Scheduling
By default, Kubernetes will schedule a pod onto a random node as long as the node has capacity to execute the pod based on the resource constraints. However, when you scale a deployment to 2, there is a chance where both of the Pods are scheduled onto the same Kuberntes Node. This can cause issues if the Node goes down, causing both available Pods to shutdown and need to reschedule onto another node.
One solution is to avoid scheduling the pods onto the same node and this is called ant-affinity.
This example will enforce anti-affinity and not schedule any pods if the anti-affinity requirement cannot be met. For the Hello World container, add additional configuration to make sure the pods are scheduled onto different nodes.
k8s/deployment.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: helloworldlabels:app: helloworldspec:replicas: 1selector:matchLabels:app: helloworldtemplate:metadata:labels:app: helloworldspec:containers:- name: helloworldimage: gcr.io/.../helloworld# Add configuration for anti-affinityaffinity:podAntiAffinity:requiredDuringSchedulingIgnoredDuringExecution:- labelSelector:matchExpressions:- key: appoperator: Invalues:- helloworld# Prefer spreading the Pods across multiple Nodes.# There are other keys you can use, e.g., anti-affinity# across zones.topologyKey: "kubernetes.io/hostname"
Scale out the deployment to 4 pods:
kubectl scale deployment helloworld --replicas=4
List all the pods and show which node it is running on:
kubectl get pods -lapp=helloworld -owide
Observe in the NODE column, that each pod is running on a different node.
But since the demo cluster only has 4 nodes, if you scale out to 5 pods, it can no longer satisfy the anti-affinity requirement, and the 5th pod will remain in the unschedulable (Pending) state:
kubectl scale deployment helloworld --replicas=5
Find the pending pod:
kubectl get pods -lapp=helloworld --field-selector='status.phase=Pending'
Describe it's detail:
POD_NAME=$(kubectl get pods -lapp=helloworld \--field-selector='status.phase=Pending' \-o jsonpath='{.items[0].metadata.name}')​kubectl describe pod $POD_NAME
See Kubernetes Affinity / Anti-Affinity documentation for more information
In the Required case, if a pod cannot ensure anti-affinity, it'll simply not run. This may not be desirable for most workload. Instead, tell Kubernetes that anti-affinity is Preferred, but if the condition cannot be met, schedule it onto a host with another pod anyways. Use preferredDuringSchedulingIgnoredDuringExecution block instead.
k8s/deployment.yamlapiVersion: apps/v1kind: Deploymentmetadata:name: helloworldlabels:app: helloworldspec:replicas: 1selector:matchLabels:app: helloworldtemplate:metadata:labels:app: helloworldspec:containers:- name: helloworldimage: gcr.io/.../helloworldaffinity:podAntiAffinity:# Use Preferred rather than RequiredpreferredDuringSchedulingIgnoredDuringExecution:- weight: 100podAffinityTerm:labelSelector:matchExpressions:- key: appoperator: Invalues:- helloworldtopologyKey: "kubernetes.io/hostname"
Scale out to 5 pods, it can no longer satisfy the anti-affinity requirement, and the 5th pod will still be scheduled, but onto a node that already has another Hello World pod running.
kubectl scale deployment helloworld --replicas=5
See that all the pods are running:
kubectl get pods -lapp=helloworld
Sometimes you may want to pin a Pod to run together, or only on certain nodes, or only in certain zones/regions. To do this, you can specify Affinity rather than Anti-Affinity.
See Kubernetes Affinity / Anti-Affinity documentation for more information
See Kubernetes Disruption Budget documentation for more information.
