Bryan Sazon

Posted on Feb 6, 2020

Kubernetes Pod Affinity rules in a nutshell

#kubernetes #devops

Pod Affinity

If you have the time, you must read about Pod Affinity.

Problem

I do not want to run a specific workload (sensitive-workload) along with some disruptive workloads (mysql and prometheus) within the same node. I know that these disruptive workloads have the following pod labels:

app=mysql (default namespace)
app=prometheus (monitoring namespace)

kubectl get pods -l app=mysql -n default
kubectl get pods -l app=prometheus -n monitoring

Solution:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: sensitive-workload
  namespace: default
spec:
  template:
    metadata:
      labels:
        app: sensitive-workload
    spec:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - mysql
            topologyKey: "kubernetes.io/hostname"
          - labelSelector:
              matchExpressions:
                - key: app
                  operator: In
                  values:
                  - prometheus
            topologyKey: "kubernetes.io/hostname"
            namespaces:
              - monitoring

By default labelSelector will search within the same namespace of the workload. You can use the namespaces field to add more namespaces to look for.

Hands-on debugging session: instrument, monitor, and fix

Join Lazar for a hands-on session where you’ll build it, break it, debug it, and fix it. You’ll set up Sentry, track errors, use Session Replay and Tracing, and leverage some good ol’ AI to find and fix issues fast.

RSVP here →

Top comments (0)

Try REST API Generation for Snowflake

DevOps for Private APIs. Automate the building, securing, and documenting of internal/private REST APIs with built-in enterprise security on bare-metal, VMs, or containers.

Auto-generated live APIs mapped from Snowflake database schema

Interactive Swagger API documentation

Scripting engine to customize your API

Built-in role-based access control

11th Dec 2024 — OpenAI Outage (ChatGPT) Explained: Kubernetes Clusters on Fire!

Puru - Dec 16 '24

How I Leverage Raspberry Pi as a DevOps Engineer

Yusuf Adeyemo - Dec 16 '24

Automated Load Testing in CI/CD Pipelines: Lessons from a Custom Bash Script

Favour Lawrence - Dec 16 '24

Security Defaults in Azure: Simplifying Identity Security for All

S3CloudHub - Dec 16 '24

DEV Community