kubernetes-x/kubernetes-MD/kubernetes污点与容忍.md

3.5 KiB
Raw Blame History

kubernetes污点与容忍

著作:行癫 <盗版必究>


一:污点与容忍

对于nodeAffinity无论是硬策略还是软策略方式都是调度POD到预期节点上而Taints恰好与之相反如果一个节点标记为Taints ,除非 POD 也被标识为可以容忍污点节点,否则该 Taints 节点不会被调度pod比如用户希望把 Master 节点保留给 Kubernetes 系统组件使用,或者把一组具有特殊资源预留给某些 POD则污点就很有用了POD 不会再被调度到 taint 标记过的节点

1.将节点设置为污点

[root@master yaml]# kubectl taint node node-2  key=value:NoSchedule
node/node-2 tainted

查看污点:

[root@master yaml]# kubectl describe node node-1 | grep Taint
Taints:             <none>

2.去除节点污点

[root@master yaml]# kubectl taint node node-2 key=value:NoSchedule-
node/node-2 untainted

3.污点分类

NoSchedule:新的不能容忍的pod不能再调度过来但是之前运行在node节点中的Pod不受影响

NoExecute:新的不能容忍的pod不能调度过来老的pod也会被驱逐

PreferNoScheduler:表示尽量不调度到污点节点中去

4.使用

如果仍然希望某个 POD 调度到 taint 节点上,则必须在 Spec 中做出Toleration定义才能调度到该节点举例如下:

[root@master yaml]# kubectl taint node node-2 key=value:NoSchedule
node/node-2 tainted
[root@master yaml]# cat b.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: sss
spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: app
            operator: In
            values:
            - myapp
  containers:
  - name: with-node-affinity
    image: daocloud.io/library/nginx:latest
注意:node-2节点设置为污点,所以label定义到node-2,但是因为有污点所以调度失败,以下是新的yaml文件
[root@master yaml]# cat b.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sss-1
spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: app
            operator: In
            values:
            - myapp
  containers:
  - name: with-node-affinity
    image: daocloud.io/library/nginx:latest
  tolerations:
  - key: "key"
    operator: "Equal"
    value: "value"
    effect: "NoSchedule"

结果:旧的调度失败,新的调度成功

[root@master yaml]# kubectl get pod -o wide
NAME                 READY   STATUS    RESTARTS   AGE    IP            NODE     NOMINATED NODE   READINESS GATES
sss                  0/1     Pending   0          3m2s   <none>        <none>   <none>           <none>
sss-1                1/1     Running   0          7s     10.244.2.9    node-2   <none>           <none>

注意:

tolerations: #添加容忍策略

- key: "key1" #对应我们添加节点的变量名

operator: "Equal" #操作符

value: "value" #容忍的值 key1=value对应

effect: NoExecute #添加容忍的规则,这里必须和我们标记的五点规则相同

operator值是Exists则value属性可以忽略

operator值是Equal则表示key与value之间的关系是等于

operator不指定则默认为Equal