[转帖]k8s 污点和容忍

k8s,污点,容忍 · 浏览次数 : 0

小编点评

<div id="blogExtensionBox" style="width:400px;margin:auto;margin-top:12px" class="blog-extension-box"><div class="blog_extension blog_extension_type1" id="blog_extension" > <div class="blog_extension_card" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.6470&quot;}\" data-report-view="{&quot;spm&quot;:&quot;1001.2101.3001.6470&quot;}\"> <div class="blog_extension_card_left" > <img src="https://img-blog.csdnimg.cn/75d32a77a71f45d3980091b342622835.png" alt=\"\"> </div> <div class="blog_extension_card_cont" > <div class="blog_extension_card_cont_l" > <span class="text" >云原生私教</span> <div class="blog_extension_card_cont_r" > <span class="style" >每日分享云原生学习路线、云原生前沿资讯等</span> </div> <span class="style" >每日分享云原生学习路线、云原生前沿资讯等</span> </div> </div></div></div> </article>

正文

文章目录

污点和容忍

在 Kubernetes 中,节点亲和性 NodeAffinity 是 Pod 上定义的一种属性,能够使 Pod 按我们的要求调度到某个节点上,而 Taints(污点) 则恰恰相反,它是 Node 上的一个属性,可以让 Pod 不能调度到带污点的节点上,甚至会对带污点节点上已有的 Pod 进行驱逐。当然,对应的 Kubernetes 可以给 Pod 设置 Tolerations(容忍) 属性来让 Pod 能够容忍节点上设置的污点,这样在调度时就会忽略节点上设置的污点,将 Pod 调度到该节点。一般时候 Taints 通常与 Tolerations 配合使用。

在这里插入图片描述

  • 一个 node 可以有多个污点;
  • 一个 pod 可以有多个容忍;
  • kubernetes 执行多个污点和容忍方法类似于过滤器

如果一个 node 有多个污点,且 pod 上也有多个容忍,只要 pod 中容忍能包含 node 上设置的全部污点,就可以将 pod 调度到该 node 上。如果 pod 上设置的容忍不能够包含 node 上设置的全部污点,且 node 上剩下不能被包含的污点 effect 为 PreferNoSchedule,那么也可能会被调度到该节点。

注意:

当 pod 存在容忍,首先 pod 会选择没有污点的节点,然后再次选择容忍污点的节点

  • 如果 node 上带有污点 effect 为 NoSchedule,而 pod 上不带响应的容忍,kubernetes 就不会调度 pod 到这台 node 上。
  • 如果 Node 上带有污点 effect 为 PreferNoShedule,这时候 Kubernetes 会努力不要调度这个 Pod 到这个 Node 上。
  • 如果 Node 上带有污点 effect 为 NoExecute,这个已经在 Node 上运行的 Pod 会从 Node 上驱逐掉。没有运行在 Node 的 Pod 不能被调度到这个 Node 上。一般使用与当某个节点处于 NotReady 状态下,pod 迅速在其他正常节点启动。

污点(Taints)

查看污点:

$ kubectl get nodes k8s-master -o go-template={{.spec.taints}}
[map[effect:NoSchedule key:node-role.kubernetes.io/master]]


污点内容一般组成为 key、value 及一个 effect 三个元素,表现为:

