl describe node ws-k8s-master1 | grep -i taint
Taints: node-role.kubernetes.io/control-plane:NoSchedule
#node默认没有污点
kubectl describe node ws-k8s-node1 | grep -i taint
Taints: none#kubectl explain nodes.spec.taints查看帮助
kubectl explain nodes.spec.taints.effect
1.NoExecute
对已调度的pod不影响仅对新需要调度的pod进行影响
2.NoSchedule
对已调度和新调度的pod都会有影响
3.PreferNoSchedule
软性的NoSchedule就算不满足条件也可以调度到不容忍的node上#查看当前master节点pod容忍情况
kubectl get pods -n kube-system -owide
kubectl describe pods kube-proxy-bg7ck -n kube-system | grep -i tolerations -A 10
Tolerations: opExistsnode.kubernetes.io/disk-pressure:NoSchedule opExistsnode.kubernetes.io/memory-pressure:NoSchedule opExistsnode.kubernetes.io/network-unavailable:NoSchedule opExistsnode.kubernetes.io/not-ready:NoExecute opExistsnode.kubernetes.io/pid-pressure:NoSchedule opExistsnode.kubernetes.io/unreachable:NoExecute opExistsnode.kubernetes.io/unschedulable:NoSchedule opExists
Events: none#给node1打一个污点使其不接受
kubectl taint node ws-k8s-node1 userws:NoSchedule
#创建wudian.yaml进行测试
cat wudian.yaml EOF
apiVersion: v1
kind: Pod
metadata:name: wudain-podnamespace: defaultlabels:app: app1
spec:containers:- name: wudian-podimage: docker.io/library/tomcatimagePullPolicy: IfNotPresent
EOF
kubectl apply -f wudian.yaml
#wudian-pod调度到了node2
kubectl get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
wudain-pod 1/1 Running 0 18s 10.10.234.72 ws-k8s-node2 none none
#给node2添加污点
kubectl taint node ws-k8s-node2 userxhy:NoExecute
#再查看发现wudain-pood已经被删除
kubectl get pods -owide
No resources found in default namespace.
#再次创建变成离线状态
kubectl apply -f wudian.yaml
kubectl get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
wudain-pod 0/1 Pending 0 3s none none none none#查看当前node污点状态
kubectl describe node ws-k8s-node1 | grep -i taint
Taints: userws:NoSchedule
kubectl describe node ws-k8s-node2 | grep -i taint
Taints: userxhy:NoExecute#创建带有容忍度的pod wudian2.yaml
cat wudian2.yaml EOF
apiVersion: v1
kind: Pod
metadata:name: wudain2-podnamespace: defaultlabels:app: app1
spec:containers:- name: wudian2-podimage: docker.io/library/tomcatimagePullPolicy: IfNotPresenttolerations: #容忍度- key: useroperator: Equal #equal表示等于exists代表存在value: ws #根据字段表示能容忍userws的污点
#如果operator为exists且value为空则代表容忍所有key相同的effect: NoSchedule #需要准确匹配容忍等级如果不匹配则不会生效
# tolerationSeconds: 1800 effect为NoExecute时才能使用表示容忍污染的时间默认是0即永远容忍
EOF
#现在wudian2是能容忍node1的污点的
kubectl apply -f wudian2.yaml
kubectl get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
wudain-pod 0/1 Pending 0 21m none none none none
wudain2-pod 1/1 Running 0 15s 10.10.179.13 ws-k8s-node1 none none#创建带有容忍度的pod wudian3.yaml
cat wudian3.yaml EOF
apiVersion: v1
kind: Pod
metadata:name: wudain3-podnamespace: defaultlabels:app: app1
spec:containers:- name: wudian3-podimage: docker.io/library/tomcatimagePullPolicy: IfNotPresenttolerations: #容忍度- key: useroperator: Exists #equal表示等于exists代表存在value: #根据字段表示能容忍userws的污点
#如果operator为exist且value为空则代表容忍所有key相同的effect: NoExecute #需要准确匹配容忍等级如果不匹配则不会生效tolerationSeconds: 1800 #effect为NoExecute时才能使用表示容忍污染的时间默认是0即永远容忍
EOF
kubectl apply -f wudian3.yaml
#wudian3运行在node2上
kubectl get pods -owide | grep -i node2
wudain3-pod 1/1 Running 0 59s 10.10.234.73 ws-k8s-node2 none none#清理环境
kubectl delete -f wudian.yaml
kubectl delete -f wudian2.yaml
kubectl delete -f wudian3.yaml
kubectl taint node ws-k8s-node1 user-
kubectl taint node ws-k8s-node2 user-
