EDITORIAL
Previous article kubernetes series of tutorials (e) a deep understanding of the core concepts pod initially introduced yaml learning kubernetes important concept pod, followed by introduction kubernetes series of tutorials resource resource management of Quality pod and pod of service quality of service.
1. Pod Resource Management
1.1 resource definitions
Process container operation need to allocate the resources needed, how to work with cggroup linked it? The answer is to achieve the allocation unit resource allocation, resource by resource definitions is the definition of two types of cpu and memory, resources: requests and limits, requests indicates a request for resources, the main basis for the initial kubernetes when scheduling pod, expressed the need allocating resources satisfying; represents limits resource constraints, i.e. pod can not exceed the size limit defined limits, through cggroup than limiting, the resource can be defined pod defined by the following four fields:
- . Spec.container [] resources.requests.cpu cpu resources requested size, such as 0.1 cpu and 100m distribution represents 1/10 cpu;
- . Spec.container [] resources.requests.memory requested memory size, the available units M, Mi, G, Gi represents;
- . Spec.container [] resources.limits.cpu cpu size limit can not exceed the threshold value, the limit value cggroup;
- . Spec.container [] resources.limits.memory restricted memory size, can not exceed the threshold value, it occurs more than OOM;
1 start to learn how to define the pod resource resources, to define nginx-demo as an example, the container resource request cpu 250m, is limited to 500m, a request for the memory resources 128Mi, to limit the memory resources 256Mi, of course, also define a plurality of containers resources, the sum total plurality of containers pod resources are resources, as follows:
[root@node-1 demo]#cat nginx-resource.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-demo
labels:
name: nginx-demo
spec:
containers:
- name: nginx-demo
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port-80
protocol: TCP
containerPort: 80
resources:
requests:
cpu: 0.25
memory: 128Mi
limits:
cpu: 500m
memory: 256Mi2, the configuration definition application pod (pod as previously exist, delete it kubectl delete pod <pod-name>), or another name pod named
[root@node-1 demo]# kubectl apply -f nginx-resource.yaml
pod/nginx-demo created3, resource allocation details View pod
[root@node-1 demo]# kubectl get pods
NAME READY STATUS RESTARTS AGE
demo-7b86696648-8bq7h 1/1 Running 0 12d
demo-7b86696648-8qp46 1/1 Running 0 12d
demo-7b86696648-d6hfw 1/1 Running 0 12d
nginx-demo 1/1 Running 0 94s
[root@node-1 demo]# kubectl describe pods nginx-demo
Name: nginx-demo
Namespace: default
Priority: 0
Node: node-3/10.254.100.103
Start Time: Sat, 28 Sep 2019 12:10:49 +0800
Labels: name=nginx-demo
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"name":"nginx-demo"},"name":"nginx-demo","namespace":"default"},"sp...
Status: Running
IP: 10.244.2.13
Containers:
nginx-demo:
Container ID: docker://55d28fdc992331c5c58a51154cd072cd6ae37e03e05ae829a97129f85eb5ed79
Image: nginx:1.7.9
Image ID: docker-pullable://nginx@sha256:e3456c851a152494c3e4ff5fcc26f240206abac0c9d794affb40e0714846c451
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Sat, 28 Sep 2019 12:10:51 +0800
Ready: True
Restart Count: 0
Limits: #限制资源
cpu: 500m
memory: 256Mi
Requests: #请求资源
cpu: 250m
memory: 128Mi
Environment: <none>
...省略...4, how Pod resource allocation it? There is no doubt that is allocated from the node, and when we create a pod of time if set requests, kubernetes scheduler kube-scheduler performs two scheduling process: filter and filter weighing weight, kube-scheduler will be based on the request resource filter, to filter out qualified node, and then sort, filter out most to meet the operational pod of node, and then run the pod on a particular node. Scheduling algorithm and detail can refer kubernetes described scheduling algorithm . The following are details of the distribution node-3 node resources:
[root@node-1 ~]# kubectl describe node node-3
...省略...