&lt;key&gt;=&lt;value&gt;:&lt;effect&gt;
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li></ul></pre> 
<p>这里的 value 可以为空,表现形式为:</p> 
<pre data-index="1" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">node<span class="token operator">-</span>role<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>master<span class="token punctuation">:</span>NoSchedule
<span class="token operator">-</span> key<span class="token punctuation">:</span> node<span class="token operator">-</span>role<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>master
<span class="token operator">-</span> value<span class="token punctuation">:</span> 空
<span class="token operator">-</span> effect<span class="token punctuation">:</span> NoSchedule
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li></ul></pre> 
<hr> 
<h4><a id="_44"></a>设置污点</h4> 
<p>一般我们需要想要设置某个节点只允许特定的 <code>Pod</code> 进行调度,这时候就得对节点设置污点,可以按 <code>kubectl taint node nodename key=value:effect</code> 格式进行设置,其中 <code>effect</code> 可取值如下:</p> 
<ul><li><strong>PreferNoSchedule:</strong> 尽量不要调度。</li><li><strong>NoSchedule:</strong> 一定不能被调度。</li><li><strong>NoExecute:</strong> 不仅不会调度, 还会驱逐 Node 上已有的 Pod。</li></ul> 
<p>一般时候我们设置污点,就像下面例子一样对其进行设置:</p> 
<pre data-index="2" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;"># 设置污点并不允许 Pod 调度到该节点
$ kubectl taint node k8s<span class="token operator">-</span>master key1<span class="token operator">=</span>value1<span class="token punctuation">:</span>NoSchedule
# 设置污点尽量阻止污点调度到该节点
$ kubectl taint node k8s<span class="token operator">-</span>master key2<span class="token operator">=</span>value2<span class="token punctuation">:</span>PreferNoSchedule
# 设置污点,不允许普通 Pod 调度到该节点,且将该节点上已经存在的 Pod 进行驱逐
$ kubectl taint node k8s<span class="token operator">-</span>master key3<span class="token operator">=</span>value3<span class="token punctuation">:</span>NoExecute
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li></ul></pre> 
<hr> 
<h4><a id="_63"></a>删除污点</h4> 
<p>上面说明了如何对 <code>Node</code> 添加污点阻止 <code>Pod</code> 进行调度,下面再说一下如何删除节点上的污点,可以使用下面命令:</p> 
<pre data-index="3" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">kubectl taint node <span class="token punctuation">[</span>node<span class="token punctuation">]</span> <span class="token punctuation">[</span>key<span class="token punctuation">]</span><span class="token operator">-</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li></ul></pre> 
<p>上面语法和创建污点类似,不过需要注意的是删除污点需要知道 key 和最后面设置一个 “-” 两项将污点删除,示例如下:</p> 
<p>为了方便演示,先给节点设置污点:</p> 
<pre data-index="4" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;"># 设置污点<span class="token number">1</span>
$ kubectl taint node k8s<span class="token operator">-</span>master key1<span class="token operator">=</span>value1<span class="token punctuation">:</span>PreferNoSchedule
node<span class="token operator">/</span>k8s<span class="token operator">-</span>master tainted
# 设置污点<span class="token number">2</span>
$ kubectl taint node k8s<span class="token operator">-</span>master key2<span class="token operator">=</span>value2<span class="token punctuation">:</span>NoSchedule
node<span class="token operator">/</span>k8s<span class="token operator">-</span>master tainted
# 设置污点<span class="token number">3</span>,并且不设置 value
$ kubectl taint node k8s<span class="token operator">-</span>master key2<span class="token operator">=</span><span class="token punctuation">:</span>PreferNoSchedule
node<span class="token operator">/</span>k8s<span class="token operator">-</span>master tainted
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li></ul></pre> 
<p>查看污点,可以看到上面设置的三个值:</p> 
<pre data-index="5" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl describe nodes k8s<span class="token operator">-</span>master
<span class="token operator">...</span>
Taints<span class="token punctuation">:</span>             key2<span class="token operator">=</span>value2<span class="token punctuation">:</span>NoSchedule
                    node<span class="token operator">-</span>role<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>master<span class="token punctuation">:</span>NoSchedule
                    key1<span class="token operator">=</span>value1<span class="token punctuation">:</span>PreferNoSchedule
                    key2<span class="token punctuation">:</span>PreferNoSchedule
<span class="token operator">...</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li></ul></pre> 
<p>然后删除污点</p> 
<pre data-index="6" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">删除污点,可以不指定 value,指定 <span class="token punctuation">[</span>effect<span class="token punctuation">]</span> 值就可删除该 key<span class="token punctuation">[</span>effect<span class="token punctuation">]</span> 的污点
$ kubectl taint node k8s<span class="token operator">-</span>master key1<span class="token punctuation">:</span>PreferNoSchedule<span class="token operator">-</span>

