In order to ensure that the business is not interrupted or the business SLA is not degraded in Kubernetes, applications need to be deployed in clusters, such as Deployment, StatefulSet deployment, etc. Although it is a clustered deployment, when we actively destroy Pods, in order to avoid destroying too many Pods at one time, Kubernetes references the PodDisruptionBudget (PDB) controller to control the number of Pods in the cluster.
In PDB, the number of Pods is mainly controlled by two parameters:
-
minAvailable: represents the minimum number of Pods available, which represents the minimum number of Pods in a running state in a Pod cluster or the percentage of the number of Pods in a running state and the total;
- maxUnavailable: indicates the maximum number of unavailable Pods, indicating the maximum number of unavailable Pods in the Pod cluster or the percentage of the number of unavailable Pods and the total;
注意:minAvailable和maxUnavailable是互斥了,也就是说两者同一时刻只能出现一种。
The kubectl drain command already supports the PodDisruptionBudget controller. When the kubectl drain operation is performed, it will determine the number of application POD clusters according to the PodDisruptionBudget controller, so as to ensure that application POD destruction is performed without service interruption or service SLA degradation. When performing kubectl drain or Pod actively escaping, Kubernetes will judge by the following situations:
-
minAvailable is set to a value of 5: there must be at least 5 healthy and available PODs in the application POD cluster, then the operation can be performed.
-
MinAvailable is set to a percentage of 30%: at least 30% of the healthy available PODs in the application POD cluster can be operated.
-
maxUnavailable is set to a value of 5: There can only be 5 unavailable PODs in the application POD cluster before operation can be performed.
- maxUnavailable is set to a percentage of 30%: only 30% of the unavailable PODs in the application POD cluster can be operated.
In extreme cases, such as setting maxUnavailable to 0 or 100%, it means that the kubectl drain operation cannot be performed. In the same way, setting minAvailable to 100%, or to the maximum number of copies of the application POD cluster, also means that kubectl drain operation cannot be performed.
注意:使用PodDisruptionBudget控制器并不能保证任何情况下都对业务POD集群进行约束,PodDisruptionBudget控制器只能保证POD主动逃离的情况下业务不中断或者业务SLA不降级,例如在执行kubectldrain命令时。
Example:
(1), define minAvailable
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: pdb-demo
spec:
minAvailable: 2
selector:
matchLables:
app: nginx(2), define maxUnavailable
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: pdb-demo
spec:
maxUnavailable: 1
selector:
matchLables:
app: nginx(3) Create a resource list
对于PodDisruptionBudget对象,无法直接进行更新操作,只能通过删除和重新创建来完成对PodDisruptionBudget对象的更新。
# kubectl apply -f pdb-demo.yaml(4) Check the status
# kubectl get pdb
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
pdb-demo 2 N/A 0 7m46s(5) View detailed information
# kubectl describe pdb pdb-demo
Name: pdb-demo
Namespace: default
Min available: 2
Selector: app=nginx
Status:
Allowed disruptions: 0
Current: 0
Desired: 2
Total: 0
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal NoPods 2m58s (x53 over 28m) controllermanager No matching pods found参考文档:https://kubernetes.io/docs/tasks/run-application/configure-pdb/
Finish