Container Service for Kubernetes (ACK) reserves a certain amount of node resources to run Kubernetes components and system processes. This ensures that the operating system kernel, system services, and Kubernetes daemons can run as normal. However, this causes the amount of allocatable resources of a node to differ from the resource capacity of the node. ACK provides a default resource reservation policy. You can also configure the kubelet parameters to customize resource reservations.
Limits
You can create customize resource reservations only for ACK clusters whose Kubernetes versions are 1.16.9 or later. For more information about how to update an ACK cluster, see Update an ACK cluster.
Impact
Custom resource reservations and impact
You can refer to Customize the kubelet parameters of a node pool to customize resource reservations. The custom resource reservation policy takes effect on existing nodes in the node pool and nodes that are newly added to the node pool. New nodes include nodes that are added by scale-out activities and Elastic Compute Service (ECS) nodes that are added by selecting Add Existing Node in the ACK console.
Do not use the CLI to manually modify the kubelet ConfigMap. If a configuration conflict exists, exceptions may occur during node pool O&M activities.
Changing the amount of reserved resources may reduce the amount of allocatable resources on a node. If the resource usage of a node is high, pods on the node may be evicted. Configure resource reservations properly.
Impact of the default resource reservations
ACK may iterate the default values of resource reservations. If you update the node configuration of a node pool after an iteration, the new resource reservation policy is automatically applied to nodes in the node pool. For example, if you update the Kubernetes version, update the node pool, or modify the kubelet parameters of the node pool, the new resource reservation policy is automatically applied. If you do not perform any O&M operations, the new resource reservation policy is not applied to the existing nodes in the node pool in case the stability of your businesses is affected.
To apply the new resource reservation policy to an existing node, remove the node from the cluster and then add it to the cluster again. By default, the new resource reservation policy is automatically applied to newly added nodes. For more information about how to add and remove nodes and the impacts of the operations, see Remove a node and Add existing ECS instances to an ACK cluster.
View the allocatable resources of a node
Run the following command to view the resource capacity and allocatable resources of a node:
kubectl describe node [NODE_NAME] | grep Allocatable -B 7 -A 6Expected output:
Capacity:
cpu: 4 #The total number of vCores provided by the node.
ephemeral-storage: 123722704Ki #The total amount of ephemeral storage provided by the node. Unit: KiB.
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 7925980Ki #The total amount of memory provided by the node. Unit: KiB.
pods: 64
Allocatable:
cpu: 3900m #The number of allocatable vCores on the node.
ephemeral-storage: 114022843818 #The amount of allocatable ephemeral storage on the node. Unit: bytes.
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 5824732Ki #The amount of allocatable memory on the node. Unit: KiB.
pods: 64Calculate the allocatable resources of a node
You can calculate the allocatable resources of a node based on the following formula: Allocatable resources = Resource capacity - Reserved resources - Eviction threshold.
Formula description:
The
Capacityparameter indicates the resource capacity of the node.For more information about resource reservations, see Resource reservation policy.
For more information about the eviction threshold, see Node-pressure Eviction.
Resource reservation policy
You need to take the following factors into account when you configure a resource reservation policy:
ECS nodes with higher specifications usually can host more pods. To ensure the performance of nodes, ACK reserves more resources for Kubernetes components.
Windows nodes require additional resources to run the Windows operating system and Windows Server components. Therefore, Windows nodes usually reserve more resources than Linux nodes. For more information, see Create a Windows node pool.
Reserved resources include kubeReserved and systemReserved. kubeReserved specifies the resources reserved for Kubernetes components and systemReserved specifies the resources reserved for system processes. kubeReserved and systemReserved each account for 50% of reserved resources. For example, if a node provides one vCore, 100 millicores are reserved. In this case, kubeReserved reserves 50 millicores and systemReserved reserves 50 millicores. For more information about how to modify resource reservations, see Customize the kubelet parameters of a node pool.
ACK calculates the amount of reserved resources based on the CPU and memory resources in different intervals. The resource capacity of a node equals the sum of reserved resources in all intervals.
CPU: The following figure shows the total amount of reserved CPU resources of a computing node.
If the node provides 32 vCores, the total amount of CPU resources reserved is calculated based on the following formula:
800 millicores = 100 + (32000 - 4000) × 2.5%
Memory: The following figure shows the total amount of reserved memory resources of a computing node.
If the node provides 256 GiB of memory, the total amount of memory resources reserved is calculated based on the following formula:
11.88 GiB = 4 × 25% + (8 - 4) × 20% + (16 - 8) × 10% + (128 - 16) × 6% + (256 - 128) × 2%
Example of resource reservation
Node resource capacity | Reserved resource | ||
CPU (Unit: vCores) | Memory (Unit: GiB) | CPU (Unit: millicores) | Memory (Unit: MiB) |
1 | 2 | 100 | 512 |
2 | 4 | 100 | 1024 |
4 | 8 | 100 | 1843 |
8 | 16 | 200 | 2662 |
16 | 32 | 400 | 3645 |
32 | 64 | 800 | 5611 |
64 | 128 | 1600 | 9543 |
128 | 256 | 2400 | 12164 |
256 | 512 | 3040 | 17407 |
512 | 1024 | 4320 | 27893 |
FAQ
How to view the total CPU and memory resources provided by a node?
CPU
Run the following command to query the total number of vCores provided by a node:
cat /proc/cpuinfo | grep processorExpected output:
processor : 0
processor : 1
processor : 2
processor : 3Memory
Run the following command to query the total amount of memory provided by a node:
cat /proc/meminfo | grep MemTotalExpected output:
MemTotal: 7660952 kBReferences
For more information about how to customize resource reservations and the eviction threshold, see Customize the kubelet parameters of a node pool.
You can configure resource requests for application pods based on the amount of allocatable resources. The sum of resource requests of all application pods on a node must not be greater than the amount of allocatable resources on the node. Otherwise, pod scheduling failures occur due to insufficient resources. ACK can create resource profiles for Kubernetes-native workloads to help you configure resource requests based on the historical resource usage data. For more information about how to configure resource requests for application pods, see Create a stateless application by using a Deployment.
To apply a custom resource reservation policy to existing pods on a node, you need to remove the node from the cluster and then add the node to the cluster again. By default, the custom resource reservation policy is automatically applied to newly added nodes. For more information about how to add and remove nodes and the impacts of the operations, see Remove a node and Add existing ECS instances to an ACK cluster.