也可以根据 key 直接将该 key2 的所有 <span class="token punctuation">[</span>effect<span class="token punctuation">]</span> 都删除:
$ kubectl taint node k8s<span class="token operator">-</span>master key2<span class="token operator">-</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li></ul></pre> 
<p>再次查看污点,可以看到以上污点都被删除:</p> 
<pre data-index="7" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl describe nodes k8s<span class="token operator">-</span>master
<span class="token operator">...</span>
Taints<span class="token punctuation">:</span>             node<span class="token operator">-</span>role<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>master<span class="token punctuation">:</span>NoSchedule
<span class="token operator">...</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li></ul></pre> 
<hr> 
<h3><a name="t3"></a><a id="_toleratints_119"></a>容忍 (toleratints)</h3> 
<h4><a id="Pod__120"></a>Pod 设置容忍</h4> 
<p>为了使某些 <code>Pod</code> 禁止调度到某些特定节点上,就可以对节点设置污点 <code>taints</code>。当然,如果希望有些 <code>Pod</code> 能够忽略节点的污点,继续能够调度到该节点,就可以对 <code>Pod</code> 设置容忍,让 <code>Pod</code> 能够容忍节点上设置的污点,例如:</p> 
<p><strong>对一个节点设置污点:</strong></p> 
<pre data-index="8" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">kubectl taint node k8s<span class="token operator">-</span>node01 key<span class="token operator">=</span>value<span class="token punctuation">:</span>NoSchedule
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li></ul></pre> 
<p>对于 Pod 设置容忍, 以下两种方式都可以:</p> 
<pre data-index="9" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;"># 容忍的 key、value 和对应 effect 也必须和污点 taints 保持一致
<span class="token operator">...</span><span class="token operator">...</span>
tolerations<span class="token punctuation">:</span>
<span class="token operator">-</span> key<span class="token punctuation">:</span> <span class="token string">"key"</span>
  operator<span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  value<span class="token punctuation">:</span> <span class="token string">"value"</span>
  effect<span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
# 容忍 tolerations 的 key 和要污点 taints 的 key 一致,且设置的 effect 也相同,不需要设置 value
<span class="token operator">...</span><span class="token operator">...</span>
tolerations<span class="token punctuation">:</span>
<span class="token operator">-</span> key<span class="token punctuation">:</span> <span class="token string">"key"</span>
  operator<span class="token punctuation">:</span> <span class="token string">"Exists"</span>
  effect<span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li><li style="color: rgb(153, 153, 153);">13</li></ul></pre> 
<p>如果不指定 operator,则 operator 默认为 equal。</p> 
<p>此外,有如下两个特例:</p> 
<ul><li>空的 key 配合 Exist 操作符可以匹配所有的键值对</li><li>空的 effect 匹配所有的 effect</li></ul> 
<p>那么,问题来了:<br> 如果我的集群中有三个 node,我有两组 pod 要部署,每组 pod 要部署到同一个节点上,且两组 pod 不能部署到同一节点上,怎么操作最简单?</p> 
<p>(好吧,nodeSelector 最简单…)</p> 
<hr> 
<pre data-index="10" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> apps/vl
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Deployment
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
  <span class="token key atrule">name</span><span class="token punctuation">:</span> example
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
  <span class="token key atrule">replicas</span><span class="token punctuation">:</span> <span class="token number">5</span>
  <span class="token key atrule">template</span><span class="token punctuation">:</span>
    <span class="token key atrule">spec</span><span class="token punctuation">:</span>
      <span class="token punctuation">...</span><span class="token punctuation">...</span>
      <span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
      <span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key"</span>
        <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
        <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value"</span>
        <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li><li style="color: rgb(153, 153, 153);">13</li><li style="color: rgb(153, 153, 153);">14</li></ul></pre> 
<hr> 
<h4><a id="_178"></a>设置容忍时间</h4> 
<p>正常情况下, 如果一个污点带有 <code>effect=NoExecute</code> 被添加到了这个 <code>Node</code>。那么不能容忍这个污点的所有 <code>Pod</code> 就会立即被踢掉。而带有容忍标签的 <code>Pod</code> 就不会踢掉。然而,一个带有 <code>effect=Noexecute</code> 的容忍可以指定一个 <code>tolerationSeconds</code> 来指定当这个污点被添加的时候在多长时间内不被踢掉(其实讲驱逐有点,不太对。我明显感觉这个容忍时间就是 pod 用来跑路的嘛)。例如:</p> 
<pre data-index="11" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"Noexecute"</span>
  <span class="token key atrule">tolerationSeconds</span><span class="token punctuation">:</span> <span class="token number">3600</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li></ul></pre> 
<p>如果这个 Pod 已经在这个带污点且 effect 为 NoExecute 的 node 上。这个 pod 可以一直运行到 3600s 后再被踢掉。如果这时候 Node 的污点被移除了,这个 Pod 就不会被踢掉。</p> 
<hr> 
<h4><a id="_195"></a>容忍示例</h4> 
<p><code>Operator</code> 默认是 <code>Equal</code>,可设置为 <code>Equal</code> 与 <code>Exists</code> 两种,按这两种进行示例:</p> 
<p>Operator 是 Exists</p> 
<p><strong>容忍任何污点</strong></p> 
<p>例如一个空的 key,将匹配所有的 key、value、effect。即容忍任何污点。</p> 
<pre data-index="12" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Exists"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li></ul></pre> 
<p><strong>容忍某 key 值的污点</strong></p> 
<p>例如一个空的 effect,并且 key 不为空,那么将匹配所有与 key 相同的 effect:</p> 
<pre data-index="13" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Exists"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li></ul></pre> 
<p>Operator 是 Equal</p> 
<p><strong>node 上有一个污点</strong></p> 
<p>Node 和 Pod 的 key 为 key1、value1 与 effect 相同则能调度:</p> 
<pre data-index="14" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token comment">#污点</span>
key1=value1<span class="token punctuation">:</span>NoSchedule

<span class="token comment">#Pod设置</span>
<span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key1"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value1"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li></ul></pre> 
<p><strong>node 上有多个污点</strong></p> 
<p>Node 的污点的 key、value、effect 和 Pod 容忍都相同则能调度:</p> 
<pre data-index="15" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token comment">## 设置污点</span>
key1=value1<span class="token punctuation">:</span>NoSchedule
key2=value2<span class="token punctuation">:</span>NoExecute

<span class="token comment">## Pod设置容忍</span>
<span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key1"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value1"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key2"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value2"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoExecute"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li><li style="color: rgb(153, 153, 153);">13</li><li style="color: rgb(153, 153, 153);">14</li></ul></pre> 
<p>Node 的污点和 Pod 的大部分都相同,不同的是 Node 污点 effect 为 PreferNoSchedule 的,可能会调度:</p> 
<pre data-index="16" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token comment">## 污点</span>
key1=value1<span class="token punctuation">:</span>NoSchedule
key2=value2<span class="token punctuation">:</span>NoExecute
key3=value3<span class="token punctuation">:</span>PreferNoSchedule

