修订
This commit is contained in:
huanqing.shao
@ -493,6 +493,7 @@ module.exports = {
|
||||
'k8s-advanced/policy/rq',
|
||||
'k8s-advanced/policy/rq_types',
|
||||
'k8s-advanced/policy/rq_scope',
|
||||
'k8s-advanced/policy/rq_more',
|
||||
]
|
||||
},
|
||||
]
|
||||
|
||||
@ -94,11 +94,11 @@
|
||||
<h1 class="text-primary">Kuboard - 微服务管理面板</h1>
|
||||
<p class="text-primary mt-3"><span style="font-weight: 500;">快速在 Kubernetes 上落地微服务。</span>Kuboard 提供:Kubernetes安装脚本,Kubernetes教程、Kubernetes管理面板、SpringCloud在Kubernetes上的实战</p>
|
||||
<ul class="pair-btns-list">
|
||||
<li> <a class="cbtn btn-grad-s btn-shadow btn-width"
|
||||
target="_blank"
|
||||
href="http://demo.kuboard.cn/#/dashboard?k8sToken=eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJvYXJkLXZpZXdlci10b2tlbi1mdGw0diIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJvYXJkLXZpZXdlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImE1YWFiMmQxLTQxMjYtNDU5Yi1hZmNhLTkyYzMwZDk0NTQzNSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJvYXJkLXZpZXdlciJ9.eYqN3FLIT6xs0-lm8AidZtaiuHeX70QTn9FhJglhEyh5dlyMU5lo8UtR-h1OY8sTSeYdYKJAS83-9SUObKQhp6XNmRgOYAfZblKUy4mvbGVQ3dn_qnzxYxt6zdGCwIY7E34eNNd9IjMF7G_Y4eJLWE7NvkSB1O8zbdn8En9rQXv_xJ9-ugCyr4CYB1lDGuZl3CIXgQ1FWcQdUBrxTT95tzcNTB0l6OUOGhRxOfw-RyIOST83GV5U0iVzxnD4sjgSaJefvCU-BmwXgpxAwRVhFyHEziXXa0CuZfBfJbmnQW308B4wocr4QDm6Nvmli1P3B6Yo9-HNF__d2hCwZEr7eg">
|
||||
在线演示</a></li>
|
||||
<li><a href="/overview/" class="cbtn btn-grad btn-shadow btn-width">开始使用</a></li>
|
||||
<li> <a class="cbtn btn-grad-s btn-shadow btn-width"
|
||||
target="_blank"
|
||||
href="http://demo.kuboard.cn/#/dashboard?k8sToken=eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJvYXJkLXZpZXdlci10b2tlbi1mdGw0diIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJvYXJkLXZpZXdlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImE1YWFiMmQxLTQxMjYtNDU5Yi1hZmNhLTkyYzMwZDk0NTQzNSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJvYXJkLXZpZXdlciJ9.eYqN3FLIT6xs0-lm8AidZtaiuHeX70QTn9FhJglhEyh5dlyMU5lo8UtR-h1OY8sTSeYdYKJAS83-9SUObKQhp6XNmRgOYAfZblKUy4mvbGVQ3dn_qnzxYxt6zdGCwIY7E34eNNd9IjMF7G_Y4eJLWE7NvkSB1O8zbdn8En9rQXv_xJ9-ugCyr4CYB1lDGuZl3CIXgQ1FWcQdUBrxTT95tzcNTB0l6OUOGhRxOfw-RyIOST83GV5U0iVzxnD4sjgSaJefvCU-BmwXgpxAwRVhFyHEziXXa0CuZfBfJbmnQW308B4wocr4QDm6Nvmli1P3B6Yo9-HNF__d2hCwZEr7eg">
|
||||
在线演示</a></li>
|
||||
</ul>
|
||||
<p style="margin-top: 20px;"><a aria-label="github"><iframe src="https://ghbtns.com/github-btn.html?user=eip-work&repo=kuboard-press&type=star&count=true&size=small" frameborder="0" scrolling="0" width="100px" height="20px" style="display:inline-block;vertical-align:middle;"></iframe></a></p>
|
||||
</div>
|
||||
@ -117,7 +117,7 @@
|
||||
<div class="row">
|
||||
<div class="col-sm-12">
|
||||
<div class="section-head text-center">
|
||||
<h1 class="text-primary">Why Kuboard?</h1>
|
||||
<h1 class="text-primary">快速落地 Kubernetes</h1>
|
||||
<p class="text-secondary">第一手 Kubernetes 实战经验,帮助您从 Kubernetes 入门到投产!</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
16
learning/k8s-advanced/policy/rq_example.md
Normal file
16
learning/k8s-advanced/policy/rq_example.md
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
