bookmark_borderNode Selectors and Node Affinity in Kubernetes

Node Selector is the simplest recommended form of node selection constraint.

How does Kubernetes know which is the large node. The key-value pair of size and large are in fact labels assigned to the nodes.

Add lable the nodes

$  kubectl label nodes kubenode01 size=large
node/kubenode01 labeled

Create a pod in the node.

apiVersion: v1
kind: Pod
metadata:
  name: apple-pod
  labels:
    app: apple
    type: nginx-server

spec:
  containers:
    - name: nginx-container
      image: nginx
  nodeSelector:
    size: large
$ kubectl create -f apple-pod.yaml 
pod/apple-pod created
$ kubectl describe pod apple-pod
Name:         apple-pod
Namespace:    production
Priority:     0
Node:         kubenode01/192.168.56.3
Start Time:   Wed, 09 Dec 2020 12:10:34 +0000
Labels:       app=apple
              type=nginx-server
Annotations:  <none>
Status:       Running
IP:           10.44.0.2
IPs:
  IP:  10.44.0.2
Containers:
  nginx-container:
    Container ID:   docker://477b965d8dfa025ed881cb507ccc6fab3c95e139537ce44a3afabe25198e064f
    Image:          nginx
    Image ID:       docker-pullable://nginx@sha256:6b1daa9462046581ac15be20277a7c75476283f969cb3a61c8725ec38d3b01c3
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Wed, 09 Dec 2020 12:10:39 +0000
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-9w5d7 (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-9w5d7:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-9w5d7
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  size=large
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age    From               Message
  ----    ------     ----   ----               -------
  Normal  Scheduled  2m16s  default-scheduler  Successfully assigned production/apple-pod to kubenode01
  Normal  Pulling    2m15s  kubelet            Pulling image "nginx"
  Normal  Pulled     2m11s  kubelet            Successfully pulled image "nginx" in 4.200628629s
  Normal  Created    2m11s  kubelet            Created container nginx-container
  Normal  Started    2m11s  kubelet            Started container nginx-container

Node: kubenode01/192.168.56.3

Node Affinity feature provides us with advanced capabilities to limit pod placement on specific nodes.

apiVersion: v1
kind: Pod
metadata:
  name: with-node-affinity
spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: kubernetes.io/e2e-az-name
            operator: In
            values:
            - e2e-az1
            - e2e-az2
      preferredDuringSchedulingIgnoredDuringExecution:
      - weight: 1
        preference:
          matchExpressions:
          - key: another-node-label-key
            operator: In
            values:
            - another-node-label-value
  containers:
  - name: with-node-affinity
    image: k8s.gcr.io/pause:2.0
  • source: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/

The type of node affinity defines the behaviour of the scheduler with respect to node affinity and the stages in the lifecycle of the pod.

  • requiredDuringSchedulingIgnoredDuringExecution
  • preferredDuringSchedulingIgnoredDuringExecution
  • requiredDuringSchedulingRequiredDuringExecution
DuringSchedulingDuringExecution
1RequiredIgnored
2PreferredIgnroed
3RequiredRequired

When the pods is scheduled, Required, Preferred, Required.

When the pods is executed, Ignored, Ignored, Required.

ANOTE.DEV