Debian上Kubernetes資源分配

Preparing Debian Nodes for Kubernetes Resource Allocation
Before allocating resources in Kubernetes on Debian, ensure nodes meet hardware and software requirements:

• Hardware: Control plane nodes need at least 2 vCPUs and 4GB RAM; worker nodes require 2+ vCPUs and 4GB+ RAM (adjust for memory-intensive workloads). Use SSDs (50GB+) for storage to handle container images and data efficiently.
• Software: Use Debian 10 or later. Disable Swap (sudo swapoff -a and remove swap entries from /etc/fstab) to prevent kubelet issues. Install containerd as the container runtime (follow steps to configure kernel modules like overlay and br_netfilter).
• Network: Configure a reliable 1Gbps+ network. Set up /etc/hosts with node IPs and hostnames (e.g., 192.168.1.10 master-node master) for internal communication.

Basic Resource Allocation: Requests and Limits
Define resource requests (minimum guaranteed resources) and limits (maximum allowed resources) for each container in your YAML manifests. For example:

resources:
  requests:
    cpu: "500m"    # 0.5 vCPU
    memory: "512Mi" # 512MB RAM
  limits:
    cpu: "1"       # 1 vCPU
    memory: "1Gi"   # 1GB RAM

This ensures pods get minimum resources to run while preventing overconsumption. Set requests close to actual usage to improve scheduler efficiency.

Controlling Total Resource Usage with ResourceQuotas
Use ResourceQuota objects to limit total resources (CPU/memory) in a namespace. For example, to restrict a namespace to 4 vCPUs and 8GB RAM:

apiVersion: v1
kind: ResourceQuota
metadata:
  name: dev-namespace-quota
spec:
  hard:
    requests.cpu: "4"
    requests.memory: 8Gi
    limits.cpu: "8"
    limits.memory: 16Gi

Apply it via kubectl apply -f resource-quota.yaml. This prevents a single namespace from monopolizing cluster resources.

Dynamic Resource Adjustment with Autoscalers

• Horizontal Pod Autoscaler (HPA): Automatically scales pod replicas based on CPU/memory utilization. Example HPA for a deployment:

  apiVersion: autoscaling/v2
  kind: HorizontalPodAutoscaler
  metadata:
    name: web-app-hpa
  spec:
    scaleTargetRef:
      apiVersion: apps/v1
      kind: Deployment
      name: web-app
    minReplicas: 2
    maxReplicas: 10
    metrics:
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization: 70
  

  This scales the web-app deployment between 2–10 replicas if CPU usage exceeds 70%.
• Vertical Pod Autoscaler (VPA): Adjusts pod resource requests/limits automatically based on historical usage. Install VPA via kubectl apply -f https://github.com/kubernetes/autoscaler/releases/download/autoscaler-0.27.0/vpa-crds.yaml and create a VPA manifest targeting your deployment.

Optimizing Resource Scheduling

• Node Affinity/Anti-Affinity: Use nodeAffinity to schedule pods to specific nodes (e.g., high-CPU nodes) or antiAffinity to spread pods across nodes for high availability. Example:

  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: node-role.kubernetes.io/worker
            operator: Exists
  

• Taints and Tolerations: Add taints to nodes (e.g., kubectl taint nodes node1 key=value:NoSchedule) to reserve them for specific pods. Pods must have matching tolerations to schedule on tainted nodes.

Monitoring and Optimization Tools

• Prometheus + Grafana: Monitor cluster resource usage (CPU, memory, disk) in real-time. Set alerts for high utilization (e.g., CPU > 80% for 5 minutes).
• kubectl Top: Use kubectl top nodes and kubectl top pods to view real-time resource consumption.
• Container Image Optimization: Use lightweight base images (e.g., Alpine Linux) and minimize layers to reduce image size and startup time.

Additional Best Practices

• Kernel Parameter Tuning: Modify /etc/sysctl.conf to optimize network performance. Key settings include:

  net.core.somaxconn = 65535
  net.ipv4.tcp_max_syn_backlog = 65535
  net.ipv4.tcp_tw_reuse = 1
  vm.swappiness = 10
  

  Apply changes with sysctl -p.
• Regular Maintenance: Clean up unused pods, deployments, and volumes (kubectl delete unused-resources). Update Kubernetes components to the latest stable version for security and performance improvements.