vssueId: 144
|
||||
layout: LearningLayout
|
||||
description: Kubernetes教程_当多个用户或团队共享一个节点数量有限的集群时_如何在多个用户或团队之间分配集群的资源就会变得非常重要_Resource_quota的用途便在于此
|
||||
meta:
|
||||
- name: keywords
|
||||
content: K8S 教程,Resource Quota,ResourceQuota
|
||||
---
|
||||
|
||||
# 案例参考
|
||||
|
||||
<AdSenseTitle >
|
||||
|
||||
> 参考文档:[Configure Quotas for API Objects](https://kubernetes.io/docs/tasks/administer-cluster/quota-api-object/)
|
||||
|
||||
</AdSenseTitle>
|
||||
186
learning/k8s-advanced/policy/rq_more.md
Normal file
186
learning/k8s-advanced/policy/rq_more.md
Normal file
@ -0,0 +1,186 @@
|
||||
---
|
||||
vssueId: 144
|
||||
layout: LearningLayout
|
||||
description: Kubernetes教程_当多个用户或团队共享一个节点数量有限的集群时_如何在多个用户或团队之间分配集群的资源就会变得非常重要_Resource_quota的用途便在于此_本文探索了可以通过ResourceQuota中Requests/Limits的区别、查看和设定ResourceQuota等
|
||||
meta:
|
||||
- name: keywords
|
||||
content: K8S 教程,Resource Quota,ResourceQuota
|
||||
---
|
||||
|
||||
# 更多
|
||||
|
||||
<AdSenseTitle >
|
||||
|
||||
</AdSenseTitle>
|
||||
|
||||
## Requests vs Limits
|
||||
|
||||
Kubernetes 中,在为容器分配计算资源时,每一个容器都可以指定 `resources.limits.cpu`、`resources.limits.memory`、`resources.requests.cpu`、`resources.requests.memory`。ResourceQuota可以为 limits 和 requests 各自设定资源配额。
|
||||
|
||||
* 如果 ResourceQuota 指定了 `requests.cpu` 或者 `requests.memory`,此时任何新建的容器都必须明确指定自己的 `requests.cpu`、`requests.memory`。
|
||||
* 如果 ResourceQuota 指定了 `limits.cpu` 或者 `limits.memory`,此时任何新建的容器都必须明确指定自己的 `limits.cpu`、`limits.memory`。
|
||||
|
||||
## 查看和设定ResourceQuota
|
||||
|
||||
使用 kubectl 可以查看和设定 ResourceQuota:
|
||||
|
||||
``` sh
|
||||
kubectl create namespace myspace
|
||||
|
||||
cat <<EOF > compute-resources.yaml
|
||||
apiVersion: v1
|
||||
kind: ResourceQuota
|
||||
metadata:
|
||||
name: compute-resources
|
||||
spec:
|
||||
hard:
|
||||
requests.cpu: "1"
|
||||
requests.memory: 1Gi
|
||||
limits.cpu: "2"
|
||||
limits.memory: 2Gi
|
||||
requests.nvidia.com/gpu: 4
|
||||
EOF
|
||||
|
||||
kubectl create -f ./compute-resources.yaml --namespace=myspace
|
||||
|
||||
cat <<EOF > object-counts.yaml
|
||||
apiVersion: v1
|
||||
kind: ResourceQuota
|
||||
metadata:
|
||||
name: object-counts
|
||||
spec:
|
||||
hard:
|
||||
configmaps: "10"
|
||||
persistentvolumeclaims: "4"
|
||||
pods: "4"
|
||||
replicationcontrollers: "20"
|
||||
secrets: "10"
|
||||
services: "10"
|
||||
services.loadbalancers: "2"
|
||||
EOF
|
||||
|
||||
kubectl create -f ./object-counts.yaml --namespace=myspace
|
||||
|
||||
```
|
||||
|
||||
查看
|
||||
``` sh
|
||||
kubectl get quota --namespace=myspace
|
||||
```
|
||||
输出结果:
|
||||
```
|
||||
NAME AGE
|
||||
compute-resources 30s
|
||||
object-counts 32s
|
||||
```
|
||||
执行
|
||||
```sh
|
||||
kubectl describe quota compute-resources --namespace=myspace
|
||||
```
|
||||
输出结果:
|
||||
```
|
||||
Name: compute-resources
|
||||
Namespace: myspace
|
||||
Resource Used Hard
|
||||
-------- ---- ----
|
||||
limits.cpu 0 2
|
||||
limits.memory 0 2Gi
|
||||
requests.cpu 0 1
|
||||
requests.memory 0 1Gi
|
||||
requests.nvidia.com/gpu 0 4
|
||||
```
|
||||
执行
|
||||
``` sh
|
||||
kubectl describe quota object-counts --namespace=myspace
