环境信息
污点和容忍度
默认情况下,集群中的 master 节点被设置成了污点,以确保只有控制平面的 Pod 才能调度部署到主节点上。
显示节点的污点信息
$ kubectl describe node k8s-master1
Name: k8s-master1
Roles: control-plane
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=k8s-master1
kubernetes.io/os=linux
node-role.kubernetes.io/control-plane=
node.kubernetes.io/exclude-from-external-load-balancers=
Annotations: flannel.alpha.coreos.com/backend-data: {"VNI":1,"VtepMAC":"de:75:a4:67:58:1f"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 172.31.26.116
kubeadm.alpha.kubernetes.io/cri-socket: unix:///var/run/cri-dockerd.sock
management.cattle.io/pod-limits: {"cpu":"100m","memory":"390Mi"}
management.cattle.io/pod-requests: {"cpu":"950m","memory":"290Mi","pods":"8"}
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Tue, 06 Dec 2022 17:50:49 +0800
Taints: node-role.kubernetes.io/control-plane:NoSchedule
node-role.kubernetes.io/master:NoSchedule
|
Master 节点包含 2 个污点
node-role.kubernetes.io/control-plane:NoSchedulenode-role.kubernetes.io/master:NoSchedule
这 2 个污点将阻止 Pod 调度到这个节点上面,除非有 Pod 能够容忍这个污点(Taints),通常能容忍这个污点的都是控制平面的 Pod。
查看 Pod 的容忍度
$ kubectl describe pod -n kube-system kube-proxy-2cslw
...
Tolerations: op=Exists
node.kubernetes.io/disk-pressure:NoSchedule op=Exists
node.kubernetes.io/memory-pressure:NoSchedule op=Exists
node.kubernetes.io/network-unavailable:NoSchedule op=Exists
node.kubernetes.io/not-ready:NoExecute op=Exists
node.kubernetes.io/pid-pressure:NoSchedule op=Exists
node.kubernetes.io/unreachable:NoExecute op=Exists
node.kubernetes.io/unschedulable:NoSchedule op=Exists
Events: <none>
|