k3s|如何将k8s集群的node节点设置不可调度或删除node节点?
k3s是由 Rancher 公司开发的轻量级Kubernetes,是经CNCF一致性认证的Kubernetes发行版,专为物联网及边缘计算设计。 由于运行 K3s 所需的资源相对较少,所以 K3s 也适用于开发和测试场景。
停止调度的命令
使k8s集群的某个 node 停止被调度的命令有三个,分别是 cordon、drain 和 delete。执行该命令后,后期创建的 pod 不会继续被调度到该节点上。
(1) cordon : 停止调度(不可调度,临时从K8S集群隔离)
该命令操作,只会将node标识为SchedulingDisabled不可调度状态。影响最小,只会将node标识为SchedulingDisabled不可调度状态。之后K8S再创建的pod资源,不会被调度到该节点。原有的 pod 不受影响,仍正常对外提供服务。
(2)drain 驱逐节点(先不可调度,然后排干)
该命令操作,会先驱逐 Node 上的 pod 资源到其他节点重新创建。接着,将节点调为 SchedulingDisabled 不可调度状态。
(3) delete 删除节点
该操作会先驱逐Node节点上的pod资源到其他节点重新创建,然后node节点删除,master失去对其控制,该节点从k8s集群删除。如果要恢复该节点,只能重新将该节点加入到K8S集群中。
下边演示一下具体操作步骤:
以下操作均在 master 节点 vm-2-debian 机器上执行:
- 查看本机环境(vm-2-debian):
root@vm-2-debian:~# k3s -v
k3s version v1.24.6+k3s1 (a8e0c66d)
go version go1.18.6
root@vm-2-debian:~# kubectl version
root@vm-2-debian:~# ping wang1234.net
PING wang1234.net (43.152.198.184) 56(84) bytes of data.
64 bytes from 43.152.198.184 (43.152.198.184): icmp_seq=1 ttl=43 time=292 ms
^C
--- wang1234.net ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 291.578/291.578/291.578/0.000 ms
- 确认节点信息
kubectl get nodes
kubectl get node -o wide
kubectl get po
kubectl get pod
kubectl get pods
root@vm-2-debian:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
vm-2-debian Ready control-plane,master 2d10h v1.24.6+k3s1
vm-14-debian Ready <none> 2d10h v1.24.6+k3s1
root@vm-2-debian:~# kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-6fb79bc456-df9rm 1/1 Running 0 34h 10.42.0.27 vm-2-debian <none> <none>
nginx-6fb79bc456-2c9f9 1/1 Running 0 34h 10.42.0.28 vm-2-debian <none> <none>
nginx-6fb79bc456-ltr85 1/1 Running 0 3s 10.42.1.23 vm-14-debian <none> <none>
可以看到有2个节点,3个pod,其中vm-2-debian节点有2个pod,vm-14-debian节点有1个pod。
- 使用 cordon 命令设置为不可调度
kubectl cordon vm-14-debian
root@vm-2-debian:~# kubectl cordon vm-14-debian
node/vm-14-debian cordoned
root@vm-2-debian:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
vm-2-debian Ready control-plane,master 2d10h v1.24.6+k3s1
vm-14-debian Ready,SchedulingDisabled <none> 2d10h v1.24.6+k3s1
root@vm-2-debian:~# kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-6fb79bc456-df9rm 1/1 Running 0 34h 10.42.0.27 vm-2-debian <none> <none>
nginx-6fb79bc456-2c9f9 1/1 Running 0 34h 10.42.0.28 vm-2-debian <none> <none>
nginx-6fb79bc456-ltr85 1/1 Running 0 5m44s 10.42.1.23 vm-14-debian <none> <none>
可以看到 vm-14-debian 节点状态变成了 “SchedulingDisabled” (按计划不可用),原有的 pod 依然有效。
如果想要取消不可调度,恢复到集群,可以使用 uncordon 命令:
kubectl uncordon vm-14-debian
root@vm-2-debian:~# kubectl uncordon vm-14-debian
node/vm-14-debian uncordoned
- 驱逐已经运行的业务容器
kubectl drain --ignore-daemonsets --delete-emptydir-data vm-14-debian
root@vm-2-debian:~# kubectl drain --ignore-daemonsets --delete-emptydir-data vm-14-debian
node/vm-14-debian already cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-system/svclb-traefik-6760453c-gglvj
evicting pod default/nginx-6fb79bc456-ltr85
pod/nginx-6fb79bc456-ltr85 evicted
查看 node 与 pod 状态:
root@vm-2-debian:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
vm-2-debian Ready control-plane,master 2d11h v1.24.6+k3s1
vm-14-debian Ready,SchedulingDisabled <none> 2d10h v1.24.6+k3s1
root@vm-2-debian:~# kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-6fb79bc456-df9rm 1/1 Running 0 34h 10.42.0.27 vm-2-debian <none> <none>
nginx-6fb79bc456-2c9f9 1/1 Running 0 34h 10.42.0.28 vm-2-debian <none> <none>
nginx-6fb79bc456-ft8xd 1/1 Running 0 5m44s 10.42.0.30 vm-2-debian <none> <none>
可以看到在主节点 vm-2-debian 节点上重新启动了一个 pod,而已被驱逐的节点 vm-14-debian 上的 pod 已不存在了。
- 删除node 节点
kubectl delete node vm-14-debian
root@vm-2-debian:~# kubectl delete node vm-14-debian
node "vm-14-debian" deleted
root@vm-2-debian:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
vm-2-debian Ready control-plane,master 2d11h v1.24.6+k3s1
删除后,再次查看,只有 vm-2-debian 一个节点了。
参考链接
https://www.cnblogs.com/John-2011/p/14984900.html
https://cloud.tencent.com/developer/article/1796315
Thanks for reading.