Capacity: #节点上资源的总资源情况,1个cpu,2g内存,110个pod
cpu: 1
ephemeral-storage: 51473888Ki
hugepages-2Mi: 0
memory: 1882352Ki
pods: 110
Allocatable: #节点容许分配的资源情况,部分预留的资源会排出在Allocatable范畴
cpu: 1
ephemeral-storage: 47438335103
hugepages-2Mi: 0
memory: 1779952Ki
pods: 110
System Info:
Machine ID: 0ea734564f9a4e2881b866b82d679dfc
System UUID: FFCD2939-1BF2-4200-B4FD-8822EBFFF904
Boot ID: 293f49fd-8a7c-49e2-8945-7a4addbd88ca
Kernel Version: 3.10.0-957.21.3.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://18.6.3
Kubelet Version: v1.15.3
Kube-Proxy Version: v1.15.3
PodCIDR: 10.244.2.0/24
Non-terminated Pods: (3 in total) #节点上运行pod的资源的情况,除了nginx-demo之外还有多个pod
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
default nginx-demo 250m (25%) 500m (50%) 128Mi (7%) 256Mi (14%) 63m
kube-system kube-flannel-ds-amd64-jp594 100m (10%) 100m (10%) 50Mi (2%) 50Mi (2%) 14d
kube-system kube-proxy-mh2gq 0 (0%) 0 (0%) 0 (0%) 0 (0%) 12d
Allocated resources: #已经分配的cpu和memory的资源情况
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 350m (35%) 600m (60%)
memory 178Mi (10%) 306Mi (17%)
ephemeral-storage 0 (0%) 0 (0%)
Events: <none>1.2 Resource allocation principles
Pod action requests and resource limits defined in the scheduler kubernetes kube-sheduler, actually apply cpu and memory resources defined in the Container, cggroup of resources by the isolation container, we introduce the following resources allocation principle.
- spec.containers []. resources.requests.cpu role CpuShares, represents the weight assigned cpu distribution ratio when the scramble
- spec.containers []. resources.requests.memory mainly used kube-scheduler scheduler, meaning container not provided
- spec.containers [] resources.limits.cpu role CpuQuota and CpuPeriod, microseconds, calculated as:. CpuQuota / CpuPeriod, represents the largest percentage of the maximum cpu may be used, such as allowing the use of 500m represents a 50% cpu resources
- spec.containers []. resources.limits.memory role in Memory, represents the maximum available memory size of the container, it will exceed OOM
To nginx-demo as defined above, for example, requests and limits pod defined application parameters under study in docker in force:
1, node node view pod is located, nginx-demo scheduling node to node-3
[root@node-1 ~]# kubectl get pods -o wide nginx-demo
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-demo 1/1 Running 0 96m 10.244.2.13 node-3 <none> <none>2, the container id number acquired may be acquired by containerID kubectl describe pods nginx-demo to the id of the container, the id or login to node node-3 obtained was filtered through a container name, the default will be two pod: by a pause image creation, created by another application image
[root@node-3 ~]# docker container list |grep nginx
55d28fdc9923 84581e99d807 "nginx -g 'daemon of…" 2 hours ago Up 2 hours k8s_nginx-demonginx-demo_default_66958ef7-507a-41cd-a688-7a4976c6a71e_0
2fe0498ea9b5 k8s.gcr.io/pause:3.1 "/pause" 2 hours ago Up 2 hours k8s_POD_nginx-demo_default_66958ef7-507a-41cd-a688-7a4976c6a71e_03, View docker container details information
[root@node-3 ~]# docker container inspect 55d28fdc9923
[
...部分输出省略...
{
"Image": "sha256:84581e99d807a703c9c03bd1a31cd9621815155ac72a7365fd02311264512656",
"ResolvConfPath": "/var/lib/docker/containers/2fe0498ea9b5dfe1eb63eba09b1598a8dfd60ef046562525da4dcf7903a25250/resolv.conf",
"HostConfig": {
"Binds": [
"/var/lib/kubelet/pods/66958ef7-507a-41cd-a688-7a4976c6a71e/volumes/kubernetes.io~secret/default-token-5qwmc:/var/run/secrets/kubernetes.io/serviceaccount:ro",
"/var/lib/kubelet/pods/66958ef7-507a-41cd-a688-7a4976c6a71e/etc-hosts:/etc/hosts",
"/var/lib/kubelet/pods/66958ef7-507a-41cd-a688-7a4976c6a71e/containers/nginx-demo/1cc072ca:/dev/termination-log"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {
"max-size": "100m"
}
},
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 256, CPU分配的权重,作用在requests.cpu上
"Memory": 268435456, 内存分配的大小,作用在limits.memory上
"NanoCpus": 0,
"CgroupParent": "kubepods-burstable-pod66958ef7_507a_41cd_a688_7a4976c6a71e.slice",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 100000, CPU分配的使用比例,和CpuQuota一起作用在limits.cpu上
"CpuQuota": 50000,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 268435456,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
},
}
]1.3. Cpu resources test
the pod cpu limit defined primarily by requests.cpu and limits.cpu, limits should not exceed the size of the cpu, we verified by mirroring stress, stress is a compression side cpu and memory means, by defining the parameters specified pressure args cpu size side. Monitoring the pod cpu and memory may be viewed by way of kubectl top, depending on the components, such as monitoring metric-server or promethus, not currently installed, we see the way through docker stats.
