[K8s] Cordon& Drain

Cordon& Drain이란?

Cordon

node scheduling 중단(cordon)및 허용(uncordon)
- 특정 node에 pod 스케줄을 금지하거나 해제
- kubectl [cordon|uncordon] NODE [options]

<이미지 출처 : [따배쿠/멤버십] 12-2. taint & toleration, cordon& drain >

[ Hands - on ]

node2의 scheduling 중단 및 확인

kubectl cordon node2.example.com

kubectl get nodes

NAME                 STATUS                     ROLES           AGE   VERSION
master.example.com   Ready                      control-plane   22h   v1.24.1
node1.example.com    Ready                      <none>          22h   v1.24.1
node2.example.com    Ready,SchedulingDisabled   <none>          22h   v1.24.1

pod 생성 및 확인
- node1에서 실행 확인

vi deploy-nginx.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: webui
spec:
  replicas: 4
  selector:
    matchLabels:
      app: webui
  template:
    metadata:
      name: nginx-pod
      labels:
        app: webui
    spec:
      containers:
      - name: nginx-container
        image: nginx:1.14

kubectl apply -f deploy-nginx.yaml

kubectl get pods -o wide

NAME                     READY   STATUS    RESTARTS   AGE   IP          NODE                NOMINATED NODE   READINESS GATES
webui-6d75c5dd9b-pphcf   1/1     Running   0          27s   10.36.0.1   node1.example.com   <none>           <none>
webui-6d75c5dd9b-ptdl5   1/1     Running   0          27s   10.36.0.2   node1.example.com   <none>           <none>
webui-6d75c5dd9b-sfh9v   1/1     Running   0          27s   10.36.0.4   node1.example.com   <none>           <none>
webui-6d75c5dd9b-z9htf   1/1     Running   0          27s   10.36.0.3   node1.example.com   <none>           <none>

cordon command 해제 및 확인

kubectl uncordon node2.example.com

kubectl get nodes

NAME                 STATUS   ROLES           AGE   VERSION
master.example.com   Ready    control-plane   22h   v1.24.1
node1.example.com    Ready    <none>          22h   v1.24.1
node2.example.com    Ready    <none>          22h   v1.24.1

Drain

node 비우기(drain)
- 특정 node에서 동작 중인 모든 pod를 제거
- kubectl drain NODE [options]
- --ignore-daemonsets : DaemonSet-managed pod들은 ignore.
- --force=false : RC, RS, Job, DaemonSet 또는 StatefulSet에서 관리하지 않는 Pod까지 제거.

<이미지 출처 : [따배쿠/멤버십] 12-2. taint & toleration, cordon& drain >

[ Hands - on ]

node1,2에 pod 배포

vi deploy-nginx.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: webui
spec:
  replicas: 4
  selector:
    matchLabels:
      app: webui
  template:
    metadata:
      name: nginx-pod
      labels:
        app: webui
    spec:
      containers:
      - name: nginx-container
        image: nginx:1.14

kubectl apply -f deploy-nginx.yaml

db pod 생성

kubectl run db --image=redis

생성된 pod 확인

kubectl get pods -o wide

NAME                     READY   STATUS    RESTARTS   AGE   IP          NODE                NOMINATED NODE   READINESS GATES
db                       1/1     Running   0          39s   10.44.0.3   node2.example.com   <none>           <none>
webui-6d75c5dd9b-85tgk   1/1     Running   0          88s   10.44.0.2   node2.example.com   <none>           <none>
webui-6d75c5dd9b-9mfvm   1/1     Running   0          88s   10.44.0.1   node2.example.com   <none>           <none>
webui-6d75c5dd9b-lqj9l   1/1     Running   0          88s   10.36.0.2   node1.example.com   <none>           <none>
webui-6d75c5dd9b-skxmb   1/1     Running   0          88s   10.36.0.1   node1.example.com   <none>           <none>

node2 비우기 및 확인
- db pod는 삭제만 되지만 webui pod는 node1으로 재배치
- node2는 비워짐과 동시에 cordon 설정

kubectl drain node2.example.com --ignore-daemonsets --force

kubectl get pods -o wide

NAME                     READY   STATUS    RESTARTS   AGE     IP          NODE                NOMINATED NODE   READINESS GATES
webui-6d75c5dd9b-8k2vt   1/1     Running   0          57s     10.36.0.3   node1.example.com   <none>           <none>
webui-6d75c5dd9b-lqj9l   1/1     Running   0          5m13s   10.36.0.2   node1.example.com   <none>           <none>
webui-6d75c5dd9b-skxmb   1/1     Running   0          5m13s   10.36.0.1   node1.example.com   <none>           <none>
webui-6d75c5dd9b-xt8wh   1/1     Running   0          57s     10.36.0.4   node1.example.com   <none>           <none>

kubectl get nodes

NAME                 STATUS                     ROLES           AGE   VERSION
master.example.com   Ready                      control-plane   22h   v1.24.1
node1.example.com    Ready                      <none>          22h   v1.24.1
node2.example.com    Ready,SchedulingDisabled   <none>          22h   v1.24.1

node2 cordon 해제 및 확인

kubectl uncordon node2.example.com

kubectl get nodes

NAME                 STATUS   ROLES           AGE   VERSION
master.example.com   Ready    control-plane   22h   v1.24.1
node1.example.com    Ready    <none>          22h   v1.24.1
node2.example.com    Ready    <none>          22h   v1.24.1

참고 : [따배쿠/멤버십] 12-2. taint & toleration, cordon& drain

저작자표시 비영리 (새창열림)

'INFRA > DevOps' 카테고리의 다른 글

[k8s] 인증과 권한 관리 - 권한편 (0)	2023.03.06
[K8s] 인증과 권한 관리 - 인증편 (1)	2023.02.27
[K8s] Taint & Toleration,Cordon& Drain (0)	2023.02.13
[k8s] Pod Scheduling (1)	2023.02.06
[K8s] Multi-master - HA Kuberenetes cluster 운영 (0)	2023.01.30

베스핀글로벌 테크센터 블로그

[K8s] Cordon& Drain

Cordon& Drain이란?

Cordon

[ Hands - on ]

Drain

[ Hands - on ]

'INFRA > DevOps' 카테고리의 다른 글

댓글

티스토리툴바

[K8s] Cordon& Drain

Cordon& Drain이란?

Cordon

[ Hands - on ]

Drain

[ Hands - on ]

'INFRA > DevOps' 카테고리의 다른 글

관련글

댓글

티스토리툴바