k8s中,一.pod污点,二.pod容器污点容忍策略,三.pod优先级(PriorityClass类)

复制代码
一.pod污点:污点是让节点与pod产生排斥的一类规则

	污点标签的命令
		1.查看污点标签
			kubectl describe nodes 节点名
		2.设置污点标签
			kubectl taint node 节点名 key值=value值:污点标签种类
		3.删除污点标签
			kubectl taint node 节点名 key值=value值:污点标签种类-
		4.污点标签种类
			驱逐:NoExecute		//同时影响新Pod的调度和已存在Pod的运行状态
			不调度:NoSchedule 		//仅影响新Pod的调度,对已存在的Pod无影响。
			尽量不调度:PreferNoSchedule  //对新Pod的调度有一定影响,但并非强制性的,已存在的Pod不会受到影响。


二.pod容器污点容忍策略(tolerations):无视污点标签的限制

	1.容忍污点标签精确匹配键值对
		---
		kind: Pod
		apiVersion: v1
		metadata:
		  name: myphp
		spec:
		  tolerations:
		  - operator: Equal      # 完全匹配键值对(Equal,Exists)
		    key: k               # 键
		    value: v1            # 值
		    effect: NoSchedule   # 污点标签
		  containers:
		  - name: php
		    image: myos:php-fpm
		    resources:
		      requests:
		        cpu: 1200m

	2.容忍污点标签模糊匹配键值对
		---
		kind: Pod
		apiVersion: v1
		metadata:
		  name: myphp
		spec:
		  tolerations:
		  - operator: Exists     # 部分匹配,存在即可
		    key: k               # 键
		    effect: NoSchedule   # 污点标签
		  containers:
		  - name: php
		    image: myos:php-fpm
		    resources:
		      requests:
		        cpu: 1200m

	3.容忍所有污点标签
		---
		kind: Pod
		apiVersion: v1
		metadata:
		  name: myphp
		spec:
		  tolerations:
		  - operator: Exists     # 模糊匹配
		    key: k               # 键
		    effect: ""           # 设置空或删除,代表所有污点标签
		  containers:
		  - name: php
		    image: myos:php-fpm
		    resources:
		      requests:
		        cpu: 1200m
		

三.pod优先级(PriorityClass类):优先保证重要的pod被调度运行

	1.优先级策略,value值越大资源分配越优先
		抢占优先策略:PreemptLowerPriority(强行抢夺)(高的会马上把低的干掉,自己占用资源)
		非抢占优先策略(优先):Never(插队,银行的会员卡非抢占优先)(排队执行,高的等待上一个资源执行完)
		
	
	2.优先级类资源文件编写
		文件生成:kubectl create priorityclass --help
		查看优先级:kubectl get pc
		---
		kind: PriorityClass
		apiVersion: scheduling.k8s.io/v1
		metadata:
		  name: high-non
		preemptionPolicy: Never
		value: 1000
		
		---
		kind: PriorityClass
		apiVersion: scheduling.k8s.io/v1
		metadata:
		  name: low-non
		preemptionPolicy: Never
		value: 500
	
	3.pod容器使用优先级类(priorityClassName)
		将三个资源运行在一个节点上,模拟资源抢占
		# 无优先级的 Pod
		[root@master ~]# vim php1.yaml 
		---
		kind: Pod
		apiVersion: v1
		metadata:
		  name: php1
		spec:
		  nodeSelector:
		    kubernetes.io/hostname: node-0003
		  containers:
		  - name: php
		    image: myos:php-fpm
		    resources:
		      requests:
		        cpu: "1200m"
		
		# 低优先级 Pod
		[root@master ~]# vim php2.yaml 
		---
		kind: Pod
		apiVersion: v1
		metadata:
		  name: php2
		spec:
		  nodeSelector:
		    kubernetes.io/hostname: node-0003
		  priorityClassName: low-non      # 优先级名称
		  containers:
		  - name: php
		    image: myos:php-fpm
		    resources:
		      requests:
		        cpu: "1200m"
		
		# 高优先级 Pod
		[root@master ~]# vim php3.yaml 
		---
		kind: Pod
		apiVersion: v1
		metadata:
		  name: php3
		spec:
		  nodeSelector:
		    kubernetes.io/hostname: node-0003
		  priorityClassName: high-non     # 优先级名称
		  containers:
		  - name: php
		    image: myos:php-fpm
		    resources:
		      requests:
		        cpu: "1200m"

k8s

一.pod污点:污点是让节点与pod产生排斥的一类规则

污点标签的命令

1.查看污点标签

kubectl describe nodes 节点名

2.设置污点标签

kubectl taint node 节点名 key值=value值:污点标签种类

3.删除污点标签

kubectl taint node 节点名 key值=value值:污点标签种类-

4.污点标签种类

驱逐:NoExecute //同时影响新Pod的调度和已存在Pod的运行状态

不调度:NoSchedule //仅影响新Pod的调度,对已存在的Pod无影响。

尽量不调度:PreferNoSchedule //对新Pod的调度有一定影响,但并非强制性的,已存在的Pod不会受到影响。

二.pod容器污点容忍策略(tolerations):无视污点标签的限制

1.容忍污点标签精确匹配键值对


kind: Pod

apiVersion: v1

metadata:

name: myphp

spec:

tolerations:

