本文介绍了如何强制 Pods/Deployments 到 Master 节点?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我已经设置了一个 Kubernetes 1.5 集群,其中三个主节点污染了dedicated=master:NoSchedule.现在我只想在主节点上部署 Nginx 入口控制器,所以我添加了容忍:

I've setup a Kubernetes 1.5 cluster with the three master nodes tainted dedicated=master:NoSchedule. Now I want to deploy the Nginx Ingress Controller on the Master nodes only so I've added tolerations:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
    […]

不幸的是,这并没有达到预期的效果:Kubernetes 将所有 Pod 调度到工作线程上.当将副本数量扩展到更大数量时,Pod 也会部署在工作线程上.

Unfortunately this does not have the desired effect: Kubernetes schedules all Pods on the workers. When scaling the number of replicas to a larger number the Pods are deployed on the workers, too.

如何实现只调度到Master节点?

How can I achieve scheduling to the Master nodes only?

感谢您的帮助.

推荐答案

容忍并不意味着必须在具有此类污点的节点上调度 Pod.这意味着 pod 容忍这样的污点.如果您希望您的 pod 被吸引"到特定节点,您需要将标签附加到您的 dedicated=master 受污染节点,并在 pod 中设置 nodeSelector 以查找这样的标签.

A toleration does not mean that the pod must be scheduled on a node with such taints. It means that the pod tolerates such a taint. If you want your pod to be "attracted" to specific nodes you will need to attach a label to your dedicated=master tainted nodes and set nodeSelector in the pod to look for such label.

将标签附加到您的每个特殊用途节点上:

Attach the label to each of your special use nodes:

kubectl label nodes name_of_your_node dedicated=master

Kubernetes 1.6 及以上语法

将 nodeSelector 添加到您的 Pod:

Kubernetes 1.6 and above syntax

Add the nodeSelector to your pod:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
    spec:
      nodeSelector:
        dedicated: master
      tolerations:
      - key: dedicated
        operator: Equal
        value: master
        effect: NoSchedule
    […]

如果您不喜欢 nodeSelector,您可以在 spec: 下添加 affinity: 代替:

If you don't fancy nodeSelector you can add affinity: under spec: instead:

affinity:
  nodeAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      nodeSelectorTerms:
        matchExpressions:
        - key: dedicated
          operator: Equal
          values: ["master"]

1.6 之前的语法

将 nodeSelector 添加到您的 Pod:

Pre 1.6 syntax

Add the nodeSelector to your pod:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
      nodeSelector:
        dedicated: master
    […]

如果你不喜欢 nodeSelector 你也可以添加这样的注释:

If you don't fancy nodeSelector you can also add an annotation like this:

scheduler.alpha.kubernetes.io/affinity: >
  {
    "nodeAffinity": {
      "requiredDuringSchedulingIgnoredDuringExecution": {
        "nodeSelectorTerms": [
          {
            "matchExpressions": [
              {
                "key": "dedicated",
                "operator": "Equal",
                "values": ["master"]
              }
            ]
          }
        ]
      }
    }
  }

请记住,NoSchedule 不会驱逐已经安排好的 Pod.

Keep in mind that NoSchedule will not evict pods that are already scheduled.

以上信息来自https://kubernetes.io/docs/user-指南/节点选择/,那里有更多细节.

The information above is from https://kubernetes.io/docs/user-guide/node-selection/ and there are more details there.

这篇关于如何强制 Pods/Deployments 到 Master 节点?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

06-01 14:14
查看更多