<span class="token comment">## Pod设置容忍</span>
<span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key1"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value1"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key2"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value2"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoExecute"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li><li style="color: rgb(153, 153, 153);">13</li><li style="color: rgb(153, 153, 153);">14</li><li style="color: rgb(153, 153, 153);">15</li></ul></pre> 
<p>Node 的污点和 Pod 的大部分都相同,不同的是 Node 污点 effect 为 NoSchedule 和 NoExecute 的,不会被调度:</p> 
<pre data-index="17" class="prettyprint"><code class="prism language-yaml has-numbering" onclick="mdcp.signin(event)" style="position: unset;"><span class="token comment">## 污点</span>
key1=value1<span class="token punctuation">:</span>NoSchedule
key2=value2<span class="token punctuation">:</span>NoExecute
key3=value3<span class="token punctuation">:</span>PreferNoSchedule

<span class="token comment">## Pod设置容忍</span>
<span class="token key atrule">tolerations</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key1"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value1"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"NoSchedule"</span>
<span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> <span class="token string">"key3"</span>
  <span class="token key atrule">operator</span><span class="token punctuation">:</span> <span class="token string">"Equal"</span>
  <span class="token key atrule">value</span><span class="token punctuation">:</span> <span class="token string">"value3"</span>
  <span class="token key atrule">effect</span><span class="token punctuation">:</span> <span class="token string">"PreferNoSchedule"</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li><li style="color: rgb(153, 153, 153);">13</li><li style="color: rgb(153, 153, 153);">14</li><li style="color: rgb(153, 153, 153);">15</li></ul></pre> 
<p><strong>对比理解 Exists 和 Equal 之间的区别:</strong></p> 
<ul><li>Exists 是包含,Equal 是等于,Exists 使用范围更广,而 Equal 则是精准匹配。</li><li>当污点中存在 NoExecute 时,而容忍中不存在 NoExecute 时,不会被调度到该节点。</li><li>Exists 可以不写 value , 而 Equal 则一定要指定对应的 value</li></ul> 
<hr> 
<h2><a name="t4"></a><a id="pod__307"></a>节点自污染,pod 应对节点故障</h2> 
<p>此外,当某些条件为 true 时,节点控制器会自动污染节点。内置以下污点:</p> 
<div class="table-box"><table><thead><tr><th align="left">key</th><th align="left">注释</th></tr></thead><tbody><tr><td align="left">node.kubernetes.io/not-ready</td><td align="left">节点尚未准备好。这对应于 NodeCondition Ready 为 false。</td></tr><tr><td align="left">node.kubernetes.io/unreachable</td><td align="left">无法从节点控制器访问节点。这对应于 NodeCondition Ready 为 Unknown。</td></tr><tr><td align="left">node.kubernetes.io/out-of-disk</td><td align="left">节点磁盘不足。</td></tr><tr><td align="left">node.kubernetes.io/memory-pressure</td><td align="left">节点有内存压力。</td></tr><tr><td align="left">node.kubernetes.io/disk-pressure</td><td align="left">节点有磁盘压力。</td></tr><tr><td align="left">node.kubernetes.io/network-unavailable</td><td align="left">节点的网络不可用。</td></tr><tr><td align="left">node.kubernetes.io/unschedulable</td><td align="left">节点不可调度。</td></tr><tr><td align="left">node.cloudprovider.kubernetes.io/uninitialized</td><td align="left">当 kubelet 从 “外部” 云提供程序开始时,此污点在节点上设置为将其标记为不可用。来自 cloud-controller-manager 的控制器初始化此节点后,kubelet 删除此污点。</td></tr></tbody></table></div>
<p>通过上面知识的铺垫,当一个节点宕机时,kubernetes 集群会给它打上什么样的污点呢?</p> 
<p>一个 Ready 状态的节点</p> 
<pre data-index="18" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl get node k8s<span class="token operator">-</span>node02 <span class="token operator">-</span>o <span class="token keyword">go</span><span class="token operator">-</span>template<span class="token operator">=</span><span class="token punctuation">{<!-- --></span><span class="token punctuation">{<!-- --></span><span class="token punctuation">.</span>spec<span class="token punctuation">.</span>taints<span class="token punctuation">}</span><span class="token punctuation">}</span>
<span class="token operator">&lt;</span>no value<span class="token operator">&gt;</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li></ul></pre> 
<p>一个 NotReady 状态的节点</p> 
<pre data-index="19" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl get node k8s<span class="token operator">-</span>node02 <span class="token operator">-</span>o <span class="token keyword">go</span><span class="token operator">-</span>template<span class="token operator">=</span><span class="token punctuation">{<!-- --></span><span class="token punctuation">{<!-- --></span><span class="token punctuation">.</span>spec<span class="token punctuation">.</span>taints<span class="token punctuation">}</span><span class="token punctuation">}</span>
<span class="token punctuation">[</span><span class="token keyword">map</span><span class="token punctuation">[</span>effect<span class="token punctuation">:</span>NoSchedule key<span class="token punctuation">:</span>node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable timeAdded<span class="token punctuation">:</span><span class="token number">2022</span><span class="token operator">-</span><span class="token number">07</span><span class="token operator">-</span>0423T13<span class="token punctuation">:</span><span class="token number">49</span><span class="token punctuation">:</span>58Z<span class="token punctuation">]</span> 
<span class="token keyword">map</span><span class="token punctuation">[</span>effect<span class="token punctuation">:</span>NoExecute key<span class="token punctuation">:</span>node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable timeAdded<span class="token punctuation">:</span><span class="token number">2021</span><span class="token operator">-</span><span class="token number">07</span><span class="token operator">-</span>04T13<span class="token punctuation">:</span><span class="token number">50</span><span class="token punctuation">:</span>03Z<span class="token punctuation">]</span><span class="token punctuation">]</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li></ul></pre> 
