This is the 21st day of my participation in Gwen Challenge
18 Advanced Scheduling Settings
Node selectors: nodeselector, nodeName
NodeAffinity scheduling: nodeAffinity
18.1 Node selector
- Nodeselector is used to narrow the pre-selection. Nodes that are not selected by Nodeselector will be eliminated in the pre-selection phase
apiVersion: v1
kind: Pod
metadata:
name: pod-schedule-demo
namespace: default
labels:
app: myapp
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
nodeSelector:
gpu: ok
Copy the code- If no node has gpu tag, the POD will be suspended or Pending until the condition is met
kubectl label nodes node2 gpu=ok --overwrite
Copy the code- View the node on which the POD is scheduled. The POD is already scheduled to node2
kubectl get pods -o wide
Copy the code18.2 Affinity for a Node
Affinity definition, see: kubectl explain the pods. Spec. Affinity. NodeAffinity
- POD Defines affinity for a node
nodeAffinity <Object> # POD affinity for node
preferredDuringSchedulingIgnoredDuringExecution <[]Object> # Soft affinity requirements, try to meet the affinity
preference <Object> # affinity node object
matchExpressions <[]Object> # find expression
key <string> # label
operator <string> # Action: compare
values <[]string> # value
matchFields <[]Object> Select * from * where
key <string> # label
operator <string> # Action: compare
values <[]string> # value
weight <integer> # Weight 1-100
requiredDuringSchedulingIgnoredDuringExecution <Object> If hard affinity requirements are not met, Pending is set
nodeSelectorTerms <[]Object> # list of selector objects
matchExpressions <[]Object> # list of selector objects
key <string> # label
operator <string> # Action: compare
values <[]string> # value
matchFields <[]Object> Select * from * where
key <string> # label
operator <string> # Action: compare
values <[]string> # value
Copy the code- Sample configuration
apiVersion: v1
kind: Pod
metadata:
name: pod-nodeaffinity1-demo
namespace: default
labels:
app: myapp
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution: If the hard affinity requirement is not met, the Pending is Pending
nodeSelectorTerms:
- matchExpressions:
- key: zone
operator: In
values:
- foo
- bar
---
apiVersion: v1
kind: Pod
metadata:
name: pod-nodeaffinity2-demo
namespace: default
labels:
app: myapp
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution: # Soft compatibility requirements, not meet can also be paired
- preference:
matchExpressions:
- key: zone
operator: In
values:
- foo
- bar
weight: 50
Copy the code- Check out the results, Kubectl get Pods
NAME READY STATUS RESTARTS AGE
pod-nodeaffinity1-demo 0/1 Pending 0 6m16s # Hard compatibility requirements, no wait
pod-nodeaffinity2-demo 1/1 Running 0 7s # Soft affinity requirements, no suitable host can also make do
Copy the code18.3 Affinity for POD
POD and POD For efficient communication, it is necessary to organize POD and POD in the same machine, the same machine room, for example: LNMT is better if it can run on the same host.
-
To run a group of pods together, node affinity can be used. To do this, we need to: orchestrate the node labels so that pods that want to run together use the same set of tag selectors to select nodes. This approach requires managing node labels and POD affinity.
-
To run a group of pods together, using POD affinity, we can set the POD affinity for a POD, so for example: LNMT, MySQL and Tomcat can be set to be more compatible with the host or cabinet where Ngninx resides, so there must be a presupposition of how POD and POD are closest, what is the standard, that is, what is the same location, How can I know that nodes and nodes are in the same cabinet?
Therefore, the same labels can be attached to nodes in the same cabinet.
-
MySQL and Tomcat must not run with Nginx, this is anti-affinity.
