在节点上的kubelet启动的时候,kubelet会统计当前节点的主分区的可分配的磁盘资源,或者你可以覆盖节点上kubelet的配置来自定义可分配的资源。在创建Pod时会根据存储需求调度到满足存储的节点,在Pod使用超过限制的存储时会对其做驱逐的处理来保证不会耗尽节点上的磁盘空间。
如果运行时指定了别的独立的分区,比如修改了docker的镜像层和容器可写层的存储位置(默认是/var/lib/docker)所在的分区,将不再将其计入ephemeral-storage的消耗。
对Local ephemeral storage的请求/限制所有的container可以指定以下一个或多个选项
spec.containers[].resources.limits.ephemeral-storage
spec.containers[].resources.requests.ephemeral-storage
对ephemeral-storage资源的请求/限制通过字节来衡量.同上面内存的请求/限制方式一样,这里不再细述.
比如以下pod包含两个容器,每一个都对Local ephemeral storage的请求为2GiB,限制为4GiB.此时,整个pod对资源的请求为4GiB,对资源的限制为8GiB
apiVersion: v1 kind: Pod metadata: name: frontend spec: containers: - name: db image: mysql env: - name: MYSQL_ROOT_PASSWORD value: "password" resources: requests: ephemeral-storage: "2Gi" limits: ephemeral-storage: "4Gi" - name: wp image: wordpress resources: requests: ephemeral-storage: "2Gi" limits: ephemeral-storage: "4Gi" 对有ephemeral-storage请求的pod如何调度当你创建一个pod,kubernetes调度器选择一个节点来运行它.每个节点都有可供pod使用的最大Local ephemeral storage最大量,详细信息请查看
调度器保证被调度的容器资源总和小于节点的容量
带有Local ephemeral storage的pod如何运行对于容器级别的隔离,如果容器的可写层( writable layer)和日志(log)超出了容量限制,容器所在的pod将会被驱离;对于pod级别的隔离,如果pod里所有容器使用的总Local ephemeral storage和pod的emptydir存储卷超过限制,pod将会被驱离.
示例
apiVersion: v1 kind: Pod metadata: name: teststorage labels: app: teststorage spec: containers: - name: busybox image: busybox command: ["bash", "-c", "while true; do dd if=http://www.likecs.com/dev/zero of=$(date '+%s').out count=1 bs=10MB; sleep 1; done"] # 持续写入文件到容器的rootfs中 resources: limits: ephemeral-storage: 100Mi #定义存储的限制为100M requests: ephemeral-storage: 100Mi测试这个Pod就能发现在容器写入超过存储限制时就会被驱逐掉了:
/tmp kubectl apply -f pod.yaml pod "teststorage" created /tmp kubectl get pod -w NAME READY STATUS RESTARTS AGE teststorage 0/1 ContainerCreating 0 3s teststorage 1/1 Running 0 7s teststorage 0/1 Evicted 0 1m查看kubernetes的pod的事件也能看到它是由于超过了限制的ephemeral-storage被驱逐掉:
Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 2m default-scheduler Successfully assigned teststorage to minikube Normal SuccessfulMountVolume 2m kubelet, minikube MountVolume.SetUp succeeded for volume "default-token-l7wp9" Normal Pulling 2m kubelet, minikube pulling image "busybox" Normal Pulled 2m kubelet, minikube Successfully pulled image "busybox" Normal Created 2m kubelet, minikube Created container Normal Started 2m kubelet, minikube Started container Warning Evicted 1m kubelet, minikube pod ephemeral local storage usage exceeds the total limit of containers {{104857600 0} {<nil>} 100Mi BinarySI} Normal Killing 1m kubelet, minikube Killing container with id docker://busybox:Need to kill Pod