首页
技术小册
AIGC
面试刷题
技术文章
MAGENTO
云计算
视频课程
源码下载
PDF书籍
「涨薪秘籍」
登录
注册
1. Pod
1.1. Pod介绍
1.1.1. Pod简介
1.1.2. Pod生命周期
1.1.3. Pod状态
1.2. Pod模板
1.2.1. apiversion/kind
1.2.2. metadata
1.2.3. spec
1.2.4. k8s和image中的命令
1.2.5. 就绪性探测和存活性探测
1.3. 案例
1.3.1. 创建简单pod
1.3.2. 带健康检测的pod
2. Deployment
2.1. 介绍
2.1.1. 简介
2.1.2. 部署方式
2.1.3. Deployment升级方案
2.2. 模板
2.3. 案例
2.3.1. 创建deployment
2.3.2. 模拟蓝绿发布
2.3.3. 滚动发布
2.3.4. 模拟灰度(金丝雀)发布
2.3.5. 版本回滚
2.3.6. 常用命令
3. DaemonSet
3.1. DaemonSet介绍
3.2. 模板
3.3. 案例
3.3.1. 创建daemonset
3.3.2. 升级daemonset
4. Job
4.1. Job介绍
4.2. 模板
4.3. 案例
5. CronJob
5.1. cronjob介绍
5.2. 模板
5.3. 案例
6. StatefulSet
6.1. 介绍
6.1.1. Statefulset使用场景
6.1.2. Statefulset注意项
6.2. 模板
6.3. 案例
6.3.1. 创建Statefulset资源
6.3.2. 扩缩容
6.3.3. 滚动更新
6.3.4. 删除Statefulset
6.3.5. 部署有状态应用一般思路
7. 原理分析
8. 调度
8.1. 调度器
8.2. 节点选择器
8.3. 节点亲和性
8.4. Pod亲和性
8.5. 污点和污点容忍度
当前位置:
首页>>
技术小册>>
Kubernets合辑5-Pod控制器
小册名称:Kubernets合辑5-Pod控制器
Node节点上污点管理 ``` 用法: 增加污点: kubectl taint node <node_name> key=value:effect 取消污点: kubectl taint node <node_name> key=value:effect- 查看污点: kubectl describe node <node_name> effect: PreferNoSchedule: 优先不调度,但是其它节点不满足时可以调度 NoSchedule: 禁止新的Pod调度,已经调度的Pod不会被驱逐 NoExecute: 禁止新的Pod调度,并且已经运行在该节点时的,其不能容忍污点的Pod将被驱逐 ``` ``` # 查看master的污点 [root@maxiaoke local-k8s-yaml]# kubectl describe node centos-7-51 Name: centos-7-51 Roles: master Labels: beta.kubernetes.io/arch=amd64 beta.kubernetes.io/os=linux kubernetes.io/arch=amd64 kubernetes.io/hostname=centos-7-51 kubernetes.io/os=linux node-role.kubernetes.io/master= Annotations: flannel.alpha.coreos.com/backend-data: {"VNI":1,"VtepMAC":"52:8a:0e:48:b4:92"} flannel.alpha.coreos.com/backend-type: vxlan flannel.alpha.coreos.com/kube-subnet-manager: true flannel.alpha.coreos.com/public-ip: 10.4.7.51 kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock node.alpha.kubernetes.io/ttl: 0 volumes.kubernetes.io/controller-managed-attach-detach: true CreationTimestamp: Fri, 04 Dec 2020 21:49:43 +0800 Taints: node-role.kubernetes.io/master:NoSchedule # 不可调度 ...... ``` ``` # 以此作为示例Pod apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deploy spec: replicas: 6 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx-demo image: linuxmaxiaoke/nginx:v1.0.0 ``` ``` # kubectl apply 部署上述的deployment后,Pod分散在三个不同的node上 [root@maxiaoke local-k8s-yaml]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-deploy-8697d45cb8-4x564 1/1 Running 0 4m9s 172.16.4.9 centos-7-55 <none> <none> nginx-deploy-8697d45cb8-bxms4 1/1 Running 0 4m9s 172.16.5.55 centos-7-56 <none> <none> nginx-deploy-8697d45cb8-c4rbf 1/1 Running 0 4m9s 172.16.3.171 centos-7-54 <none> <none> nginx-deploy-8697d45cb8-hvs92 1/1 Running 0 4m9s 172.16.3.172 centos-7-54 <none> <none> nginx-deploy-8697d45cb8-sbfvj 1/1 Running 0 4m9s 172.16.5.54 centos-7-56 <none> <none> nginx-deploy-8697d45cb8-sw5m4 1/1 Running 0 4m9s 172.16.4.10 centos-7-55 <none> <none> ``` ``` # 使用NoSchedule污点,发现并不会使得现有的Pod发生重调度 [root@maxiaoke local-k8s-yaml]# kubectl taint node centos-7-54 monitor=true:NoSchedule node/centos-7-54 tainted [root@maxiaoke local-k8s-yaml]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-deploy-8697d45cb8-4x564 1/1 Running 0 5m18s 172.16.4.9 centos-7-55 <none> <none> nginx-deploy-8697d45cb8-bxms4 1/1 Running 0 5m18s 172.16.5.55 