Guaranteed,Burstable, BestEfford-Kubernetes服务质量类
在CAdvisor监控数据中,看到容器分了好多层,其中有burstable.slice, bestefford.slice,这个到底是什么意思呢?
原来这个是Kubernetes在Cgroup中的分类,用于对容器资源的控制(CPU, 内存)。
Kubernetes服务质量类包含三类:Guaranteed,Burstable, BestEfford。
QoS classes
When Kubernetes creates a Pod it assignsone of these QoS classes to the Pod:
Guaranteed
Burstable
BestEffort
例如:
1、Create aPod that gets assigned a QoS class of Guaranteed
For a Podto be given a QoS class of Guaranteed:
Every Container in the Pod must have a memory limit and a memory request, and they must be the same.
Every Container in the Pod must have a cpu limit and a cpu request, and they must be the same.
Here isthe configuration file for a Pod that has one Container. The Container has a memorylimit and a memory request, both equal to 200 MiB. The Container has a cpulimit and a cpu request, both equal to 700 millicpu:
2、Create a Podthat gets assigned a QoS class of Burstable
A Pod isgiven a QoS class of Burstable if:
The Pod does not meet the criteria for QoSclass Guaranteed.
At least one Container in the Pod has amemory or cpu request.
Here isthe configuration file for a Pod that has one Container. The Container has amemory limit of 200 MiB and a memory request of 100 MiB.
3、Create aPod that gets assigned a QoS class of BestEffort
For a Podto be given a QoS class of BestEffort, the Containers in the Pod must not haveany memory or cpu limits or requests.
Here isthe configuration file for a Pod that has one Container. The Container has nomemory or cpu limits or requests:
参考:https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/
例子:
[docker@shanghai ~]$ kubectl get pod kubernetes-dashboard-747c4f7cf-dsr2v -o yaml -n kube-system
apiVersion: v1
kind: Pod
metadata:
annotations:
kubernetes.io/created-by: |
{"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"kube-system","name":"kubernetes-dashboard-747c4f7cf","uid":"d8581f0c-e7ad-11e7-be5b-000c29e02f07","apiVersion":"extensions","resourceVersion":"1172"}}
creationTimestamp: 2017-12-23T06:52:30Z
generateName: kubernetes-dashboard-747c4f7cf-
labels:
k8s-app: kubernetes-dashboard
pod-template-hash: "303709379"
name: kubernetes-dashboard-747c4f7cf-dsr2v
namespace: kube-system
ownerReferences:
- apiVersion: extensions/v1beta1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: kubernetes-dashboard-747c4f7cf
uid: d8581f0c-e7ad-11e7-be5b-000c29e02f07
resourceVersion: "3020906"
selfLink: /api/v1/namespaces/kube-system/pods/kubernetes-dashboard-747c4f7cf-dsr2v
uid: d86174c8-e7ad-11e7-be5b-000c29e02f07
spec:
containers:
- args:
- --tls-key-file=/certs/dashboard.key
- --tls-cert-file=/certs/dashboard.crt
image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.7.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /
port: 8443
scheme: HTTPS
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
name: kubernetes-dashboard
ports:
- containerPort: 8443
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /certs
name: kubernetes-dashboard-certs
readOnly: true
- mountPath: /tmp
name: tmp-volume
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kubernetes-dashboard-token-r8nvt
readOnly: true
dnsPolicy: ClusterFirst
initContainers:
- image: gcr.io/google_containers/kubernetes-dashboard-init-amd64:v1.0.1
imagePullPolicy: IfNotPresent
name: kubernetes-dashboard-init
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /certs
name: kubernetes-dashboard-certs
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kubernetes-dashboard-token-r8nvt
readOnly: true
nodeName: shanghai
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: kubernetes-dashboard
serviceAccountName: kubernetes-dashboard
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoExecute
key: node.alpha.kubernetes.io/notReady
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.alpha.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kubernetes-dashboard-certs
secret:
defaultMode: 420
secretName: kubernetes-dashboard-certs
- emptyDir: {}
name: tmp-volume
- name: kubernetes-dashboard-token-r8nvt
secret:
defaultMode: 420
secretName: kubernetes-dashboard-token-r8nvt
status:
conditions:
- lastProbeTime: null
lastTransitionTime: 2017-12-23T06:52:34Z
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: 2018-05-18T01:16:25Z
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: 2017-12-23T06:52:30Z
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://b577fed877522034b5f613d720061e7d238762dd804a8933004f01e478d1553a
image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.7.1
imageID: docker://sha256:294879c6444ed35b8cb94c613e61c47b9938305a1d1eaf452c0d17db471d99e5
lastState:
terminated:
containerID: docker://f6345017dc7dd242885a439b1b886c65573df4fba544e267c886d053c17dc267
exitCode: 1
finishedAt: 2018-05-18T01:13:49Z
reason: Error
startedAt: 2018-05-16T14:46:42Z
name: kubernetes-dashboard
ready: true
restartCount: 22
state:
running:
startedAt: 2018-05-18T01:16:20Z
hostIP: 192.168.131.124
initContainerStatuses:
- containerID: docker://297b74cef9870e70f43c3744ed66e532e7ace15f5279f81eb35b0ef6cdfed77c
image: gcr.io/google_containers/kubernetes-dashboard-init-amd64:v1.0.1
imageID: docker://sha256:95bfc2b3e5a3375298b81c15e29bfd1e53d002ff48e5f22fdc808ae4207da7d4
lastState: {}
name: kubernetes-dashboard-init
ready: true
restartCount: 7
state:
terminated:
containerID: docker://297b74cef9870e70f43c3744ed66e532e7ace15f5279f81eb35b0ef6cdfed77c
exitCode: 0
finishedAt: 2018-05-18T01:16:07Z
reason: Completed
startedAt: 2018-05-18T01:16:06Z
phase: Running
podIP: 192.168.101.25
qosClass: BestEffort #《===================看这里=======================
startTime: 2017-12-23T06:52:30Z