<p>处于 NotReady 状态的节点被打上了下面两个污点:</p> 
<pre data-index="20" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">Taints<span class="token punctuation">:</span>             node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable<span class="token punctuation">:</span>NoExecute
                    node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable<span class="token punctuation">:</span>NoSchedule
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li></ul></pre> 
<p>接下来测试 kubernetes 集群会给 Pod 分配什么样的容忍。<br> 注:这两个是 kubernetes 自动给 pod 添加的容忍。</p> 
<pre data-index="21" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl get po nginx<span class="token operator">-</span>745b4df97d<span class="token operator">-</span>mgdmp <span class="token operator">-</span>o yaml
<span class="token operator">...</span>
  tolerations<span class="token punctuation">:</span>
  <span class="token operator">-</span> effect<span class="token punctuation">:</span> NoExecute
    key<span class="token punctuation">:</span> node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>not<span class="token operator">-</span>ready
    operator<span class="token punctuation">:</span> Exists
    tolerationSeconds<span class="token punctuation">:</span> <span class="token number">300</span>  ## <span class="token number">300</span><span class="token operator">/</span><span class="token number">60</span><span class="token operator">=</span>5min
  <span class="token operator">-</span> effect<span class="token punctuation">:</span> NoExecute
    key<span class="token punctuation">:</span> node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable
    operator<span class="token punctuation">:</span> Exists
    tolerationSeconds<span class="token punctuation">:</span> <span class="token number">300</span> ## <span class="token number">300</span><span class="token operator">/</span><span class="token number">60</span><span class="token operator">=</span>5min
<span class="token operator">...</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li></ul></pre> 
<p>看到这里,Pod 的失效机制已经很明白了, 当 node 节点处于 NotReady 状态或者 unreachable 状态时,Pod 会容忍它 5 分钟,然后被驱逐。而这 5 分钟内就算 Pod 处于 running 状态,也是无法正常提供服务的。因此,可以在 yaml 清单中 手动指明 0 容忍,清单文件如下:</p> 
<pre data-index="22" class="set-code-hide prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">apiVersion<span class="token punctuation">:</span> apps<span class="token operator">/</span>v1
kind<span class="token punctuation">:</span> Deployment
metadata<span class="token punctuation">:</span>
  labels<span class="token punctuation">:</span>
    app<span class="token punctuation">:</span> nginx
  name<span class="token punctuation">:</span> nginx
spec<span class="token punctuation">:</span>
  replicas<span class="token punctuation">:</span> <span class="token number">4</span>
  selector<span class="token punctuation">:</span>
    matchLabels<span class="token punctuation">:</span>
      app<span class="token punctuation">:</span> nginx
  template<span class="token punctuation">:</span>
    metadata<span class="token punctuation">:</span>
      labels<span class="token punctuation">:</span>
        app<span class="token punctuation">:</span> nginx
    spec<span class="token punctuation">:</span>
      tolerations<span class="token punctuation">:</span>
      <span class="token operator">-</span> effect<span class="token punctuation">:</span> NoExecute
        key<span class="token punctuation">:</span> node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>not<span class="token operator">-</span>ready
        operator<span class="token punctuation">:</span> Exists
        tolerationSeconds<span class="token punctuation">:</span> <span class="token number">0</span>
      <span class="token operator">-</span> effect<span class="token punctuation">:</span> NoExecute
        key<span class="token punctuation">:</span> node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable
        operator<span class="token punctuation">:</span> Exists
        tolerationSeconds<span class="token punctuation">:</span> <span class="token number">0</span>
      containers<span class="token punctuation">:</span>
      <span class="token operator">-</span> image<span class="token punctuation">:</span> nginx<span class="token punctuation">:</span>alpine
        name<span class="token punctuation">:</span> nginx
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><div class="hide-preCode-box"><span class="hide-preCode-bt"><img class="look-more-preCode contentImg-no-view" src="https://csdnimg.cn/release/blogv2/dist/pc/img/newCodeMoreWhite.png" alt="" title=""></span></div><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li><li style="color: rgb(153, 153, 153);">13</li><li style="color: rgb(153, 153, 153);">14</li><li style="color: rgb(153, 153, 153);">15</li><li style="color: rgb(153, 153, 153);">16</li><li style="color: rgb(153, 153, 153);">17</li><li style="color: rgb(153, 153, 153);">18</li><li style="color: rgb(153, 153, 153);">19</li><li style="color: rgb(153, 153, 153);">20</li><li style="color: rgb(153, 153, 153);">21</li><li style="color: rgb(153, 153, 153);">22</li><li style="color: rgb(153, 153, 153);">23</li><li style="color: rgb(153, 153, 153);">24</li><li style="color: rgb(153, 153, 153);">25</li><li style="color: rgb(153, 153, 153);">26</li><li style="color: rgb(153, 153, 153);">27</li><li style="color: rgb(153, 153, 153);">28</li></ul></pre> 
<p>生成 Pod</p> 
<pre data-index="23" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl get po <span class="token operator">-</span>o wide