centos-7-56 <none> <none> nginx-deploy-8697d45cb8-c4rbf 1/1 Running 0 5m18s 172.16.3.171 centos-7-54 <none> <none> nginx-deploy-8697d45cb8-hvs92 1/1 Running 0 5m18s 172.16.3.172 centos-7-54 <none> <none> nginx-deploy-8697d45cb8-sbfvj 1/1 Running 0 5m18s 172.16.5.54 centos-7-56 <none> <none> nginx-deploy-8697d45cb8-sw5m4 1/1 Running 0 5m18s 172.16.4.10 centos-7-55 <none> <none> # 更新deployment后,新的Pod不再调到 NoSchedule 节点 root@maxiaoke local-k8s-yaml]# kubectl set image deployment nginx-deploy nginx-demo=linuxmaxiaoke/nginx:v1.0.1 deployment.apps/nginx-deploy image updated [root@maxiaoke local-k8s-yaml]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-deploy-8494c5b6c5-5ddd9 1/1 Running 0 8s 172.16.4.13 centos-7-55 <none> <none> nginx-deploy-8494c5b6c5-5zdjg 1/1 Running 0 10s 172.16.5.56 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-bqpgn 1/1 Running 0 10s 172.16.5.57 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-dq44w 1/1 Running 0 9s 172.16.4.12 centos-7-55 <none> <none> nginx-deploy-8494c5b6c5-pnvw6 1/1 Running 0 8s 172.16.5.58 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-xnf77 1/1 Running 0 10s 172.16.4.11 centos-7-55 <none> <none> ``` ``` # 设置NoExecute后,现有Pod会被驱逐 [root@maxiaoke local-k8s-yaml]# kubectl taint node centos-7-55 monitor=true:NoExecute node/centos-7-55 tainted [root@maxiaoke local-k8s-yaml]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-deploy-8494c5b6c5-5zdjg 1/1 Running 0 3m8s 172.16.5.56 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-bqpgn 1/1 Running 0 3m8s 172.16.5.57 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-bzc2c 1/1 Running 0 14s 172.16.5.60 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-f7k2b 1/1 Running 0 14s 172.16.5.62 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-pnvw6 1/1 Running 0 3m6s 172.16.5.58 centos-7-56 <none> <none> nginx-deploy-8494c5b6c5-s57tv 1/1 Running 0 14s 172.16.5.61 centos-7-56 <none> <none> ``` Pod的污点容忍度 ``` # api-server 能容忍所有NoExecute的污点,因此能在Master上运行 [root@maxiaoke local-k8s-yaml]# kubectl describe pod -n kube-system kube-apiserver-centos-7-51 ...... Tolerations: :NoExecute ``` ``` # 清除所有节点的污点后,执行以下操作。模拟Prometheus(Prometheus占用内存巨大,推荐单独部署到一个固有节点)的部署 [root@maxiaoke local-k8s-yaml]# kubectl label node centos-7-56 prometheus=true node/centos-7-56 labeled [root@maxiaoke local-k8s-yaml]# kubectl taint node centos-7-56 monitor=true:NoSchedule node/centos-7-56 tainted ``` ``` apiVersion: apps/v1 kind: Deployment metadata: name: prometheus spec: replicas: 1 selector: matchLabels: app: prometheus template: metadata: labels: app: prometheus spec: containers: - name: prometheus-demo image: linuxmaxiaoke/nginx:v1.0.1 nodeSelector: prometheus: "true" tolerations: - key: monitor operator: Exists effect: NoSchedule ``` ``` # 通过节点选择器和污点容忍度,实现独占一个节点 [root@maxiaoke local-k8s-yaml]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES prometheus-76f64854b7-sxdq9 1/1 Running 0 2m21s 172.16.5.71 centos-7-56 <none> <none> ```
上一篇:
8.4. Pod亲和性
该分类下的相关小册推荐:
Kubernets合辑12-配置中心
Kubernets合辑3-kubernetes介绍
Kubernets合辑10-网络
Kubernets合辑7-存储
Kubernets合辑9-资源约束
Kubernetes中文教程(二)
Kubernetes合辑1-安装Kubernetes
Kubernets合辑14-日志收集
Kubernets合辑8-权限控制
Kubernets合辑13-集群监控
Kubernetes中文教程(六)
Kubernets合辑15-持续部署
