mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-06 06:46:26 +01:00
251 lines
6.3 KiB
Plaintext
251 lines
6.3 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * nodes/nodes-scheduler-node-selector.adoc
|
|
|
|
[id="nodes-scheduler-node-selectors-project_{context}"]
|
|
= Creating project-wide node selectors
|
|
|
|
You can use node selectors in a project together with labels on nodes to constrain all pods created in that project to the labeled nodes.
|
|
|
|
When you create a pod in this project, {product-title} adds the node selectors to the pods in the project and schedules the pods on a node with matching labels in the project. If there is a cluster-wide default node selector, a project node selector takes preference.
|
|
|
|
You add labels to a project by editing the `Namespace` object to add the `openshift.io/node-selector` parameter, which contains the label definitions. You add labels to a node by editing the Node object, a MachineSet, or a MachineConfig. Adding the label to the MachineSet ensures that if the node or machine goes down, new nodes have the label. Labels added to a node or MachineConfig do not persist if the node or machine goes down.
|
|
|
|
[NOTE]
|
|
====
|
|
You can add additional key/value pairs to a pod. But you cannot add a different value for a default project key.
|
|
====
|
|
|
|
For example, the following project has the `region=east` node selector:
|
|
|
|
.Example Namespace object
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
annotations:
|
|
openshift.io/node-selector: "region=east"
|
|
...
|
|
|
|
----
|
|
|
|
The following node has the `type=user-node,region=east` labels:
|
|
|
|
.Example Node object
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Node
|
|
metadata:
|
|
name: ci-ln-qg1il3k-f76d1-hlmhl-worker-b-df2s4
|
|
...
|
|
labels:
|
|
region: east
|
|
type: user-node
|
|
...
|
|
|
|
----
|
|
|
|
If you create a pod in this example project, the pod is created with the project node selector and is scheduled on the labeled node:
|
|
|
|
.Example Pod object
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
...
|
|
spec:
|
|
nodeSelector:
|
|
region: east
|
|
type: user-node
|
|
...
|
|
----
|
|
|
|
[source,terminal]
|
|
.Example pod list with the pod on the labeled node
|
|
----
|
|
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
|
|
pod-s1 1/1 Running 0 20s 10.131.2.6 ci-ln-qg1il3k-f76d1-hlmhl-worker-b-df2s4 <none> <none>
|
|
----
|
|
|
|
A pod in the project is not created or scheduled if the pod contains different node selectors. For example, if you deploy the following pod into the example project, it will not be created:
|
|
|
|
.Example Pod object with an invalid node selector
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Pod
|
|
...
|
|
|
|
spec:
|
|
nodeSelector:
|
|
region: west
|
|
|
|
....
|
|
----
|
|
|
|
When you create the pod, you receive an error similar to the following message:
|
|
|
|
.Example error message
|
|
[source,terminal]
|
|
----
|
|
Error from server (Forbidden): error when creating "pod.yaml": pods "pod-4" is forbidden: pod node label selector conflicts with its project node label selector
|
|
----
|
|
|
|
.Procedure
|
|
|
|
To add a default project node selector:
|
|
|
|
. Create a project or edit an existing project to add the `openshift.io/node-selector` parameter:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc edit project <name>
|
|
----
|
|
+
|
|
.Example output
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Project
|
|
metadata:
|
|
annotations:
|
|
openshift.io/node-selector: "type=user-node,region=east" <1>
|
|
openshift.io/sa.scc.mcs: s0:c17,c14
|
|
openshift.io/sa.scc.supplemental-groups: 1000300000/10000
|
|
openshift.io/sa.scc.uid-range: 1000300000/10000
|
|
creationTimestamp: 2019-06-10T14:39:45Z
|
|
labels:
|
|
openshift.io/run-level: "0"
|
|
name: demo
|
|
resourceVersion: "401885"
|
|
selfLink: /api/v1/namespaces/openshift-kube-apiserver
|
|
uid: 96ecc54b-8b8d-11e9-9f54-0a9ae641edd0
|
|
spec:
|
|
finalizers:
|
|
- kubernetes
|
|
status:
|
|
phase: Active
|
|
----
|
|
<1> Add the `openshift.io/node-selector` with the appropriate `<key>:<value>` pairs.
|
|
|
|
. Add labels to a node by using a MachineSet or editing the node directly:
|
|
|
|
* Use a MachineSet to add labels to nodes managed by the MachineSet when a node is created:
|
|
|
|
.. Run the following command to add a node selector to a MachineSet:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc patch MachineSet <name> --type='json' -p='[{"op":"add","path":"/spec/template/spec/metadata/labels", "value":{"<key>"="<value>","<key>"="<value>"}}]' -n openshift-machine-api
|
|
----
|
|
+
|
|
For example:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc patch MachineSet ci-ln-l8nry52-f76d1-hl7m7-worker-c --type='json' -p='[{"op":"add","path":"/spec/template/spec/metadata/labels", "value":{"type":"user-node","region":"east"}}]' -n openshift-machine-api
|
|
----
|
|
|
|
.. Verify that the label is added to the MachineSet by using the `oc edit` command:
|
|
+
|
|
For example:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc edit MachineSet ci-ln-l8nry52-f76d1-hl7m7-worker-c -n openshift-machine-api
|
|
----
|
|
+
|
|
.Example output
|
|
[source,yaml]
|
|
----
|
|
apiVersion: machine.openshift.io/v1beta1
|
|
kind: MachineSet
|
|
metadata:
|
|
...
|
|
spec:
|
|
...
|
|
template:
|
|
metadata:
|
|
...
|
|
spec:
|
|
metadata:
|
|
labels:
|
|
region: east
|
|
type: user-node
|
|
----
|
|
|
|
.. Redeploy the nodes associated with that MachineSet:
|
|
+
|
|
For example:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc scale --replicas=0 MachineSet ci-ln-l8nry52-f76d1-hl7m7-worker-c -n openshift-machine-api
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc scale --replicas=1 MachineSet ci-ln-l8nry52-f76d1-hl7m7-worker-c -n openshift-machine-api
|
|
----
|
|
|
|
.. Verify that the label is added to the node, when the node is ready and available, using the `oc get` command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes -l <key>=<value>
|
|
----
|
|
+
|
|
For example:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes -l type=user-node,region=east
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME STATUS ROLES AGE VERSION
|
|
ci-ln-l8nry52-f76d1-hl7m7-worker-c-vmqzp Ready worker 61s v1.18.3+002a51f
|
|
----
|
|
|
|
* Add labels directly to a node:
|
|
|
|
.. Edit the `Node` object to add labels:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc label <resource> <name> <key>=<value>
|
|
----
|
|
+
|
|
For example, to label a node:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc label nodes ci-ln-l8nry52-f76d1-hl7m7-worker-c-tgq49 type=user-node region=east
|
|
----
|
|
|
|
.. Verify that the label is added to the node using the `oc get` command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes -l <key>=<value>
|
|
----
|
|
+
|
|
For example:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes -l type=user-node,region=east
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME STATUS ROLES AGE VERSION
|
|
ci-ln-l8nry52-f76d1-hl7m7-worker-b-tgq49 Ready worker 17m v1.18.3+002a51f
|
|
----
|