配置Pod的服务质量
QoS类
QoS(Quality of Service class,Qos class):服务质量类
Kubernetes创建Pod时,会将如下Qos类之一设置到Pod上:
- Guaranteed
- Burstable
- BestEffort
先创建一个qos-example命名空间方便测试
kubectl create namespace=qos-example
创建一个Qos为Guaranteed的Pod
Qos类为Guaranted的Pod满足的条件:
- Pod中每个容器都限制内存和内存请求
- 每个容器内存限制和内存请求必须相等
- 每个容器必须指定cpu限制和请求,且二者必须相等
反映到yaml配置文件中则表示必须有limits和requests字段,且两字段中的子类值必须相等
kubectl apply -f qos-demo.yaml --namespace=qos-example
#qos-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: qos-demo
namespace: qos-example
spec:
containers:
- name: qos-demo-ctr
image: nginx
resources:
limits:
memory: "200Mi"
cpu: "700m"
requests:
memory: "200Mi"
cpu: "700m"
kubectl get pod qos-demo --namespace=qos-example --output=yaml
root@lxt-master:~/podTest# kubectl get pod qos-demo --namespace=qos-example --output=yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"qos-demo","namespace":"qos-example"},"spec":{"containers":[{"image":"nginx","name":"qos-demo-ctr","resources":{"limits":{"cpu":"700m","memory":"200Mi"},"requests":{"cpu":"700m","memory":"200Mi"}}}]}}
creationTimestamp: "2023-05-04T03:06:54Z"
name: qos-demo
namespace: qos-example
resourceVersion: "4878778"
uid: 8b60daeb-95eb-4a33-99ab-d8ea508e1ad9
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: qos-demo-ctr
resources:
limits:
cpu: 700m
memory: 200Mi
requests:
cpu: 700m
memory: 200Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-w8nhz
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: lxt-master
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-w8nhz
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:06:54Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:07:11Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:07:11Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:06:54Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://bfd07210d64cf4b3dfb7deef4eba1ee5691c9d011d51fe863738b4affba14c26
image: nginx:latest
imageID: docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
lastState: {}
name: qos-demo-ctr
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2023-05-04T03:07:11Z"
hostIP: 192.168.20.113
phase: Running
podIP: 10.44.0.7
podIPs:
- ip: 10.44.0.7
qosClass: Guaranteed
startTime: "2023-05-04T03:06:54Z"
创建一个QoS类为Burstable的Pod
满足条件
- Pod不符合Guaranted标准
- Pod中至少一个container有内存或者cpu的请求或限制
#qos-pod-2.yaml
apiVersion: v1
kind: Pod
metadata:
name: qos-demo-2
namespace: qos-example
spec:
containers:
- name: qos-demo-2-ctr
image: nginx
resources:
limits:
memory: "200Mi"
requests:
memory: "100Mi"
pod详情
kubectl get pod qos-demo-2 --namespace=qos-example --output=yaml
root@lxt-master:~/podTest# kubectl get pod qos-demo-2 --namespace=qos-example --output=yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"qos-demo-2","namespace":"qos-example"},"spec":{"containers":[{"image":"nginx","name":"qos-demo2-ctr","resources":{"limits":{"memory":"200Mi"},"requests":{"memory":"100Mi"}}}]}}
creationTimestamp: "2023-05-04T03:13:34Z"
name: qos-demo-2
namespace: qos-example
resourceVersion: "4879998"
uid: d9fd5928-ade3-4624-958f-376842aaeb23
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: qos-demo2-ctr
resources:
limits:
memory: 200Mi
requests:
memory: 100Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-jcgnn
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: lxt-master
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-jcgnn
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:13:34Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:13:52Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:13:52Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:13:34Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://2bc5fcd44b649d13c266842f82978f78f474ba577eddb7f6e460fefa21b213e1
image: nginx:latest
imageID: docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
lastState: {}
name: qos-demo2-ctr
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2023-05-04T03:13:51Z"
hostIP: 192.168.20.113
phase: Running
podIP: 10.44.0.8
podIPs:
- ip: 10.44.0.8
qosClass: Burstable
startTime: "2023-05-04T03:13:34Z"
创建一个QoS类为Best Effort的Pod
条件:Pod中的Container必须没有设置内存和cpu限制或请求
apiVersion: v1
kind: Pod
metadata:
name: qos-demo-3
namespace: qos-example
spec:
containers:
- name: qos-demo-3-ctr
image: nginx
Pod详情:
kubectl get pod qos-demo-3 --namespace=qos-example --output=yaml
root@lxt-master:~/podTest# kubectl get pod qos-demo-3 --namespace=qos-example --output=yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"qos-demo-3","namespace":"qos-example"},"spec":{"containers":[{"image":"nginx","name":"qos-demo-3-ctr"}]}}
creationTimestamp: "2023-05-04T03:21:08Z"
name: qos-demo-3
namespace: qos-example
resourceVersion: "4881388"
uid: a7046c5c-298e-4b38-a950-6e3df583e949
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: qos-demo-3-ctr
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-gsvf7
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: lxt-master
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-gsvf7
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:21:08Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:21:27Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:21:27Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:21:08Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://c7bdfbb070ed8f0aa374bc1ae416569c6abddeb0c4ba81a041c1117dbfa13bf7
image: nginx:latest
imageID: docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
lastState: {}
name: qos-demo-3-ctr
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2023-05-04T03:21:27Z"
hostIP: 192.168.20.113
phase: Running
podIP: 10.44.0.9
podIPs:
- ip: 10.44.0.9
qosClass: BestEffort
startTime: "2023-05-04T03:21:08Z"
创建包含两个容器的Pod
apiVersion: v1
kind: Pod
metadata:
name: qos-demo-4
namespace: qos-example
spec:
containers:
- name: qos-demo-4-ctr-1
image: nginx
resources:
requests:
memory: "200Mi"
- name: qos-demo-4-ctr-2
image: redis
这个Pod满足Burstable的标准,因为它的Container之一有内存请求
Pod详情:
kubectl get pod qos-demo-4 --namespace=qos-example --output=yaml
root@lxt-master:~# kubectl get pod qos-demo-4 --namespace=qos-example --output=yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"qos-demo-4","namespace":"qos-example"},"spec":{"containers":[{"image":"nginx","name":"qos-demo-4-ctr-1","resources":{"requests":{"memory":"200Mi"}}},{"image":"redis","name":"qos-demo-4-ctr-2"}]}}
creationTimestamp: "2023-05-04T03:25:05Z"
name: qos-demo-4
namespace: qos-example
resourceVersion: "4882050"
uid: 03e3bb85-1c6e-428f-9a6b-98cbfd315193
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: qos-demo-4-ctr-1
resources:
requests:
memory: 200Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-hxwxb
readOnly: true
- image: redis
imagePullPolicy: Always
name: qos-demo-4-ctr-2
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-hxwxb
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: node1
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-hxwxb
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:25:05Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:25:05Z"
message: 'containers with unready status: [qos-demo-4-ctr-1 qos-demo-4-ctr-2]'
reason: ContainersNotReady
status: "False"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:25:05Z"
message: 'containers with unready status: [qos-demo-4-ctr-1 qos-demo-4-ctr-2]'
reason: ContainersNotReady
status: "False"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2023-05-04T03:25:05Z"
status: "True"
type: PodScheduled
containerStatuses:
- image: nginx
imageID: ""
lastState: {}
name: qos-demo-4-ctr-1
ready: false
restartCount: 0
started: false
state:
waiting:
reason: ContainerCreating
- image: redis
imageID: ""
lastState: {}
name: qos-demo-4-ctr-2
ready: false
restartCount: 0
started: false
state:
waiting:
reason: ContainerCreating
hostIP: 192.168.20.221
phase: Pending
qosClass: Burstable
startTime: "2023-05-04T03:25:05Z"
检查Pod的Qos类
kubectl --namespace=qos-example get pod qos-demo-4 -o jsonpath='{ .status.qosClass}{"\n"}'
浙公网安备 33010602011771号