1, the mirror is defined by a stress POD, 0.25 cores assigned a maximum limit and core used in a proportion 0.5
[root@node-1 demo]# cat cpu-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: cpu-demo
namespace: default
annotations:
kubernetes.io/description: "demo for cpu requests and"
spec:
containers:
- name: stress-cpu
image: vish/stress
resources:
requests:
cpu: 250m
limits:
cpu: 500m
args:
- -cpus
- "1"2, the application file is generated pod yaml
[root@node-1 demo]# kubectl apply -f cpu-demo.yaml
pod/cpu-demo created3, view resource allocation details pod
[root@node-1 demo]# kubectl describe pods cpu-demo
Name: cpu-demo
Namespace: default
Priority: 0
Node: node-2/10.254.100.102
Start Time: Sat, 28 Sep 2019 14:33:12 +0800
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"kubernetes.io/description":"demo for cpu requests and"},"name":"cpu-demo","nam...
kubernetes.io/description: demo for cpu requests and
Status: Running
IP: 10.244.1.14
Containers:
stress-cpu:
Container ID: docker://14f93767ad37b92beb91e3792678f60c9987bbad3290ae8c29c35a2a80101836
Image: progrium/stress
Image ID: docker-pullable://progrium/stress@sha256:e34d56d60f5caae79333cee395aae93b74791d50e3841986420d23c2ee4697bf
Port: <none>
Host Port: <none>
Args:
-cpus
1
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Sat, 28 Sep 2019 14:34:28 +0800
Finished: Sat, 28 Sep 2019 14:34:28 +0800
Ready: False
Restart Count: 3
Limits: #cpu限制使用的比例
cpu: 500m
Requests: #cpu请求的大小
cpu: 250m4, landing a particular node to node, view the container by docker container stats resource usage details
On the node pod owned by a top view, cpu usage limit the percentage is 50%.
It can be concluded from the above verification, we define a stress Core vessel used, by defining limits.cpu cpu size can be used are 500m, test validation pod resource already in the container or inside the host are strictly limited 50% (only one machine on the node cpu, if there are two cpu will share 25%).
1.4 memory test resources
1, the image took effect and stress testing and verification requests.memory limits.memory, the size of the container limits.memory define the memory resources can be used, when the memory set size exceeds OOM container will occur, a test container as defined below, can not exceed the maximum memory 512M, using stress mirror --vm-bytes memory size is defined compression side 256Mi
[root@node-1 demo]# cat memory-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: memory-stress-demo
annotations:
kubernetes.io/description: "stress demo for memory limits"
spec:
containers:
- name: memory-stress-limits
image: polinux/stress
resources:
requests:
memory: 128Mi
limits:
memory: 512Mi
command: ["stress"]
args: ["--vm", "1", "--vm-bytes", "256M", "--vm-hang", "1"]2, the application file is generated pod yaml
[root@node-1 demo]# kubectl apply -f memory-demo.yaml
pod/memory-stress-demo created
[root@node-1 demo]# kubectl get pods memory-stress-demo -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
memory-stress-demo 1/1 Running 0 41s 10.244.1.19 node-2 <none> <none>3, see the allocation of resources
[root@node-1 demo]# kubectl describe pods memory-stress-demo
Name: memory-stress-demo
Namespace: default
Priority: 0
Node: node-2/10.254.100.102
Start Time: Sat, 28 Sep 2019 15:13:06 +0800
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"kubernetes.io/description":"stress demo for memory limits"},"name":"memory-str...
kubernetes.io/description: stress demo for memory limits
Status: Running
IP: 10.244.1.16
Containers:
memory-stress-limits:
Container ID: docker://c7408329cffab2f10dd860e50df87bd8671e65a0f8abb4dae96d059c0cb6bb2d
Image: polinux/stress
Image ID: docker-pullable://polinux/stress@sha256:6d1825288ddb6b3cec8d3ac8a488c8ec2449334512ecb938483fc2b25cbbdb9a
Port: <none>
Host Port: <none>
Command:
stress
Args:
--vm
1
--vm-bytes
256Mi
--vm-hang
1
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Sat, 28 Sep 2019 15:14:08 +0800
Finished: Sat, 28 Sep 2019 15:14:08 +0800
Ready: False
Restart Count: 3
Limits: #内存限制大小
memory: 512Mi
Requests: #内存请求大小
memory: 128Mi
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-5qwmc (ro)4, view usage vessel memory resources, allocating memory 256M, maximum use of 512Mi, utilization rate of 50%, this case does not exceed the size limits of the limit, the normal operation of the vessel
5, when the internal container exceeds the size of memory what will happen, we will --vm-byte to 513M, the container will try to run, after more than memory will be OOM, kube-controller-manager will continue to try to restart the container, RESTARTS the number will continue to increase.