- POD affinity for other POD, see: kubectl explain the pods. Spec. Affinity. PodAffinity
podAffinity <Object> # POD affinity for other PODS
preferredDuringSchedulingIgnoredDuringExecution <[]Object> # Soft affinity, try to meet affinity
podAffinityTerm <Object> # Affinity POD object
labelSelector <Object> # tag selector object list
matchExpressions <[]Object> # Tag selector object, select POD tag
key <string> # label
operator <string> # Action: compare
values <[]string> # value
matchLabels <map[string]string> # collection tag selector
namespaces <[]string> A list of namespaces
topologyKey <string> # Affinity judgment condition
weight <integer> # Weight 1-100
requiredDuringSchedulingIgnoredDuringExecution <[]Object> # Hard affinity, if not, Pending
labelSelector <Object> # tag selector object list
matchExpressions <[]Object> # Tag selector object, select POD tag
key <string> # label
operator <string> # Action: compare
values <[]string> # value
matchLabels <map[string]string> # collection tag selector
namespaces <[]string> A list of namespaces
topologyKey <string> # Affinity judgment condition
Copy the code- Sample configuration
apiVersion: v1
kind: Pod
metadata:
name: pod1
namespace: default
labels:
app: myapp
tier: frontend
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
---
apiVersion: v1
kind: Pod
metadata:
name: pod2
namespace: default
labels:
app: db
tier: db
spec:
containers:
- name: busybox
image: busybox:latest
imagePullPolicy: IfNotPresent
command:
- "sh"
- "-c"
- "sleep 3600"
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution: # Hard affinity requirements are not met Pending
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- myapp
topologyKey: kubernetes.io/hostname Affinity is based on the same host name
Copy the code- Check the results, Kubectl get Pods-o Wide
NAME READY STATUS RESTARTS AGE IP NODE NODE READINESS GATES POd1 1/1 Running 0 3m33s 10.244.2.4node3 < None > <none> Pod2 1/1 Running 0 3m33s 10.244.2.5node3 <none> <none>Copy the code18.4 Anti-affinity for PODS
- POD for other POD of affinity, see: kubectl explain the pods. Spec. Affinity. PodAntiAffinity
podAntiAffinity <Object> # POD anti-affinity for other PODS
preferredDuringSchedulingIgnoredDuringExecution <[]Object> # Soft anti-affinity, try to meet affinity
podAffinityTerm <Object> # antiaffinity POD object
labelSelector <Object> # tag selector object list
matchExpressions <[]Object> # Tag selector object, select POD tag
key <string> # label
operator <string> # Action: compare
values <[]string> # value
matchLabels <map[string]string> # collection tag selector
namespaces <[]string> A list of namespaces
topologyKey <string> # Affinity judgment condition
weight <integer> # Weight 1-100
requiredDuringSchedulingIgnoredDuringExecution <[]Object> # Hard anti-affinity, if not, Pending
labelSelector <Object> # tag selector object list
matchExpressions <[]Object> # Tag selector object, select POD tag
key <string> # label
operator <string> # Action: compare
values <[]string> # value
matchLabels <map[string]string> # collection tag selector
namespaces <[]string> A list of namespaces
topologyKey <string> # Affinity judgment condition
Copy the code- Configuration list
apiVersion: v1
kind: Pod
metadata:
name: pod3
namespace: default
labels:
app: myapp
tier: frontend
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
---
apiVersion: v1
kind: Pod
metadata:
name: pod4
namespace: default
labels:
app: db
tier: db
spec:
containers:
- name: busybox
image: busybox:latest
imagePullPolicy: IfNotPresent
command:
- "sh"
- "-c"
- "sleep 3600"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution: # Hard affinity requirements are not met Pending
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- myapp
topologyKey: kubernetes.io/hostname # The anti-affinity is based on the same host name
Copy the code18.5 the node stain
Taints are only available in nodes’ key-valued properties, which reject pods that don’t tolerate them. Therefore, tolerations (Pods.spec.tolerations) are defined on the pods, which are also key-valued data, and are a list. Represents a list of stains that POD can tolerate.
Whether a POD can run on a node is whether the pods.spec.tolerations list includes data from Nodes.spec. taints.