NAME                    READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>c76fm   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running   <span class="token number">0</span>          6s    <span class="token number">10.244</span><span class="token number">.3</span><span class="token number">.16</span>   k8s<span class="token operator">-</span>node02   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>hsxq5   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running   <span class="token number">0</span>          6s    <span class="token number">10.244</span><span class="token number">.3</span><span class="token number">.15</span>   k8s<span class="token operator">-</span>node02   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>wkt52   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running   <span class="token number">0</span>          6s    <span class="token number">10.244</span><span class="token number">.1</span><span class="token number">.63</span>   k8s<span class="token operator">-</span>node01   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>xmkjs   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running   <span class="token number">0</span>          6s    <span class="token number">10.244</span><span class="token number">.3</span><span class="token number">.17</span>   k8s<span class="token operator">-</span>node02   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li></ul></pre> 
<p>接下来强制关闭 <a href="https://so.csdn.net/so/search?q=k8s&amp;spm=1001.2101.3001.7020" target="_blank" class="hl hl-1" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.7020&quot;,&quot;dest&quot;:&quot;https://so.csdn.net/so/search?q=k8s&amp;spm=1001.2101.3001.7020&quot;,&quot;extra&quot;:&quot;{\&quot;searchword\&quot;:\&quot;k8s\&quot;}&quot;}" data-tit="k8s" data-pretit="k8s">k8s</a>-node02 节点,查看 Pod 是否转移。</p> 
<pre data-index="24" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl get po <span class="token operator">-</span>o wide
NAME                    READY   STATUS        RESTARTS   AGE    IP            NODE         NOMINATED NODE   READINESS GATES
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>c76fm   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Terminating   <span class="token number">0</span>          116s   <span class="token number">10.244</span><span class="token number">.3</span><span class="token number">.16</span>   k8s<span class="token operator">-</span>node02   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>csqf4   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running       <span class="token number">0</span>          13s    <span class="token number">10.244</span><span class="token number">.1</span><span class="token number">.66</span>   k8s<span class="token operator">-</span>node01   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>hsxq5   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Terminating   <span class="token number">0</span>          116s   <span class="token number">10.244</span><span class="token number">.3</span><span class="token number">.15</span>   k8s<span class="token operator">-</span>node02   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>r2v4p   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running       <span class="token number">0</span>          13s    <span class="token number">10.244</span><span class="token number">.1</span><span class="token number">.64</span>   k8s<span class="token operator">-</span>node01   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>v4knq   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running       <span class="token number">0</span>          13s    <span class="token number">10.244</span><span class="token number">.1</span><span class="token number">.65</span>   k8s<span class="token operator">-</span>node01   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>wkt52   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Running       <span class="token number">0</span>          116s   <span class="token number">10.244</span><span class="token number">.1</span><span class="token number">.63</span>   k8s<span class="token operator">-</span>node01   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>xmkjs   <span class="token number">1</span><span class="token operator">/</span><span class="token number">1</span>     Terminating   <span class="token number">0</span>          116s   <span class="token number">10.244</span><span class="token number">.3</span><span class="token number">.17</span>   k8s<span class="token operator">-</span>node02   <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>           <span class="token operator">&lt;</span>none<span class="token operator">&gt;</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li></ul></pre> 
<p>在 node 节点转为 NotReady 状态后,Pod 立刻进行了转移。这是通过 在 yaml 清单文件中明确指定 容忍时间。还可以直接修改 apiserver 配置来修改默认容忍时间。</p> 
<pre data-index="25" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">vim <span class="token operator">/</span>etc<span class="token operator">/</span>kubernetes<span class="token operator">/</span>manifests<span class="token operator">/</span>kube<span class="token operator">-</span>apiserver<span class="token punctuation">.</span>yaml
<span class="token operator">...</span>
spec<span class="token punctuation">:</span>
  containers<span class="token punctuation">:</span>
  <span class="token operator">-</span> command<span class="token punctuation">:</span>
    <span class="token operator">-</span> kube<span class="token operator">-</span>apiserver
    <span class="token operator">-</span> <span class="token operator">--</span>advertise<span class="token operator">-</span>address<span class="token operator">=</span><span class="token number">192.168</span><span class="token number">.1</span><span class="token number">.11</span>