|
||||
```
|
||||
输出结果
|
||||
```
|
||||
Name: object-counts
|
||||
Namespace: myspace
|
||||
Resource Used Hard
|
||||
-------- ---- ----
|
||||
configmaps 0 10
|
||||
persistentvolumeclaims 0 4
|
||||
pods 0 4
|
||||
replicationcontrollers 0 20
|
||||
secrets 1 10
|
||||
services 0 10
|
||||
services.loadbalancers 0 2
|
||||
```
|
||||
|
||||
使用 kubectl 还可以支持对象数量配额(`count/<resource>.<group>`)的查看和设定:
|
||||
|
||||
```sh
|
||||
kubectl create namespace myspace
|
||||
```
|
||||
|
||||
```sh
|
||||
kubectl create quota test --hard=count/deployments.extensions=2,count/replicasets.extensions=4,count/pods=3,count/secrets=4 --namespace=myspace
|
||||
```
|
||||
|
||||
```sh
|
||||
kubectl run nginx --image=nginx --replicas=2 --namespace=myspace
|
||||
```
|
||||
```sh
|
||||
kubectl describe quota --namespace=myspace
|
||||
```
|
||||
```
|
||||
Name: test
|
||||
Namespace: myspace
|
||||
Resource Used Hard
|
||||
-------- ---- ----
|
||||
count/deployments.extensions 1 2
|
||||
count/pods 2 3
|
||||
count/replicasets.extensions 1 4
|
||||
count/secrets 1 4
|
||||
```
|
||||
|
||||
## ResourceQuota和Cluster Capacity
|
||||
|
||||
`ResourceQuota` 与 Cluster Capacity 相互独立,都使用绝对值来标识其大小(而不是百分比)。如果您想集群中添加节点,并不会自动使其中任何一个名称空间的可用资源配额发生变化。
|
||||
|
||||
某些情况下,需要更加复杂的策略配置,例如:
|
||||
* 在多个团队之间按比例切分集群的资源
|
||||
* 允许每一个租户按需增加资源使用,但是又有合适的限定以避免资源耗尽的情况发生
|
||||
* 根据某个名称空间的实际需要,增加节点,并提高为其提高资源配额
|
||||
|
||||
要实现这些策略,可以使用 `ResourceQuota` 作为基础,编写自己的控制器来监听资源配额的使用情况,并根据具体的情况动态调整名称空间的 `ResourceQuota`。
|
||||
|
||||
::: tip
|
||||
尽管 `ResourceQuota` 可以将集群中的资源配额分配到名称空间,但是它并不对节点做任何限定,不同名称空间的 Pod 可以运行在同一个节点上。
|
||||
:::
|
||||
|
||||
## 限定Priority Class的默认资源消耗
|
||||
|
||||
某些情况下我们可能需要做如下设定:某个特定 priority 的 Pod(例如,cluster-services)当且仅当名称空间中存在匹配的 `ResourceQuota` 时才可以创建。
|
||||
|
||||
使用这样的机制,集群管理员可以限定某些特别的 priority class 只在指定的名称空间中使用。
|
||||
|
||||
如果要激活此特性,您需要将如下配置文件的路径通过 `--admission-control-config-file` 参数指定到 kube-apiserver 的启动参数中:
|
||||
|
||||
``` yaml
|
||||
apiVersion: apiserver.k8s.io/v1alpha1
|
||||
kind: AdmissionConfiguration
|
||||
plugins:
|
||||
- name: "ResourceQuota"
|
||||
configuration:
|
||||
apiVersion: resourcequota.admission.k8s.io/v1beta1
|
||||
kind: Configuration
|
||||
limitedResources:
|
||||
- resource: pods
|
||||
matchScopes:
|
||||
- scopeName: PriorityClass
|
||||
operator: In
|
||||
values: ["cluster-services"]
|
||||
```
|
||||
|
||||
完成此配置后,`cluster-services` priority 的 Pod 将只能在带有对应 `scopeSelector` 的 `ResourceQuota` 的名称空间中创建,例如:
|
||||
``` yaml
|
||||
scopeSelector:
|
||||
matchExpressions:
|
||||
- scopeName: PriorityClass
|
||||
operator: In
|
||||
values: ["cluster-services"]
|
||||
```
|
||||
|
||||
更多信息请参考 [LimitedResources](https://github.com/kubernetes/kubernetes/pull/36765) 和 [Quota support for priority class design doc](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/scheduling/pod-priority-resourcequota.md)
|
||||
@ -55,7 +55,7 @@ Kubernetes 对 Pod 进行调度时,以当时集群中各节点的可用资源
|
||||
```sh
|
||||
exportfs
|
||||
# 输出结果如下所示
|
||||
/home/nfs <world>
|
||||
/root/nfs_root /root/nfs_root
|
||||
```
|
||||
|
||||
## 在客户端测试nfs
|
||||
|
||||
Reference in New Issue
Block a user