KCI pod annotations

Last updated:2021-11-11 17:43:13

Serverless clusters allow you to use annotations to specify the specifications of pods, bind security groups, enable kube-proxy, and configure bandwidth limits.

Notes:

  • The annotations in this topic are valid only for KCI pods scheduled to virtual nodes.
  • You must configure annotations in PodSpec rather than DeploymentSpec.

Specify the specifications of a KCI pod

You can specify the specifications of a KCI pod when you create a workload.

Annotation key Required Sample annotation value Description
k8s.ksyun.com/kci-instance-cpu No 1 Specifies the number of vCPUs of the pod. This annotation must be used together with k8s.ksyun.com/kci-instance-memory.
k8s.ksyun.com/kci-instance-memory No 2 Specifies the memory capacity of the pod, in GiB. This annotation must be used together with k8s.ksyun.com/kci-instance-cpu.

Example

The following example shows how to create a workload with one vCPU and a memory capacity of 2 GiB. The pod specifications must be within the limits.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
        annotations:
            "k8s.ksyun.com/kci-instance-cpu" : "1"
            "k8s.ksyun.com/kci-instance-memory" : "2"
        labels:
            app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
      nodeName: virtual-node

Specify the security group of a KCI pod

You can specify the security group to which a KCI pod belongs.

Annotation key Required Sample annotation value Description
k8s.ksyun.com/kci-security-group-id No xxxxxxxx Specifies the ID of the security group. If multiple security groups are specified, the default security group will be selected when you create a serverless cluster. If no security group is specified when you create a KCI pod, the security group selected when the cluster is created will be used by default. If you want to use an existing security group in the same VPC to create a KCI pod, you can specify the security group by using an annotation.

Example

apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
        annotations:
            "k8s.ksyun.com/kci-security-group-id" : "${your_security_group_id}"
        labels:
            app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
      nodeName: virtual-node

Enable kube-proxy for a KCI pod

You can define an annotation to enable kube-proxy for a KCI pod so that the pod can access ClusterIP Services.

Annotation key Required Sample annotation value Description
k8s.ksyun.com/kci-kube-proxy-enabled No true, false Specifies whether to enable kube-proxy for a pod. The default value is false, indicating that kube-proxy is disabled. You can set the value to true to enable kube-proxy so that the pod can access ClusterIP Services.

Example

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
        annotations:
          "k8s.ksyun.com/kci-kube-proxy-enabled" : "true"
        labels:
          app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
      nodeName: virtual-node

Configure bandwidth limits for KCI pods

When you create a resource in a cluster, you can define annotations to configure inbound and outbound bandwidth limits for a specific KCI pod.

Annotation key Required Sample annotation value Description
kubernetes.io/ingress-bandwidth No 100M The inbound bandwidth limit of the KCI pod, in Gbit/s, Mbit/s, or kbit/s. If no unit is specified, the bandwidth limit is measured in bit/s by default.
Valid values: 1–1,024 Mbit/s. Default value: 1,024 Mbit/s.
kubernetes.io/egress-bandwidth No 100M The outbound bandwidth limit of the KCI pod, in Gbit/s, Mbit/s, or kbit/s. If no unit is specified, the bandwidth limit is measured in bit/s by default.
Valid values: 1–1,024 Mbit/s. Default value: 1,024 Mbit/s.

Example

apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
        annotations:
          kubernetes.io/ingress-bandwidth: "100M"  # Valid values: 1–1,024 Mbit/s
          kubernetes.io/egress-bandwidth: "200M"   # Valid values: 1–1,024 Mbit/s
        labels:
          app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
      nodeName: virtual-node

Did you find the above information helpful?

Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful

What might be the problems?

Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions

0/200

Please give us your feedback.

Submitted

Thank you for your feedback.

问题反馈