污点和容忍度
taints是键值数据,用在pod上
[root@master01 ~]# kubectl describe nodes master01
Taints: node-role.kubernetes.io/master:NoSchedule
NoSchedule:
仅影响pod调度过程,当pod能容忍这个节点污点
NoExecute:
既影响调度过程,又影响现存的pod对象,如果存在的pod不能容忍节点后来加的污点,这个pod就会被驱逐。
PreferNoSchedule:
最好不,也可以,是NoSchedule的柔性版本
在pod对象定义容忍度的时候
管理节点污点
# Update node 'foo' with a taint with key 'dedicated' and value 'special-user' and effect 'NoSchedule'.
# If a taint with that key and effect already exists, its value is replaced as specified.
kubectl taint nodes foo dedicated=special-user:NoSchedule
# Remove from node 'foo' the taint with key 'dedicated' and effect 'NoSchedule' if one exists.
kubectl taint nodes foo dedicated:NoSchedule-
# Remove from node 'foo' all the taints with key 'dedicated'
kubectl taint nodes foo dedicated-
# Add a taint with key 'dedicated' on nodes having label mylabel=X
kubectl taint node -l myLabel=X dedicated=foo:PreferNoSchedule
# Add to node 'foo' a taint with key 'bar' and no value
kubectl taint nodes foo bar:NoSchedule
示例:
[root@master01 ~]# kubectl taint node node02 node-type=production:NoSchedule
node/node02 tainted
创建一个pod
[root@master01 yaml]# cat pod-taint.yaml
apiVersion: v1
kind: Pod
metadata:
name: taint-pod
namespace: default
labels:
tomcat: tomcat-pod
spec:
containers:
- name: taint-pod
ports:
- containerPort: 8080
image: tomcat:8.5-jre8-alpine
imagePullPolicy: IfNotPresent
创建,不会调度到node02上了,因为没有定义容忍度
[root@master01 yaml]# kubectl apply -f pod-taint.yaml
把node01也打上污点
[root@master01 yaml]# kubectl taint node node01 node-type=dev:NoExecute
node/node01 tainted
可以看到node01节点上的pod都被删除了
创建yaml文件
[root@master01 yaml]# cat pod-demo-1.yaml
apiVersion: v1
kind: Pod
metadata:
name: myapp-deploy
namespace: default
labels:
app: myapp
release: canary
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
ports:
- name: http
containerPort: 80
tolerations:
- key: "node-type"
operator: "Equal"
value: "production"
effect: "NoSchedule"
[root@master01 yaml]# kubectl apply -f pod-demo-1.yaml
pod/myapp-deploy created
删除污点
[root@master01 yaml]# kubectl taint nodes node01 node-type-
node/node01 untainted
[root@master01 yaml]# kubectl taint nodes node02 node-type-
node/node02 untainted