kubernetes-x/MD/kubernetes污点与容忍.md

124 lines
3.5 KiB
Markdown
Raw Normal View History

2023-10-29 13:37:39 +08:00
<h1><center>kubernetes污点与容忍</center></h1>
著作:行癫 <盗版必究>
------
## 一:污点与容忍
对于nodeAffinity无论是硬策略还是软策略方式都是调度POD到预期节点上而Taints恰好与之相反如果一个节点标记为Taints ,除非 POD 也被标识为可以容忍污点节点,否则该 Taints 节点不会被调度pod比如用户希望把 Master 节点保留给 Kubernetes 系统组件使用,或者把一组具有特殊资源预留给某些 POD则污点就很有用了POD 不会再被调度到 taint 标记过的节点
#### 1.将节点设置为污点
```shell
[root@master yaml]# kubectl taint node node-2 key=value:NoSchedule
node/node-2 tainted
```
查看污点:
```shell
[root@master yaml]# kubectl describe node node-1 | grep Taint
Taints: <none>
```
#### 2.去除节点污点
```shell
[root@master yaml]# kubectl taint node node-2 key=value:NoSchedule-
node/node-2 untainted
```
#### 3.污点分类
NoSchedule:新的不能容忍的pod不能再调度过来但是之前运行在node节点中的Pod不受影响
NoExecute:新的不能容忍的pod不能调度过来老的pod也会被驱逐
PreferNoScheduler:表示尽量不调度到污点节点中去
#### 4.使用
如果仍然希望某个 POD 调度到 taint 节点上,则必须在 Spec 中做出Toleration定义才能调度到该节点举例如下:
```shell
[root@master yaml]# kubectl taint node node-2 key=value:NoSchedule
node/node-2 tainted
[root@master yaml]# cat b.yaml
apiVersion: v1
kind: Pod
metadata:
name: sss
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app
operator: In
values:
- myapp
containers:
- name: with-node-affinity
image: daocloud.io/library/nginx:latest
注意:node-2节点设置为污点,所以label定义到node-2,但是因为有污点所以调度失败,以下是新的yaml文件
[root@master yaml]# cat b.yaml
apiVersion: v1
kind: Pod
metadata:
name: sss-1
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: app
operator: In
values:
- myapp
containers:
- name: with-node-affinity
image: daocloud.io/library/nginx:latest
tolerations:
- key: "key"
operator: "Equal"
value: "value"
effect: "NoSchedule"
```
结果:旧的调度失败,新的调度成功
```shell
[root@master yaml]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
sss 0/1 Pending 0 3m2s <none> <none> <none> <none>
sss-1 1/1 Running 0 7s 10.244.2.9 node-2 <none> <none>
```
注意:
tolerations: #添加容忍策略
\- key: "key1" #对应我们添加节点的变量名
operator: "Equal" #操作符
value: "value" #容忍的值 key1=value对应
effect: NoExecute #添加容忍的规则,这里必须和我们标记的五点规则相同
operator值是Exists则value属性可以忽略
operator值是Equal则表示key与value之间的关系是等于
operator不指定则默认为Equal