[root@node-1 demo]# cat memory-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: memory-stress-demo
annotations:
kubernetes.io/description: "stress demo for memory limits"
spec:
containers:
- name: memory-stress-limits
image: polinux/stress
resources:
requests:
memory: 128Mi
limits:
memory: 512Mi
command: ["stress"]
args: ["--vm", "1", "--vm-bytes", "520M", "--vm-hang", "1"] . #容器中使用内存为520M
查看容器的状态为OOMKilled,RESTARTS的次数不断的增加,不停的尝试重启
[root@node-1 demo]# kubectl get pods memory-stress-demo
NAME READY STATUS RESTARTS AGE
memory-stress-demo 0/1 OOMKilled 3 60s2. Pod Quality of Service
Quality of service QOS (Quality of Service) mainly used for an important factor when the reference pod scheduling and expulsion, different quality of service QOS corresponding to different priorities, is divided into three types of Qos:
- BestEffort do our best to allocate resources, not specified default resource allocation Qos, the lowest priority;
- Burstable can fluctuate resources need to be allocated at least to the requests of resources, common QOS;
- Guaranteed fully support resources, the same requests and limits defined resources, the highest priority.
2.1 BestEffort best efforts
1, Pod is not defined resource, the default Qos strategy BestEffort, the lowest priority when compared to the progress of resources is required to expel evice, priority expel BestEffort defined Pod, defined as follows Pod of a BestEffort
[root@node-1 demo]# cat nginx-qos-besteffort.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-qos-besteffort
labels:
name: nginx-qos-besteffort
spec:
containers:
- name: nginx-qos-besteffort
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port-80
protocol: TCP
containerPort: 80
resources: {}2, create a pod and view Qos strategy, qosClass to BestEffort
[root@node-1 demo]# kubectl apply -f nginx-qos-besteffort.yaml
pod/nginx-qos-besteffort created
查看Qos策略
[root@node-1 demo]# kubectl get pods nginx-qos-besteffort -o yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"name":"nginx-qos-besteffort"},"name":"nginx-qos-besteffort","namespace":"default"},"spec":{"containers":[{"image":"nginx:1.7.9","imagePullPolicy":"IfNotPresent","name":"nginx-qos-besteffort","ports":[{"containerPort":80,"name":"nginx-port-80","protocol":"TCP"}],"resources":{}}]}}
creationTimestamp: "2019-09-28T11:12:03Z"
labels:
name: nginx-qos-besteffort
name: nginx-qos-besteffort
namespace: default
resourceVersion: "1802411"
selfLink: /api/v1/namespaces/default/pods/nginx-qos-besteffort
uid: 56e4a2d5-8645-485d-9362-fe76aad76e74
spec:
containers:
- image: nginx:1.7.9
imagePullPolicy: IfNotPresent
name: nginx-qos-besteffort
ports:
- containerPort: 80
name: nginx-port-80
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
...省略...
status:
hostIP: 10.254.100.102
phase: Running
podIP: 10.244.1.21
qosClass: BestEffort #Qos策略
startTime: "2019-09-28T11:12:03Z"3, delete the test Pod
[root@node-1 demo]# kubectl delete pods nginx-qos-besteffort
pod "nginx-qos-besteffort" deleted2.2 Burstable may fluctuate
1, the quality of service for Burstable Pod, after Guaranteed quality of service, at least one container defines requests, and smaller than the limits defined resource requests resources
[root@node-1 demo]# cat nginx-qos-burstable.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-qos-burstable
labels:
name: nginx-qos-burstable
spec:
containers:
- name: nginx-qos-burstable
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port-80
protocol: TCP
containerPort: 80
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 200m
memory: 256Mi2, the application generates a pod yaml file and view Qos type
[root@node-1 demo]# kubectl apply -f nginx-qos-burstable.yaml
pod/nginx-qos-burstable created
查看Qos类型
[root@node-1 demo]# kubectl describe pods nginx-qos-burstable
Name: nginx-qos-burstable
Namespace: default
Priority: 0
Node: node-2/10.254.100.102
Start Time: Sat, 28 Sep 2019 19:27:37 +0800
Labels: name=nginx-qos-burstable
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"name":"nginx-qos-burstable"},"name":"nginx-qos-burstable","namespa...