    <span class="token operator">-</span> <span class="token operator">--</span><span class="token keyword">default</span><span class="token operator">-</span>not<span class="token operator">-</span>ready<span class="token operator">-</span>toleration<span class="token operator">-</span>seconds<span class="token operator">=</span><span class="token number">1</span>    ## 新增行
    <span class="token operator">-</span> <span class="token operator">--</span><span class="token keyword">default</span><span class="token operator">-</span>unreachable<span class="token operator">-</span>toleration<span class="token operator">-</span>seconds<span class="token operator">=</span><span class="token number">1</span>  ## 新增行
<span class="token operator">...</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li></ul></pre> 
<p>修改保存后, <code>kube-apiserver-k8s-master</code>pod 会自动重载最新配置。</p> 
<pre data-index="26" class="prettyprint"><code class="prism language-go has-numbering" onclick="mdcp.signin(event)" style="position: unset;">$ kubectl get po nginx<span class="token operator">-</span>84f6f75c6<span class="token operator">-</span>wkt52 <span class="token operator">-</span>o yaml
<span class="token operator">...</span>
  tolerations<span class="token punctuation">:</span>
  <span class="token operator">-</span> effect<span class="token punctuation">:</span> NoExecute
    key<span class="token punctuation">:</span> node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>not<span class="token operator">-</span>ready
    operator<span class="token punctuation">:</span> Exists
    tolerationSeconds<span class="token punctuation">:</span> <span class="token number">0</span>
  <span class="token operator">-</span> effect<span class="token punctuation">:</span> NoExecute
    key<span class="token punctuation">:</span> node<span class="token punctuation">.</span>kubernetes<span class="token punctuation">.</span>io<span class="token operator">/</span>unreachable
    operator<span class="token punctuation">:</span> Exists
    tolerationSeconds<span class="token punctuation">:</span> <span class="token number">0</span>
<span class="token operator">...</span>
<div class="hljs-button signin" data-title="登录后复制" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.4334&quot;}"></div></code><ul class="pre-numbering" style=""><li style="color: rgb(153, 153, 153);">1</li><li style="color: rgb(153, 153, 153);">2</li><li style="color: rgb(153, 153, 153);">3</li><li style="color: rgb(153, 153, 153);">4</li><li style="color: rgb(153, 153, 153);">5</li><li style="color: rgb(153, 153, 153);">6</li><li style="color: rgb(153, 153, 153);">7</li><li style="color: rgb(153, 153, 153);">8</li><li style="color: rgb(153, 153, 153);">9</li><li style="color: rgb(153, 153, 153);">10</li><li style="color: rgb(153, 153, 153);">11</li><li style="color: rgb(153, 153, 153);">12</li></ul></pre> 
<p>对于小型集群,可以直接设置全局变量。</p> 
<p>注意:当 kubernetes 集群只有一个 node 节点时,无法做到 Pod 转移,因为 Pod 已经无路可退了。</p>
                </div><div><div></div></div>
                <link href="https://csdnimg.cn/release/blogv2/dist/mdeditor/css/editerView/markdown_views-0407448025.css" rel="stylesheet">
                <link href="https://csdnimg.cn/release/blogv2/dist/mdeditor/css/style-bb308a51ed.css" rel="stylesheet">
        </div>
        <div id="treeSkill" style="display: block;"><div class="skill-tree-box"><div class="skill-tree-head">文章知识点与官方知识档案匹配,可进一步学习相关知识</div><div class="skill-tree-body"><div class="skill-tree-item"><span class="skill-tree-href"><a data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.6866&quot;,&quot;dest&quot;:&quot;https://edu.csdn.net/skill/cloud_native/cloud_native-3a407b55039e4e29b802e5047caf881b?utm_source=csdn_ai_skill_tree_blog&quot;}" href="https://edu.csdn.net/skill/cloud_native/cloud_native-3a407b55039e4e29b802e5047caf881b?utm_source=csdn_ai_skill_tree_blog" target="_blank">云原生入门技能树</a><i></i><a data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.6866&quot;,&quot;dest&quot;:&quot;https://edu.csdn.net/skill/cloud_native/cloud_native-3a407b55039e4e29b802e5047caf881b?utm_source=csdn_ai_skill_tree_blog&quot;}" href="https://edu.csdn.net/skill/cloud_native/cloud_native-3a407b55039e4e29b802e5047caf881b?utm_source=csdn_ai_skill_tree_blog" target="_blank">容器编排(生产环境 k8s)</a><i></i><a data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.6866&quot;,&quot;dest&quot;:&quot;https://edu.csdn.net/skill/cloud_native/cloud_native-3a407b55039e4e29b802e5047caf881b?utm_source=csdn_ai_skill_tree_blog&quot;}" href="https://edu.csdn.net/skill/cloud_native/cloud_native-3a407b55039e4e29b802e5047caf881b?utm_source=csdn_ai_skill_tree_blog" target="_blank">kubelet,kubectl,kubeadm三件套</a></span><span class="skill-tree-con"><span class="skill-tree-count">9904</span> 人正在系统学习中</span></div></div></div></div>
        <div id="blogExtensionBox" style="width:400px;margin:auto;margin-top:12px" class="blog-extension-box"><div class="blog_extension blog_extension_type1" id="blog_extension">
          <div class="blog_extension_card" data-report-click="{&quot;spm&quot;:&quot;1001.2101.3001.6470&quot;}" data-report-view="{&quot;spm&quot;:&quot;1001.2101.3001.6470&quot;}">
            <div class="blog_extension_card_left">
            <img src="https://img-blog.csdnimg.cn/75d32a77a71f45d3980091b342622835.png" alt="">
          </div>
            <div class="blog_extension_card_cont">
              <div class="blog_extension_card_cont_l">
                <span class="text">云原生私教</span>
                <div class="blog_extension_card_cont_r">
                  <img class="weixin" src="https://g.csdnimg.cn/extension-box/1.1.6/image/weixin.png" alt="">
                  <span>微信公众号</span>
                  <img class="go" src="https://g.csdnimg.cn/extension-box/1.1.6/image/ic_move.png" alt="">
                </div>
              </div>
              <span class="style">每日分享云原生学习路线、云原生前沿资讯等</span>
            </div>
          </div></div></div>
    </article>
k8s 污点 容忍

