K
Q

how to determinate best implementation of Kubernetes cluster

1/3/2019

I had recently began to walk in to the Kubernetes world, there is a lot of information and most of time I get really confused; Then I'd like to ask how I can choose the better way to administrate an infrastructure will like this:

enter image description here

The node and the Kubernetes master are isolated in different DMZ, the port and the direction will be opened as described in the picture.

Which way you will use to let the pods going to be executed on the right node? (for example, an Nginx pod go only on Web1 and/or web2 and a pgSQL pod go only executed on DB1 and/or DB2) use the server labeling system is good enough or have better solution to manage this?

A second doubt I have is the service have to be reachable from the external word directly from the node, so if I want to use replicas, the Web1 and Web2 should listen on same IP address the service is exposed, I suppose, or could this be managed via the kube-proxy? At the moment I thinking about configure a distributed switch between the nodes and set the external ip address of the pod one of the IP attached to the distributed switch.

It is also a good solution or have some better way to do it?

-- AtomiX84
kubernetes

Similar Questions

Assigning specific CPU resources to pod - kubernetes.io/limit-ranger: 'LimitRanger plugin set: cpu request for container elasticsearch'
Kubernetes NGINX ingress only ever returning default back end, not any of the other ingress rules set up
Stackdriver Error reporting for Ruby, running on GKE
Issue in removing docker images remotely on CentOS

1 Answer

1/3/2019

Which way you will use to let the pods going to be executed on the right node?

nodeSelector, simplest way because you add a label to the node kubectl label nodes k8s-node-1 disktype=ssd which can be verified by kubectl get nodes --show-labels and inside pod yaml under spec you add:

nodeSelector:
    disktype: ssd

Node affinity, is more complex and more expressive as you are no longer limited to exact matches. Keep in mind this is still a beta feature.

A second doubt I have is the service have to be reachable from the external word directly from the node, so if I want to use replicas, the Web1 and Web2 should listen on same IP address the service is exposed, I suppose, or could this be managed via the kube-proxy?

Here, I think you will need to use Type LoadBalancer as a Service, most cloud providers have they own internal LoadBalancer GCP, AWS, Azure. There is also MetalLB which is implementation for bare metal Kubernetes clusters.

Hope this helps You.

EDIT:

OP recommends using Node restriction which in his example a better solution to let pods running dynamically on a sub-set of node in the cluster.

-- Crou
Source: StackOverflow