内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官from PG视频:www.itpux.com方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
本文档介绍K
风哥提示:
ubernetes资源管理与配额控制实战。
Part01-资源配额管理
1.1 配置ResourceQuota
[root@k8s-master ~]# kubectl create namespace fgedu-dev
namespace/fgedu-dev created
# 配置资源配额
[root@k8s-master ~]# cat > fgedu-resource-quota.yaml << 'EOF'
apiVersion: v1
kind: ResourceQuota
metadata:
name: fgedu-compute-quota
namespace: fgedu-dev
spec:
hard:
requests.cpu: "10"
requests.memory: 20Gi
limits.cpu: "20"
limits.memory: 40Gi
pods: "50"
services: "20"
secrets: "50"
configmaps: "50"
persistentvolumeclaims: "20"
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: fgedu-object-quota
namespace: fgedu-dev
spec:
hard:
count/deployments.apps: "10"
count/statefulsets.apps: "5"
count/jobs.batch: "20"
count/cronjobs.batch: "10"
EOF
[root@k8s-master ~]# kubectl apply -f fgedu-resource-quota.yaml
resourcequota/fgedu-compute-quota created
resourcequota/fgedu-object-quota created
# 查看配额使用情况
[root@k8s-master ~]# kubectl describe quota -n fgedu-dev
Name: fgedu-compute-quota
Namespace: fgedu-dev
Resource Used Hard
-------- ---- ----
configmaps 0 50
limits.cpu 0 20
limits.memory 0 40Gi
persistentvolumeclaims 0 20
pods 0 50
requests.cpu 0 10
requests.memory 0 20Gi
secrets 1 50
services 0 20
Part02-LimitRange配置
2.1 设置资源限制范围
[root@k8s-master ~]# cat > fgedu-limit-range.yaml << 'EOF' apiVersion: v1 kind: LimitRange metadata: name: fgedu-limit-range namespace: fgedu-dev spec: limits: - type: Container default: cpu: 500m memory: 512Mi defaultRequest: cpu: 100m memory: 128Mi min: cpu: 50m memory: 64Mi max: cpu: 2000m memory: 4Gi - type: PersistentVolumeClaim max: storage: 50Gi min: storage: 1Gi - type: Pod max: cpu: 4000m memory: 8Gi EOF [root@k8s-master ~]# kubectl apply -f fgedu-limit-range.yaml limitrange/fgedu-limit-range created # 查看LimitRange [root@k8s-master ~]# kubectl describe limitrange -n fgedu-dev Name: fgedu-limit-range Namespace: fgedu-dev Type Resource Min Max Default Request Default Limit Max Limit/Request Ratio ---- -------- --- --- --------------- ------------- ----------------------- Container cpu 50m 2 100m 500m - Container memory 64Mi 4Gi 128Mi 512Mi -
Part03-Pod优先级
3.1 配置PriorityClass
[root@k8s-master ~]# cat > fgedu-priority-class.yaml << 'EOF' apiVersion: scheduling.k8s.io/v1 kind: PriorityClass metadata: name: fgedu-high-priority value: 1000000 globalDefault: false description: "FGEDU高优先级应用" --- apiVersion: scheduling.k8s.io/v1 kind: PriorityClass metadata: name: fgedu-medium-priority value: 100000 globalDefault: true description: "FGEDU中等优先级应用" --- apiVersion: scheduling.k8s.io/v1 kind: PriorityClass metadata: name: fgedu-low-priority value: 10000 globalDefault: false description: "FGEDU低优先级应用" EOF [root@k8s-master ~]# kubectl apply -f fgedu-priority-class.yaml priorityclass.scheduling.k8s.io/fgedu-high-priority created priorityclass.更多视频教程www.fgedu.net.cnscheduling.k8s.io/fgedu-medium-priority created priorityclass.scheduling.k8s.io/fgedu-low-priority created # 部署高优先级应用 [root@k8s-master ~]# cat > fgedu-critical-app.yaml << 'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: fgedu-critical-app namespace: fgedu-dev spec: replicas: 3 selector: matchLabels: app: fgedu-critical template: metadata: labels: app: fgedu-critical spec: priorityClassName: fgedu-high-priority containers: - name: app image: nginx:1.25 resources: requests: cpu: 500m memory: 512Mi limits: cpu: 1000m memory: 1Gi EOF [root@k8s-master ~]# kubectl apply -f fgedu-critical-app.yaml deployment.apps/fgedu-critical-app created
Part04-资源监控
4.1 资源使用监控
[root@k8s-master ~]# kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
k8s-master 500m 25% 2Gi 25%
k8s-node1 800m 20% 4Gi 25%
k8s-node2 600m 15% 3Gi 18%
# 查看Pod资源使用
[root@k8s-master ~]# kubectl top pods -n fgedu-dev
NAME CPU(cores) MEMORY(bytes)
fgedu-critical-app-abc12-xyz789 50m 128Mi
fgedu-critical-app-abc12-abc12 45m 120Mi
fgedu-critical-app-abc12-def34 48m 125Mi
# 查看资源请求和限制
[root@k8s-master ~]# kubectl describe node k8s-node1 | grep -A 10 “Allocated resources”
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
——– ——– ——
cpu 1500m (37%) 3000m (75%)
memory 3Gi (18%) 6Gi (37%)
ephemeral-storage 0 (0%) 0 (0%)
# 创建资源使用报告
[root@k8s-master ~]# cat > resource-report.sh << 'EOF'
#!/bin/bash
# resource-report.sh
# from:www.itpux.com.qq113257174.wx:itpux-com
# web: http://www.fgedu.net.cn
echo "=== Kubernetes资源使用报告 ==="
echo "生成时间: $(date)"
echo ""
echo "=== 节点资源 ==="
kubectl top nodes
echo ""
echo "=== 命名空间配额使用 ==="
for ns in $(kubectl get ns -o name | cut -d/ -f2); do
quota=$(kubectl get quota -n $ns -o name 2>/dev/null)
if [ -n “$quota” ]; then
echo “命名空间: $ns”
kubectl describe quota -n $ns 2>/dev/null | grep -A 10 “Used”
fi
done
EOF
[root@k8s-master ~]# chmod +x resource-report.sh
[root@k8s-master ~]# ./resource-report.sh
=== Kubernetes资源使用报告 ===
生成时间: Sat Apr 4 23:30:00 CST 2026
=== 节点资源 ===
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
k8s-master 500m 25% 2Gi 25%
k8s-node1 800m 20% 4Gi 25%
k8s-node2 600m 15% 3Gi 18%
=== 命名空间配额使用 ===
命名空间: fgedu-dev
Used Hard
—- —-
0 50
0 20
0 40Gi
- 为所有容器设置资源请求和限制
- 使用ResourceQuota控制命名空间资源
- 配置LimitRange设置默认值
- 使用PriorityClass管理应用优先级
- 定期监控资源使用情况
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
