The following configuration requires that CockroachDB pods are scheduled onto worker nodes running either an intel or amd64 CPU, with a preference against worker nodes in the us-east4-b availability zone. If you specify multiple values for a label, the node can match any of the values.
If you specify multiple matchExpressions labels, the node must match all of them. Specify node affinities in affinity.nodeAffinity in the Operator's custom resource, which is used to deploy the cluster. Prevent CockroachDB pods from being co-located with labeled pods (e.g., on a node or region).įor an example, see Scheduling CockroachDB onto labeled nodes.Prevent CockroachDB pods from being scheduled onto a labeled worker node.Require CockroachDB pods to be co-located with labeled pods (e.g., on a node or region).Require CockroachDB pods to be scheduled onto a labeled worker node.A pod with a pod anti-affinity avoids pods that have matching labels.Īffinities and anti-affinities can be used together with operator fields to: A pod with a pod affinity seeks out pods that have matching labels. By design the worker nodes should be the ones taking pods.To use the affinity rules, first enable the feature gates.Ī pod with a node affinity seeks out worker nodes that have matching labels. In such cases it’s a great idea to keep the master node NoSchedule taint and repel pods trying to schedule on it. Normally if you run a Kubernetes cluster you would not have just the master node but also worker nodes. Note for production: this is bad idea for production. Notice the minus sign at the end of the taint removal command. ~]# kubectl taint nodes -all /master- node/phix untainted ~]# kubectl get nodes -o json | jq. The simple solution would be to remove this taint. It’s set to prevent scheduling on the master node and if you try to put some pods to play with (like Helm) you will probably hit on this problem: ~]# kubectl get pods -all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-86c58d9df4-nl4hq 1/1 Running 0 11h kube-system coredns-86c58d9df4-wbg8x 1/1 Running 0 11h kube-system etcd-phix 1/1 Running 0 11h kube-system kube-apiserver-phix 1/1 Running 0 11h kube-system kube-controller-manager-phix 1/1 Running 1 11h kube-system kube-flannel-ds-amd64-jtkqn 1/1 Running 0 11h kube-system kube-proxy-fqg5b 1/1 Running 0 11h kube-system kube-scheduler-phix 1/1 Running 1 11h kube-system kubernetes-dashboard-57df4db6b-cptdn 1/1 Running 0 11h kube-system tiller-deploy-8485766469-pd9ss 0/1 Pending 0 89s ~]# kubectl -n kube-system describe pod tiller-deploy-8485766469-pd9ss Name: tiller-deploy-8485766469-pd9ss Namespace: kube-system Priority: 0 Priorit圜lassName: Node: Labels: app=helm name=tiller pod-template-hash=8485766469 Annotations: Status: Pending IP: Controlled By: ReplicaSet/tiller-deploy-8485766469 Containers: tiller: Image: gcr.io/kubernetes-helm/tiller:v2.12.1 Ports: 44134/TCP, 44135/TCP Host Ports: 0/TCP, 0/TCP Liveness: http-get delay=1s timeout=1s period=10s #success=1 #failure=3 Readiness: http-get delay=1s timeout=1s period=10s #success=1 #failure=3 Environment: TILLER_NAMESPACE: kube-system TILLER_HISTORY_MAX: 0 Mounts: /var/run/secrets/kubernetes.io/serviceaccount from tiller-token-b65qd (ro) Conditions: Type Status PodScheduled False Volumes: tiller-token-b65qd: Type: Secret (a volume populated by a Secret) SecretName: tiller-token-b65qd Optional: false QoS Class: BestEffort Node-Selectors: Tolerations: /not-ready:NoExecute for 300s /unreachable:NoExecute for 300s Events: Type Reason Age From Message - Warning FailedScheduling 104s (x2 over 104s) default-scheduler 0/1 nodes are available: 1 node(s) had taints that the pod didn't tolerate. If you run a single node cluster on your laptop (the way I like to do :)) you will often hit on a common taint - the NoSchedule one.
That’s one of the great features of Kubernetes but there is a catch. Taint and affinity control what pods should be repelled by the nodes (taint) and where the pods would be attracted to (affinity).
#WHAT IS KUBERNETES TAINT HOW TO#
Kubernetes taint - what is it and how to work with it?
0 kommentar(er)