与[转帖]k8s 污点和容忍相似的内容:

[转帖]k8s 污点和容忍

文章目录 污点和容忍污点(Taints)查看污点:设置污点删除污点 容忍 (toleratints)Pod 设置容忍设置容忍时间容忍示例 节点自污染,pod 应对节点故障 污点和容忍 在 Kubernetes 中,节点亲和性 NodeAffinity 是 Pod 上定义的一种属性,能够使 Pod 按

k8s 污点 容忍
0
[转帖]k8s发布Spring cloud+eureka架构服务优雅启动停止方案

本文转载自昆仑枫的简书https://www.jianshu.com/p/6d393cbb694a Spring cloud+eureka是目前微服务主流解决方案之一,kubernetes则是广泛应用的发布工具,两者结合使用很常见。而两者结合时如何优雅启停从而实现无感发布很关键。下面将从不做特殊处理

k8s 发布 spring cloud
0
[转帖]K8S部署Redis Cluster集群(三主三从模式) - 部署笔记

https://www.cnblogs.com/cheyunhua/p/15619317.html 一、Redis 介绍 Redis代表REmote DIctionary Server是一种开源的内存中数据存储,通常用作数据库,缓存或消息代理。它可以存储和操作高级数据类型,例如列表,地图,集合和排序

k8s 部署 redis cluster
0
[转帖]k8s部署有状态应用redis-cluster集群踩坑总结

https://segmentfault.com/a/1190000039196137 redis-cluster集群的部署网上一堆,用k8s部署也不在少数,但都是抄来抄去,问题不少,实际操作分享出来的还是太少。 1、redis启动配置文件,使用CofigMap来管理比较方便,redis-confi

k8s 部署 状态 应用
0
[转帖]k8s-mtu设置不当引发的线上故障

https://www.cnblogs.com/zisefeizhu/p/16611626.html 背景 在部署新的paas平台线上环境时,突发consul和es中间件无法创建。 排查过程 以consul 通过查询k8s集群中pod状态发现原来3pod的consul集群,其中2个pod一直重启。

k8s mtu 设置 不当
0
[转帖]K8S集群内部 无持久化Redis单节点配置文件

K8S集群内部 无持久化Redis单节点配置文件 apiVersion: apps/v1 kind: Deployment metadata: name: redis-deploy spec: selector: matchLabels: prod: redis replicas: 1 templa

k8s 集群 内部 持久
0
[转帖]k8s证书永不过期

https://www.cnblogs.com/fengzi7314/p/15909220.html 第一步,在github上下载对应的版本,我的是1.22版本,所以选的是1.22版本 第二步,下载到本地解压 第三步,进入目录编辑文件,修改为100年 cd kubernetes-1.22.0/ vi

k8s 证书 永不 过期
0
[转帖]k8s之udp丢包问题

https://www.jianshu.com/p/6a5faee4cc65 image.png 测试仪发送某种类型的报文进行性能测试,报文目的mac为VF的mac。对于发出去的每个报文,必须在3s内收到响应,否则认为丢包,会重新发送一次,此时会有retransmit的统计。 pod A有两个网卡,

k8s udp 问题
0
[转帖]k8s实践指南-排错案例-tcp_tw_recycle 引发丢包

https://www.oomspot.com/post/k8sshijianzhinanpaicuoanlitcptwrecycleyinfadiubao tcp_tw_recycle 引发丢包 tcp_tw_recycle 这个内核参数用来快速回收 TIME_WAIT 连接,不过如果在 NAT

k8s 实践 指南 排错
0
[转帖]k8s学习: kubeconfig文件详解

1.什么是kubeconfig文件 用于配置集群访问的文件称为kubeconfig文件,这是引用配置文件的常用方法,.但并不是说有一个名为ubeconfi的文件。用于配置集群访问信息的文件叫作 kubeconfig 文件,在开启了 TLS 的集群中,每次与集群交互时都需要身份认证,生产环境一般使用证

k8s 学习 kubeconfig 文件
0
# 热门排行
微软 New Bing AI 申请与使用保姆级教程(免魔法) ChatGPT API使用介绍 ChatGPT开发实战 一篇带你了解如何使用纯前端类Excel表格构建现金流量表 手把手教你玩转 Excel 数据透视表 为什么 C# 可能是最好的第一编程语言 .NET 入门到高级路线 提高工作效率的神器:基于前端表格实现Chrome Excel扩展插件 React + Springboot + Quartz,从0实现Excel报表自动化 用Echarts实现前端表格引用从属关系可视化
© PmDaddy. 2023 PmDaddy教程网 All rights reserved.