【kubernetes/k8s概念】pod 资源 request 与 limit

Managing Compute Resources for Containers

https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

requests

  • requests用于schedule阶段,在调度pod保证所有pod的requests总和小于node能提供的计算能力
  • requests.cpu被转成docker的--cpu-shares参数,与cgroup cpu.shares功能相同
    • 设置容器的cpu的相对权重
    • 该参数在CPU资源不足时生效,根据容器requests.cpu的比例来分配cpu资源
    • CPU资源充足时,requests.cpu不会限制container占用的最大值,container可以独占CPU
  • requests.memory没有对应的docker参数,作为k8s调度依据
  • 使用requests来设置各容器需要的最小资源

limits

  • limits限制运行时容器占用的资源
  • limits.cpu会被转换成docker的–cpu-quota参数。与cgroup cpu.cfs_quota_us功能相同
    • 限制容器的最大CPU使用率。
    • cpu.cfs_quota_us参数与cpu.cfs_period_us结合使用,后者设置时间周期
    • k8s将docker的–cpu-period参数设置100毫秒。对应着cgroup的cpu.cfs_period_us
    • limits.cpu的单位使用m,千分之一核
  • limits.memory会被转换成docker的–memory参数。用来限制容器使用的最大内存
  • 当容器申请内存超过limits时会被终止

如下代码,转换为docker资源限制

func (m *kubeGenericRuntimeManager) generateLinuxContainerConfig(container *v1.Container, pod *v1.Pod, uid *int64, username string) *runtimeapi.LinuxContainerConfig {
   lc := &runtimeapi.LinuxContainerConfig{
      Resources:       &runtimeapi.LinuxContainerResources{},
      SecurityContext: m.determineEffectiveSecurityContext(pod, container, uid, username),
   }

   // set linux container resources
   var cpuShares int64
   cpuRequest := container.Resources.Requests.Cpu()
   cpuLimit := container.Resources.Limits.Cpu()
   memoryLimit := container.Resources.Limits.Memory().Value()
   oomScoreAdj := int64(qos.GetContainerOOMScoreAdjust(pod, container,
      int64(m.machineInfo.MemoryCapacity)))
   // If request is not specified, but limit is, we want request to default to limit.
   // API server does this for new containers, but we repeat this logic in Kubelet
   // for containers running on existing Kubernetes clusters.
   if cpuRequest.IsZero() && !cpuLimit.IsZero() {
      cpuShares = milliCPUToShares(cpuLimit.MilliValue())
   } else {
      // if cpuRequest.Amount is nil, then milliCPUToShares will return the minimal number
      // of CPU shares.
      cpuShares = milliCPUToShares(cpuRequest.MilliValue())
   }
   lc.Resources.CpuShares = cpuShares
   if memoryLimit != 0 {
      lc.Resources.MemoryLimitInBytes = memoryLimit
   }
   // Set OOM score of the container based on qos policy. Processes in lower-priority pods should
   // be killed first if the system runs out of memory.
   lc.Resources.OomScoreAdj = oomScoreAdj

   if m.cpuCFSQuota {
      // if cpuLimit.Amount is nil, then the appropriate default value is returned
      // to allow full usage of cpu resource.
      cpuQuota, cpuPeriod := milliCPUToQuota(cpuLimit.MilliValue())
      lc.Resources.CpuQuota = cpuQuota
      lc.Resources.CpuPeriod = cpuPeriod
   }

   return lc
}

你可能感兴趣的:(kubernetes)