K8S通过Request和Limit两个抽象概念来支持资源的升级与配额的管理,对于以下两种资源K8S都有权来管理,Request主要是应用发布时对容器的使用量进行灵活配置;Limit主要是对应用容器进行资源限制,使应用能够合理进行资源占有
QoS(Quality of Service)
当集群资源不足时,K8S会根据Pod标记的QoS类别做剔除决策,腾出空闲资源
[root@k8s7-22.host.com ~]# kubectl describe node k8s7-22.host.com
Name: k8s7-22.host.com
Roles: master,node
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=k8s7-22.host.com
kubernetes.io/os=linux
node-role.kubernetes.io/master=
node-role.kubernetes.io/node=
Annotations: node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Wed, 04 Nov 2020 09:38:35 +0800
Taints: <none>
Unschedulable: false
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Sat, 21 Nov 2020 16:37:44 +0800 Wed, 04 Nov 2020 09:38:35 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Sat, 21 Nov 2020 16:37:44 +0800 Wed, 04 Nov 2020 09:38:35 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Sat, 21 Nov 2020 16:37:44 +0800 Wed, 04 Nov 2020 09:38:35 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Sat, 21 Nov 2020 16:37:44 +0800 Wed, 04 Nov 2020 09:38:45 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 10.4.7.22
Hostname: k8s7-22.host.com
Capacity:
cpu: 2
ephemeral-storage: 80696836Ki
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 4026164Ki
pods: 110
Allocatable:
cpu: 2
ephemeral-storage: 74370203935
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3923764Ki
pods: 110
System Info:
Machine ID: e72cadea638b43df9e7420d895d10af9
System UUID: 4AEF4D56-4101-B8E7-4755-AF6E147F755A
Boot ID: d8a71542-aa60-4212-9b93-2b4a1899805b
Kernel Version: 3.10.0-1127.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.13
Kubelet Version: v1.15.12
Kube-Proxy Version: v1.15.12
Non-terminated Pods: (3 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
default mysql-c4bf75c68-s5rvl 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2d1h
kube-system heapster-86c65dc5fc-wd9dq 0 (0%) 0 (0%) 0 (0%) 0 (0%) 17d
kube-system traefik-ingress-q7x2q 0 (0%) 0 (0%) 0 (0%) 0 (0%) 17d
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 0 (0%) 0 (0%)
memory 0 (0%) 0 (0%)
ephemeral-storage 0 (0%) 0 (0%)
Events: <none>
[root@k8s7-200.host.com /data/k8s-yaml/k8s-msa-in-action/ch06/02]# cat customer-dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: customers
spec:
selector:
matchLabels:
app: customers
replicas: 5
template:
metadata:
labels:
app: customers
spec:
containers:
- name: customers
image: harbor.od.com/bobo/spring-petclinic-customers-service:1.0.0.RELEASE
resources:
requests:
memory: "1024Mi"
cpu: "200m"
limits:
memory: "1024Mi"
env:
- name: JAVA_OPTS
value: "-XX:MaxRAMPercentage=80.0"
- name: SERVER_PORT
value: "8080"
[root@k8s7-200.host.com /data/k8s-yaml/k8s-msa-in-action/ch06/02]# cat customer-dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: customers
spec:
selector:
matchLabels:
app: customers
replicas: 5
template:
metadata:
labels:
app: customers
spec:
containers:
- name: customers
image: harbor.od.com/bobo/spring-petclinic-customers-service:1.0.0.RELEASE
resources:
requests:
memory: "20Mi"
cpu: "200m"
limits:
memory: "20Mi"
env:
- name: JAVA_OPTS
value: "-XX:MaxRAMPercentage=80.0"
- name: SERVER_PORT
value: "8080"
K8S通过Request和Limit两个抽象概念来给Pod申请资源与配额:
(1)Request是资源预估申请,由K8s调度决策是否能够满足申请,如有资源则保证供给,如果资源资源不足则显示等待状态。
(2)Limit是容器资源限额:
内存超额 > OOMKill相关的容器
CPU超额 > 限制使用量(throttling)
(3)Request <= Limit
(4)管理员还可配置名字空间级别的配额(ResourceQuota/LimitRange)