Status: Running
IP: 10.244.1.22
Containers:
nginx-qos-burstable:
Container ID: docker://d1324b3953ba6e572bfc63244d4040fee047ed70138b5a4bad033899e818562f
Image: nginx:1.7.9
Image ID: docker-pullable://nginx@sha256:e3456c851a152494c3e4ff5fcc26f240206abac0c9d794affb40e0714846c451
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Sat, 28 Sep 2019 19:27:39 +0800
Ready: True
Restart Count: 0
Limits:
cpu: 200m
memory: 256Mi
Requests:
cpu: 100m
memory: 128Mi
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-5qwmc (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-5qwmc:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-5qwmc
Optional: false
QoS Class: Burstable #服务质量是可波动的Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 95s default-scheduler Successfully assigned default/nginx-qos-burstable to node-2
Normal Pulled 94s kubelet, node-2 Container image "nginx:1.7.9" already present on machine
Normal Created 94s kubelet, node-2 Created container nginx-qos-burstable
Normal Started 93s kubelet, node-2 Started container nginx-qos-burstable2.3 Guaranteed full protection
1, defined resource cpu and memory limits and must contain requests, and requests cut value limits must be the same, which is the highest priority, when there is scheduling and priority to the protection of the expulsion type of Qos, defined as it follows a nginx-qos- guaranteed container, and the same requests.cpu limits.cpu, and empathy requests.memory limits.memory.
[root@node-1 demo]# cat nginx-qos-guaranteed.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-qos-guaranteed
labels:
name: nginx-qos-guaranteed
spec:
containers:
- name: nginx-qos-guaranteed
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port-80
protocol: TCP
containerPort: 80
resources:
requests:
cpu: 200m
memory: 256Mi
limits:
cpu: 200m
memory: 256Mi2, the application generates a pod yaml file and view the pod of Qos type to be fully guaranteed Guaranteed
[root@node-1 demo]# kubectl apply -f nginx-qos-guaranteed.yaml
pod/nginx-qos-guaranteed created
[root@node-1 demo]# kubectl describe pods nginx-qos-guaranteed
Name: nginx-qos-guaranteed
Namespace: default
Priority: 0
Node: node-2/10.254.100.102
Start Time: Sat, 28 Sep 2019 19:37:15 +0800
Labels: name=nginx-qos-guaranteed
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"name":"nginx-qos-guaranteed"},"name":"nginx-qos-guaranteed","names...
Status: Running
IP: 10.244.1.23
Containers:
nginx-qos-guaranteed:
Container ID: docker://cf533e0e331f49db4e9effb0fbb9249834721f8dba369d281c8047542b9f032c
Image: nginx:1.7.9
Image ID: docker-pullable://nginx@sha256:e3456c851a152494c3e4ff5fcc26f240206abac0c9d794affb40e0714846c451
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Sat, 28 Sep 2019 19:37:16 +0800
Ready: True
Restart Count: 0
Limits:
cpu: 200m
memory: 256Mi
Requests:
cpu: 200m
memory: 256Mi
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-5qwmc (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-5qwmc:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-5qwmc
Optional: false
QoS Class: Guaranteed #服务质量为可完全保障Guaranteed
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 25s default-scheduler Successfully assigned default/nginx-qos-guaranteed to node-2
Normal Pulled 24s kubelet, node-2 Container image "nginx:1.7.9" already present on machine
Normal Created 24s kubelet, node-2 Created container nginx-qos-guaranteed
Normal Started 24s kubelet, node-2 Started container nginx-qos-guaranteedWritten in the last
This chapter is kubernetes tutorials sixth article, Qos, there are nodes on resource allocation and service quality through the use of resources introduce resource suggestions:
- requests and resource definition recommended limits of no more than 1: 2, to avoid allocating too many resources and competition for resources occurs, OOM occurs;
- pod default is not defined resource, recommended to define a namespace limitrange, ensure that the pod could be assigned to resources;
- Preventing occurrence of excessive machine resources hang live or OOM, retention and expulsion of resources provided recommendations node, such resources are reserved --system-reserved = cpu = 200m, memory = 1G, the expulsion conditions --eviction hard = memory.available on node < 500Mi.
appendix
Container computing resource management:https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
pod Memory Resource Management:https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/
pod cpu Resource Management:https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/
Quality of Service QOS:https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/
Docker on CPU limitations:https://www.cnblogs.com/sparkdev/p/8052522.html
When your talent not afford to support your ambitions, you should stop learning