污点类型解释(相当于做标签)
kubectl taint nodes node key=value:NoSchedule添加effect类型污点,新的pod不能调度过来,老的不影响
kubectl taint nodes node key=value:NoExecute添加effecf类型污点,新的pod不能调度过来,老的被驱除
kubectl taint nodes node key=value:PreferNoSchedule会尝试将pod分配到该节点

污点、容忍度

手动创建deployment

[root@ceshi-130 ~]# kubectl create deployment nginx-dp --image=harbor.od.com/public/nginx:v1.7.9 -n kube-public

伸缩副本为2,两台node都存在nginx-dp-xxx的pod

[root@ceshi-130 ~]# kubectl scale --replicas=2 deployment/nginx-dp -n kube-public
[root@ceshi-130 ~]# kubectl get pods -n kube-public -o wide
NAME                        READY   STATUS    RESTARTS   AGE     IP           NODE                 NOMINATED NODE   READINESS GATES
nginx-dp-5dfc689474-wkfn9   1/1     Running   0          25s     172.7.21.4   ceshi-130.host.com   <none>           <none>
nginx-dp-5dfc689474-zbgnp   1/1     Running   0          3m10s   172.7.22.2   ceshi-131.host.com   <none>           <none>

比如我们现在就不想让pod运行在某个node上

输出 yaml格式

[root@ceshi-130 ~]# kubectl get deployment nginx-dp -o yaml -n kube-public > nginx-dp.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  annotations:
  labels:
    app: nginx-dp
  name: nginx-dp
  namespace: kube-public
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-dp
  template:
    metadata:
      labels:
        app: nginx-dp
    spec:
      containers:
      - image: harbor.od.com/public/nginx:v1.7.9
        imagePullPolicy: IfNotPresent
        name: nginx

伸缩一份,查看只有131节点存在,那就去130节点打污点

[root@ceshi-130 ~]# kubectl scale --replicas=1 deployment/nginx-dp -n kube-public
deployment.extensions/nginx-dp scaled
[root@ceshi-130 ~]# kubectl get pods -n kube-public -o wide
NAME                        READY   STATUS    RESTARTS   AGE   IP           NODE                 NOMINATED NODE   READINESS GATES
nginx-dp-5dfc689474-zbgnp   1/1     Running   0          11m   172.7.22.2   ceshi-131.host.com   <none>           <none>

节点 130
在130节点打污点

[root@ceshi-130 ~]# kubectl taint nodes ceshi-130.host.com defect=fat:NoSchedule

在这里插入图片描述
查看节点详细资源已经现在污点信息,此时不论将pod扩容几份pod都不会调度到130-node,因为130-node已经有污点新的pod不会在被调度
在这里插入图片描述
tolerations:容忍度
修改nginx-dp.yaml文件让他可以容忍污点(containers同一级对齐)

spec:
  tolerations:
  - key: defect
    value: fat
    effect: NoSchedule
  replicas: 1

在这里插入图片描述

再次交付

[root@ceshi-130 ~]# kubectl apply -f nginx-dp.yaml 
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
deployment.extensions/nginx-dp configured

扩容4台后查看可以被调度到污点node,因为yaml文件配置是tolerations,意思是可以容忍污点
在这里插入图片描述
可以将节点打多个污染

[root@ceshi-130 ~]# kubectl taint nodes ceshi-130.host.com cs=:NoSchedule
[root@ceshi-130 ~]# kubectl taint nodes ceshi-130.host.com cf=:NoSchedule

yaml配置也可以配置多个容忍度key(同spec下级containers同级配置),但是当node打污点为多个,yaml配置为一个时也不满足容忍度要求,同样不会被调度

spec:
  tolerations:
  - key: cs
    effect: NoSchedule
  - key: cf
    effect: NoSchedule

nodeName

nodeName方式也是一种手动指定pod被调度到某个node的方法,比较简单直接
也是在spec下级和containers同级指定即可

spec:
      nodeName: ceshi-130.host.com
      containers:

两种方式简单来说:
前者是除了能容忍污点的pod会被调度进来,其他都不会被调度
后者是指定当前pod选择node,其他pod也会被调度到次node

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