|
 |
47c289 |
### SPIKE: Specific workloads on Specific Nodes
|
|
|
47c289 |
JIRA: [link](https://projects.engineering.redhat.com/browse/CPE-702)
|
|
|
47c289 |
|
|
|
47c289 |
Resources:
|
|
|
47c289 |
|
|
|
47c289 |
|
|
|
47c289 |
* [1] Advanced pod scheduling [https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-about.html](https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-about.html)
|
|
|
47c289 |
* [2] Pod placing using node affinity rules [https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-node-affinity.html](https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-node-affinity.html)
|
|
|
47c289 |
* [3] Pod placing using node taints, and pod tolerations [https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-taints-tolerations.html](https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-taints-tolerations.html)
|
|
|
47c289 |
* [4] Pod affinity/anti-affinity [https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-pod-affinity.html#nodes-scheduler-pod-affinity](https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-pod-affinity.html#nodes-scheduler-pod-affinity)
|
|
|
47c289 |
* [5] Cluster/Project wide Node Affinity [https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-node-selectors.html#nodes-scheduler-node-selectors-project_nodes-scheduler-node-selectors](https://docs.openshift.com/container-platform/4.4/nodes/scheduling/nodes-scheduler-node-selectors.html#nodes-scheduler-node-selectors-project_nodes-scheduler-node-selectors)
|
|
|
47c289 |
* [6] Cluster [https://github.com/storageos/cluster-operator](https://github.com/storageos/cluster-operator)
|
|
|
47c289 |
|
|
|
47c289 |
|
|
|
47c289 |
I’m thinking we should go with a mixture of two modes, taint/toleration and node affinity in order to target a specific class of compute node with privileged network access and ensure only specific workloads may be scheduled there, and so access them.
|
|
|
47c289 |
|
|
|
47c289 |
Creating a POC:
|
|
|
47c289 |
|
|
|
47c289 |
Steps:
|
|
|
47c289 |
```
|
|
|
47c289 |
oc new-project targeting-specific-nodes
|
|
|
47c289 |
oc get nodes
|
|
|
47c289 |
NAME STATUS ROLES AGE VERSION
|
|
|
47c289 |
kempty-n10.ci.centos.org Ready worker 7d5h v1.17.1
|
|
|
47c289 |
kempty-n11.ci.centos.org Ready worker 7d5h v1.17.1
|
|
|
47c289 |
kempty-n12.ci.centos.org Ready worker 7d5h v1.17.1
|
|
|
47c289 |
kempty-n6.ci.centos.org Ready master 7d5h v1.17.1
|
|
|
47c289 |
kempty-n7.ci.centos.org Ready master 7d5h v1.17.1
|
|
|
47c289 |
kempty-n8.ci.centos.org Ready master 7d5h v1.17.1
|
|
|
47c289 |
kempty-n9.ci.centos.org Ready worker 7d5h v1.17.1
|
|
|
47c289 |
|
|
|
47c289 |
oc adm taint nodes kempty-n9.ci.centos.org examplekey=examplevalue:NoSchedule
|
|
|
47c289 |
oc label node kempty-n9.ci.centos.org examplekey=examplevalue
|
|
|
47c289 |
oc get node kempty-n9.ci.centos.org -o yaml
|
|
|
47c289 |
…
|
|
|
47c289 |
labels:
|
|
|
47c289 |
...
|
|
|
47c289 |
examplekey: examplevalue
|
|
|
47c289 |
...
|
|
|
47c289 |
...
|
|
|
47c289 |
spec:
|
|
|
47c289 |
taints:
|
|
|
47c289 |
- effect: NoSchedule
|
|
|
47c289 |
key: examplekey
|
|
|
47c289 |
value: examplevalue
|
|
|
47c289 |
…
|
|
|
47c289 |
|
|
|
47c289 |
oc apply -f targetspecificnodes.yaml
|
|
|
47c289 |
oc get pods --all-namespaces -o wide | grep kempty-n9
|
|
|
47c289 |
...
|
|
|
47c289 |
targeting-specific-nodes example-57d74cf6b4-mlppz 1/1 Running 0 13s 10.130.2.15 kempty-n9.ci.centos.org <none> <none>
|
|
|
47c289 |
|
|
|
47c289 |
targeting-specific-nodes example-57d74cf6b4-sgnzh 1/1 Running 0 13s 10.130.2.17 kempty-n9.ci.centos.org <none> <none>
|
|
|
47c289 |
targeting-specific-nodes example-57d74cf6b4-swllc 1/1 Running 0 13s 10.130.2.16 kempty-n9.ci.centos.org <none> <none>
|
|
|
47c289 |
...
|
|
|
47c289 |
```
|