- Kubectl explain node.spec.taints
taints <[]Object> # List of smudge objects
effect <string> # The action to take when POD cannot tolerate the stain, that is, reject POD that does not tolerate the stain
NoSchedule The scheduling process is affected, but the POD is not affected after the scheduling is completed
PreferNoSchedule # Affect the scheduling process to try to expel pods that have already been scheduled but do not tolerate new stains
NoExecute # New stains affect the new scheduling process, and forcefully expel pods that have already been scheduled but do not tolerate new stains
key <string> # key
timeAdded <string> #
value <string> # value
Copy the code- Smudge the node with the key node-type value production and the smudge action
kubectl taint node node2 node-type=production:NoSchedule
Copy the code- Remove a stain on node
kubectl taint node node2 node-type-
Copy the code- Test listing
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 4
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
labels:
app: myapp
release: canary
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v2
ports:
- name: http
containerPort: 80
Copy the code- See the result, Kubectl get Pods-o wide, because POD is not defined to tolerate node2 smudges
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp-deploy-675558bfc5-4x5cf 1/ 1 Running 0 9s 10.2442.13. node3 <none> <none>
myapp-deploy-675558bfc5-58f2s 1/ 1 Running 0 9s 10.2442.10. node3 <none> <none>
myapp-deploy-675558bfc5-gz4kv 1/ 1 Running 0 9s 10.2442.12. node3 <none> <none>
myapp-deploy-675558bfc5-hlxdd 1/ 1 Running 0 9s 10.2442.11. node3 <none> <none>
Copy the code- At this point, stain Node3 as well, and expel the original POD
kubectl taint node node3 node-type=dev:NoExecute
Copy the code- Kubectl get Pods-o wide, pods are suspended because the stain added to Node3 evicts pods that cannot tolerate stains
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp-deploy-675558bfc5-22wpj 0/1 Pending 0 10s <none> <none> <none> <none>
myapp-deploy-675558bfc5-lctv5 0/1 Pending 0 14s <none> <none> <none> <none>
myapp-deploy-675558bfc5-m5qdh 0/1 Pending 0 15s <none> <none> <none> <none>
myapp-deploy-675558bfc5-z8c4q 0/1 Pending 0 14s <none> <none> <none> <none>
Copy the code18.6 POD stain tolerance
- POD tolerations, see Kubectl explain Pods.spec. Tolerations
tolerations <[]Object> # Tolerance targets
effect <string> # Can you tolerate any stain ejection policies on Node? If empty, it tolerates any ejection policies
NoSchedule NoSchedule can tolerate node stains
PreferNoSchedule PreferNoSchedule that can tolerate node stains
NoExecute NoExecute can tolerate node stains
key <string> # Smudge key
operator <string> Regardless of the value, the Equal stain must have the same value
tolerationSeconds <integer> # tolerance time, that is, if expelled, how long can wait before leaving, default 0 seconds, NoExecute used
value <string> # Smudge value
Copy the code- Smudge Node2 and Node3 respectively
kubectl taint node node2 node-type=production:NoSchedule
kubectl taint node node3 node-type=dev:NoExecute
Copy the code- Define a POD manifest file that tolerates the presence of a node with a node-type value of dev and accepts ejection.
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 4
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
labels:
app: myapp
release: canary
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v2
ports:
- name: http
containerPort: 80
tolerations:
- key: node-type
operator: Equal
value: dev
effect: NoExecute
Copy the code- Kubectl get Pods-o wide runs on nodes that tolerate smudges
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp-deploy-97578cf74-5v2r6 1/ 1 Running 0 6m22s 10.2442.16. node3 <none> <none>
myapp-deploy-97578cf74-gbfj7 1/ 1 Running 0 6m22s 10.2442.14. node3 <none> <none>
myapp-deploy-97578cf74-l4lbv 1/ 1 Running 0 6m22s 10.2442.15. node3 <none> <none>
myapp-deploy-97578cf74-zvn8f 1/ 1 Running 0 6m20s 10.2442.17. node3 <none> <none>
Copy the code- Add a new stain to the node and set the drive off POD
kubectl taint node node3 disk=hdd:NoExecute --overwrite
Copy the code- Kubectl get Pods-o wide, POD can’t tolerate new stains, result is expelled
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp-deploy-97578cf74-84bfz 0/1 Pending 0 6s <none> <none> <none> <none>
myapp-deploy-97578cf74-fxk2d 0/1 Pending 0 5s <none> <none> <none> <none>
myapp-deploy-97578cf74-jp99j 0/1 Pending 0 6s <none> <none> <none> <none>
myapp-deploy-97578cf74-vdkbx 0/1 Pending 0 6s <none> <none> <none> <none>
Copy the codeother
Send your notes to: github.com/redhatxl/aw… Welcome one button three links