使用节点选择器或排斥和容许为混合 OS Kubernetes 群集调整应用Adapt apps for mixed-OS Kubernetes clusters using node selectors or taints and tolerations

适用于 Azure Stack HCI 上的 AKS、Windows Server 2019 Datacenter 上的 AKS 运行时Applies to: AKS on Azure Stack HCI, AKS runtime on Windows Server 2019 Datacenter

Azure Stack HCI 上的 Azure Kubernetes 服务使你可以运行同时具有 Linux 和 Windows 节点的 Kubernetes 群集,但需要对应用进行少量编辑,以便在这些混合 OS 群集中使用。Azure Kubernetes Service on Azure Stack HCI enables you to run Kubernetes clusters with both Linux and Windows nodes, but requires you to make small edits to your apps for use in these mixed-OS clusters. 本操作指南介绍如何确保使用节点选择器或排斥和容许将应用程序安排在正确的主机操作系统上。In this how-to guide, you learn how to ensure your application gets scheduled on the right host OS using either node selectors or taints and tolerations.

本操作指南假定你对 Kubernetes 概念有基本的了解。This how-to guide assumes a basic understanding of Kubernetes concepts. 有关详细信息,请参阅 Azure Stack HCI 上的 Azure Kubernetes 服务的 Kubernetes 核心概念For more information, see Kubernetes core concepts for Azure Kubernetes Service on Azure Stack HCI.

节点选择器Node Selector

节点选择器是 Pod 规范 YAML 中的一个简单字段,可将 Pod 约束为仅安排到与操作系统匹配的正常节点。Node Selector is a simple field in the pod specification YAML that constrains pods to only be scheduled onto healthy nodes matching the operating system. 在 Pod 规范 YAML 中,指定 nodeSelector - Windows 或 Linux,如以下示例中所示。In your pod specification YAML, specify a nodeSelector - Windows or Linux, as shown in the examples below.

kubernetes.io/os = Windows

或者,or,

kubernetes.io/os = Linux

有关节点选择器的详细信息,请访问节点选择器For more information on nodeSelectors, visit node selectors.

排斥和容许Taints and tolerations

排斥和容许 一起工作,以确保不会无意中将 Pod 安排到节点。Taints and tolerations work together to ensure that pods aren't scheduled on nodes unintentionally. 节点可以“进行排斥”,以便不接受不通过 Pod 规范 YAML 中的“容许”显式容许其排斥的 Pod。A node can be "tainted" to not accept pods that don't explicitly tolerate its taint through a "toleration" in the pod specification YAML.

Azure Stack HCI 上的 Azure Kubernetes 服务中的 Windows OS 节点可以使用以下键值对进行进行排斥。Windows OS nodes in Azure Kubernetes Service on Azure Stack HCI can be tainted with the following key-value pair. 用户不应使用不同的内容。Users shouldn't use a different one.

node.kubernetes.io/os=Windows:NoSchedule

运行 kubectl get 并标识要排斥的 Windows 工作器节点。Run kubectl get and identify the Windows worker nodes you want to taint.

kubectl get nodes --all-namespaces -o=custom-columns=NAME:.metadata.name,OS:.status.nodeInfo.operatingSystem

输出:Output:

NAME                                     OS
my-aks-hci-cluster-control-plane-krx7j   linux
my-aks-hci-cluster-md-md-1-5h4bl         windows
my-aks-hci-cluster-md-md-1-5xlwz         windows

使用 kubectl taint node 排斥 Windows Server 工作器节点。Taint Windows server worker nodes using kubectl taint node.

kubectl taint node my-aks-hci-cluster-md-md-1-5h4bl node.kubernetes.io/os=Windows:NoSchedule
kubectl taint node my-aks-hci-cluster-md-md-1-5xlwz node.kubernetes.io/os=Windows:NoSchedule

为 Pod 规范 YAML 中的 Pod 指定容许。You specify a toleration for a pod in the pod specification YAML. 以下容许与以上 kubectl 排斥行创建的排斥“匹配”,因此,具有该容许的 Pod 将能够安排到 my-aks-hci-cluster-md-md-1-5h4bl 或 my-aks-hci-cluster-md-md-1-5xlwz 上:The following toleration "matches" the taint created by the kubectl taint line above, and thus a pod with the toleration would be able to schedule onto my-aks-hci-cluster-md-md-1-5h4bl or my-aks-hci-cluster-md-md-1-5xlwz:

tolerations:
- key: node.kubernetes.io/os
  operator: Equal
  value: Windows
  effect: NoSchedule

有关排斥和容许的详细信息,请参阅排斥和容许For more information on taints and tolerations, visit Taints and Tolerations.

后续步骤Next steps

本操作指南介绍了如何使用 kubectl 将节点选择器或排斥和容许添加到 Kubernetes 群集。In this how-to guide, you learned how to add node selectors or taints and tolerations to your Kubernetes clusters using kubectl. 接下来可以:Next, you can: