打标签
1 | kubectl label node node1 env-role=prod |
查看标签
1 | kubectl get nodes --show-labels |
打污点
kubectl taint node node名 key=value:污点三个可选值
NoSchedule : 一定不被调度
PreferNoSchedule : 尽量不被调度
NoExecute : 不会调度,并且还会驱逐Node已有Pod
1 | kubectl taint node node1 key1=value1:NoSchedule (PreferNoSchedule,NoExecute) |
更新污点
1 | kubectl taint node node1 key1=value1:PreferNoSchedule:NoSchedule- |
查看taint:
kubectl describe node node1 | grep Taints
Taints: key1:NoSchedule
删除taint:
1 2 3 4 | kubectl taint node node1 key1:NoSchedule- # 这里的key可以不用指定value 标签后直接加“-”减号即可kubectl taint node node1 key1:NoExecute-# kubectl taint node node1 key1- 删除指定key所有的effectkubectl taint node node1 key2:NoSchedule- |
master节点设置taint
1 | kubectl taint nodes master1 node-role.kubernetes.io/master=:NoSchedule |
注意⚠️ : 为master设置的这个taint中, node-role.kubernetes.io/master为key, value为空, effect为NoSchedule
如果输入命令时, 你丢掉了=符号, 写成了node-role.kubernetes.io/master:NoSchedule, 会报error: at least one taint update is required错误
1 2 3 4 5 6 7 | [root@bogon ~]# kubectl get no -o yaml | grep taint -A 5 taints: - effect: NoSchedule key: node.kubernetes.io/not-ready[root@bogon ~]# kubectl taint nodes --all node.kubernetes.io/not-ready-node/master untainted |
容忍tolerations主节点的taints
以上面为 master1 设置的 taints 为例, 你需要为你的 yaml 文件中添加如下配置, 才能容忍 master 节点的污点
在 pod 的 spec 中设置 tolerations 字段
1 2 3 4 5 | tolerations:- key: "node-role.kubernetes.io/master" operator: "Equal" value: "" effect: "NoSchedule" |
举例如果将pod 调度到指定节点上,并且节点有不可调度的污点
spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: env-role operator: In values: - prod tolerations: - key: key1 operator: Exists effect: NoSchedule
举例包含节点亲和性(Node Affinity)、Pod 反亲和性(Pod Anti-Affinity)
spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: # 节点亲和性:要求节点具有 "env-role=prod" 的标签 - matchExpressions: - key: env-role operator: In values: - prod podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: # Pod 反亲和性:确保与具有标签 "app=minio-mc" 的其他 Pod 不在同一节点上 - labelSelector: matchExpressions: - key: app operator: In values: - minio-mc topologyKey: "kubernetes.io/hostname" tolerations: # 容忍具有 "key1" 键的污点 - key: key1 operator: Exists effect: NoSchedule containers: # 容器定义 - name: minio-mc image: your-minio-mc-image
举例节点反亲和性和 Pod 亲和性
spec: affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - minio-mc topologyKey: "kubernetes.io/hostname" podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - minio-mc topologyKey: "kubernetes.io/hostname" nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: env-role operator: NotIn values: - prod containers: - name: minio-mc image: your-minio-mc-image
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
· DeepSeek 开源周回顾「GitHub 热点速览」