KCI pod annotations

Last updated:2021-04-14 15:43:55

Serverless clusters allow you to specify the specifications and security groups of pods through annotations.

Notes:

  • The annotations in this topic are valid only for KCI pods scheduled to virtual nodes.
  • You must configure annotations in PodSpec rather than DeploymentSpec.

Specify the specifications of a KCI pod

You can specify the specifications of a KCI pod when you create a workload.

Annotation key Required Sample annotation value Description
k8s.ksyun.com/kci-instance-cpu No 1 Specifies the number of vCPUs of the pod. This annotation must be used together with k8s.ksyun.com/kci-instance-memory.
k8s.ksyun.com/kci-instance-memory No 2 Specifies the memory capacity of the pod, in GiB. This annotation must be used together with k8s.ksyun.com/kci-instance-cpu.

Example

The following example shows how to create a workload with one vCPU and a memory capacity of 2 GiB. The pod specifications must be within the limits.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
        annotations:
            "k8s.ksyun.com/kci-instance-cpu" : "1"
            "k8s.ksyun.com/kci-instance-memory" : "2"
        labels:
            app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
      nodeName: virtual-node

Specify the security group of a KCI pod

You can specify the security group to which a KCI pod belongs.

Annotation key Required Sample annotation value Description
k8s.ksyun.com/kci-security-group-id No xxxxxxxx Specifies the ID of the security group. If multiple security groups are specified, the default security group will be selected when you create a serverless cluster. If no security group is specified when you create a KCI pod, the security group selected when the cluster is created will be used by default. If you want to use an existing security group in the same VPC to create a KCI pod, you can specify the security group by using an annotation.

Example

apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
        annotations:
            "k8s.ksyun.com/kci-security-group-id" : "${your_security_group_id}"
        labels:
            app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
      nodeName: virtual-node

Did you find the above information helpful?

Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful

What might be the problems?

Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions

0/200

Please give us your feedback.

Submitted

Thank you for your feedback.

问题反馈