如何强制Pods / Deployments到主节点?

时间:2017-02-02 10:29:24

标签: kubernetes

我已经设置了一个Kubernetes 1.5群集,其中三个主节点被污染了 dedicated = master:NoSchedule 。现在我只想在主节点上部署Nginx入口控制器,所以我增加了容忍度:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
    […]

不幸的是,这没有达到预期的效果:Kubernetes安排工人的所有Pod。将副本数量扩展到更大的数量时,Pod也会部署在工作人员上。

如何才能实现对主节点的调度?

感谢您的帮助。

3 个答案:

答案 0 :(得分:19)

容忍意味着必须在具有此类污点的节点上安排pod。这意味着pod 容忍这样的污点。如果您希望您的pod "吸引" 到特定节点,您需要将标签附加到您的专用=主要受污染节点并设置nodeSelector in用于寻找此类标签的吊舱。

将标签贴在每个特殊用途节点上:

kubectl label nodes name_of_your_node dedicated=master

Kubernetes 1.6及以上语法

将nodeSelector添加到您的pod:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
    spec:
      nodeSelector:
        dedicated: master
      tolerations:
      - key: dedicated
        operator: Equal
        value: master
        effect: NoSchedule
    […]

如果您不喜欢nodeSelector,可以在affinity:下添加spec:代替:

affinity:
  nodeAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      nodeSelectorTerms:
        matchExpressions:
        - key: dedicated
          operator: Equal
          values: ["master"]

Pre 1.6语法

将nodeSelector添加到您的pod:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
      nodeSelector:
        dedicated: master
    […]

如果你不喜欢nodeSelector,你也可以添加这样的注释:

scheduler.alpha.kubernetes.io/affinity: >
  {
    "nodeAffinity": {
      "requiredDuringSchedulingIgnoredDuringExecution": {
        "nodeSelectorTerms": [
          {
            "matchExpressions": [
              {
                "key": "dedicated",
                "operator": "Equal",
                "values": ["master"]
              }
            ]
          }
        ]
      }
    }
  }

请记住,NoSchedule不会驱逐已安排的播客。

上述信息来自https://kubernetes.io/docs/user-guide/node-selection/,其中有更多详细信息。

答案 1 :(得分:0)

您可能想深入了解Assigning Pods to Nodes文档。基本上你应该为你的节点添加一些标签,如下所示:

kubectl label nodes <node-name> <label-key>=<label-value>

然后在你的Pod规范中引用它:

apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  containers:
  - name: nginx
    image: nginx
  nodeSelector:
    label: value

但是当特定节点被污染时,我不确定这是否适用于非关键插件。可以找到更多详细信息here

答案 2 :(得分:0)

  tolerations:
  - key: node-role.kubernetes.io/master
    effect: NoSchedule
相关问题
最新问题