  • operator: Equal # 完全匹配键值对(Equal,Exists)

key: k # 键

value: v1 # 值

effect: NoSchedule # 污点标签

containers:

  • name: php

image: myos:php-fpm

resources:

requests:

cpu: 1200m

2.容忍污点标签模糊匹配键值对


kind: Pod

apiVersion: v1

metadata:

name: myphp

spec:

tolerations:

  • operator: Exists # 部分匹配,存在即可

key: k # 键

effect: NoSchedule # 污点标签

containers:

  • name: php

image: myos:php-fpm

resources:

requests:

cpu: 1200m

3.容忍所有污点标签


kind: Pod

apiVersion: v1

metadata:

name: myphp

spec:

tolerations:

  • operator: Exists # 模糊匹配

key: k # 键

effect: "" # 设置空或删除,代表所有污点标签

containers:

  • name: php

image: myos:php-fpm

resources:

requests:

cpu: 1200m

三.pod优先级(PriorityClass类):优先保证重要的pod被调度运行

1.优先级策略,value值越大资源分配越优先

抢占优先策略:PreemptLowerPriority(强行抢夺)(高的会马上把低的干掉,自己占用资源)

非抢占优先策略(优先):Never(插队,银行的会员卡非抢占优先)(排队执行,高的等待上一个资源执行完)

2.优先级类资源文件编写

文件生成:kubectl create priorityclass --help

查看优先级:kubectl get pc


kind: PriorityClass

apiVersion: scheduling.k8s.io/v1

metadata:

name: high-non

preemptionPolicy: Never

value: 1000


kind: PriorityClass

apiVersion: scheduling.k8s.io/v1

metadata:

name: low-non

preemptionPolicy: Never

value: 500

3.pod容器使用优先级类(priorityClassName)

将三个资源运行在一个节点上,模拟资源抢占

无优先级的 Pod

root@master \~\]# vim php1.yaml --- kind: Pod apiVersion: v1 metadata: name: php1 spec: nodeSelector: kubernetes.io/hostname: node-0003 containers: - name: php image: myos:php-fpm resources: requests: cpu: "1200m" # 低优先级 Pod \[root@master \~\]# vim php2.yaml --- kind: Pod apiVersion: v1 metadata: name: php2 spec: nodeSelector: kubernetes.io/hostname: node-0003 priorityClassName: low-non # 优先级名称 containers: - name: php image: myos:php-fpm resources: requests: cpu: "1200m" # 高优先级 Pod \[root@master \~\]# vim php3.yaml --- kind: Pod apiVersion: v1 metadata: name: php3 spec: nodeSelector: kubernetes.io/hostname: node-0003 priorityClassName: high-non # 优先级名称 containers: - name: php image: myos:php-fpm resources: requests: cpu: "1200m"

相关推荐
Johny_Zhao3 小时前
Docker + CentOS 部署 Zookeeper 集群 + Kubernetes Operator 自动化运维方案
linux·网络安全·docker·信息安全·zookeeper·kubernetes·云计算·系统运维
小毛驴8503 小时前
Linux 后台启动java jar 程序 nohup java -jar
java·linux·jar
zwjapple4 小时前
docker-compose一键部署全栈项目。springboot后端,react前端
前端·spring boot·docker
好好学习啊天天向上5 小时前
世上最全:ubuntu 上及天河超算上源码编译llvm遇到的坑,cmake,ninja完整过程
linux·运维·ubuntu·自动性能优化
tan180°6 小时前
MySQL表的操作(3)
linux·数据库·c++·vscode·后端·mysql
代码老y6 小时前
Docker:容器化技术的基石与实践指南
运维·docker·容器
典学长编程6 小时前
Linux操作系统从入门到精通!第二天(命令行)
linux·运维·chrome
wuk9986 小时前
基于MATLAB编制的锂离子电池伪二维模型
linux·windows·github
DuelCode7 小时前
Windows VMWare Centos Docker部署Springboot 应用实现文件上传返回文件http链接
java·spring boot·mysql·nginx·docker·centos·mybatis
独行soc9 小时前
#渗透测试#批量漏洞挖掘#HSC Mailinspector 任意文件读取漏洞(CVE-2024-34470)
linux·科技·安全·网络安全·面试·渗透测试