|
| 1 | +[id="overview-of-nodes"] |
| 2 | += Overview of nodes |
| 3 | +include::modules/common-attributes.adoc[] |
| 4 | +:context: overview-of-nodes |
| 5 | + |
| 6 | +toc::[] |
| 7 | + |
| 8 | +// TODO: Need some help with an intro blurb |
| 9 | + |
| 10 | +[id="nodes-overview"] |
| 11 | +== About nodes |
| 12 | + |
| 13 | +A node is a virtual or bare-metal machine in a Kubernetes cluster. Worker nodes host your application containers, grouped as pods. The control plane nodes run services that are required to control the Kubernetes cluster. In {product-title}, the control plane nodes contain more than just the Kubernetes services for managing the {product-title} cluster. |
| 14 | + |
| 15 | +Having stable and healthy nodes in a cluster is fundamental to the smooth functioning of your hosted application. |
| 16 | +In {product-title}, you can access, manage, and monitor a node through the `Node` object representing the node. |
| 17 | +Using the OpenShift CLI (`oc`) or the web console, you can perform the following operations on a node. |
| 18 | + |
| 19 | +[discrete] |
| 20 | +=== Read operations |
| 21 | + |
| 22 | +The read operations allow an administrator or a developer to get information about nodes in an {product-title} cluster. |
| 23 | + |
| 24 | +* xref:../nodes/nodes/nodes-nodes-viewing.adoc#nodes-nodes-viewing-listing_nodes-nodes-viewing[List all the nodes in a cluster]. |
| 25 | +* Get information about a node, such as memory and CPU usage, health, status, and age. |
| 26 | +* xref:../nodes/nodes/nodes-nodes-viewing.adoc#nodes-nodes-viewing-listing-pods_nodes-nodes-viewing[List pods running on a node]. |
| 27 | + |
| 28 | +[discrete] |
| 29 | +=== Management operations |
| 30 | + |
| 31 | +As an administrator, you can easily manage a node in an {product-title} cluster |
| 32 | +through several tasks: |
| 33 | + |
| 34 | +* xref:../nodes/nodes/nodes-nodes-working.adoc#nodes-nodes-working-updating_nodes-nodes-working[Add or update node labels]. A label is a key-value pair applied to a `Node` object. You can control the scheduling of pods using labels. |
| 35 | +* Change node configuration using a custom resource definition (CRD), or the `kubeletConfig` object. |
| 36 | +* Configure nodes to allow or disallow the scheduling of pods. Healthy worker nodes with a `Ready` status allow pod placement by default while the control plane nodes do not; you can change this default behavior by xref:../nodes/nodes/nodes-nodes-working.adoc#nodes-nodes-working-marking_nodes-nodes-working[configuring the worker nodes to be unschedulable] and xref:../nodes/nodes/nodes-nodes-working.adoc#nodes-nodes-working-master-schedulable_nodes-nodes-working[the control plane nodes to be schedulable]. |
| 37 | +* xref:../nodes/nodes/nodes-nodes-resources-configuring.adoc#nodes-nodes-resources-configuring[Allocate resources for nodes] using the `system-reserved` setting. You can allow {product-title} to automatically determine the optimal `system-reserved` CPU and memory resources for your nodes, or you can manually determine and set the best resources for your nodes. |
| 38 | +* xref:../nodes/nodes/nodes-nodes-managing-max-pods.adoc#nodes-nodes-managing-max-pods-about_nodes-nodes-jobs[Configure the number of pods that can run on a node] based on the number of processor cores on the node, a hard limit, or both. |
| 39 | +* Reboot a node gracefully using xref:../nodes/nodes/nodes-nodes-rebooting.adoc#nodes-nodes-rebooting-affinity_nodes-nodes-rebooting[pod anti-affinity]. |
| 40 | +* xref:../nodes/nodes/nodes-nodes-working.adoc#deleting-nodes[Delete a node from a cluster] by scaling down the cluster using a machine set. To delete a node from a bare-metal cluster, you must first drain all pods on the node and then manually delete the node. |
| 41 | + |
| 42 | +[discrete] |
| 43 | +=== Enhancement operations |
| 44 | + |
| 45 | +{product-title} allows you to do more than just access and manage nodes; as an administrator, you can perform the following tasks on nodes to make the cluster more efficient, application-friendly, and to provide a better environment for your developers. |
| 46 | + |
| 47 | +* Manage node-level tuning for high-performance applications that require some level of kernel tuning by xref:../nodes/nodes/nodes-node-tuning-operator.adoc#nodes-node-tuning-operator[using the Node Tuning Operator]. |
| 48 | +* Enable TLS security profiles on the node to protect communication between the kubelet and the Kubernetes API server. |
| 49 | +* xref:../nodes/jobs/nodes-pods-daemonsets.adoc#nodes-pods-daemonsets[Run background tasks on nodes automatically with daemon sets]. You can create and use daemon sets to create shared storage, run a logging pod on every node, or deploy a monitoring agent on all nodes. |
| 50 | +* xref:../nodes/nodes/nodes-nodes-garbage-collection.adoc#nodes-nodes-garbage-collection[Free node resources using garbage collection]. You can ensure that your nodes are running efficiently by removing terminated containers and the images not referenced by any running pods. |
| 51 | +* xref:../nodes/nodes/nodes-nodes-working.adoc#nodes-nodes-kernel-arguments_nodes-nodes-working[Add kernel arguments to a set of nodes]. |
| 52 | +* Configure an {product-title} cluster to have worker nodes at the network edge (remote worker nodes). For information on the challenges of having remote worker nodes in an {product-title} cluster and some recommended approaches for managing pods on a remote worker node, see xref:../nodes/edge/nodes-edge-remote-workers.adoc#nodes-edge-remote-workers[Using remote worker nodes at the network edge]. |
| 53 | + |
| 54 | + |
| 55 | +[id="pods-overview"] |
| 56 | +== About pods |
| 57 | + |
| 58 | +A pod is one or more containers deployed together on a node. As a cluster administrator, you can define a pod, assign it to run on a healthy node that is ready for scheduling, and manage. A pod runs as long as the containers are running. You cannot change a pod once it is defined and is running. Some operations you can perform when working with pods are: |
| 59 | + |
| 60 | +[discrete] |
| 61 | +=== Read operations |
| 62 | + |
| 63 | +As an administrator, you can get information about pods in a project through the following tasks: |
| 64 | + |
| 65 | +* xref:../nodes/pods/nodes-pods-viewing.adoc#nodes-pods-viewing-project_nodes-pods-viewing[List pods associated with a project], including information such as the number of replicas and restarts, current status, and age. |
| 66 | +* xref:../nodes/pods/nodes-pods-viewing.adoc#nodes-pods-viewing-usage_nodes-pods-viewing[View pod usage statistics] such as CPU, memory, and storage consumption. |
| 67 | + |
| 68 | +[discrete] |
| 69 | +=== Management operations |
| 70 | + |
| 71 | +The following list of tasks provides an overview of how an administrator can manage pods in an {product-title} cluster. |
| 72 | + |
| 73 | +* Control scheduling of pods using the advanced scheduling features available in {product-title}: |
| 74 | +** Node-to-pod binding rules such as xref:../nodes/scheduling/nodes-scheduler-pod-affinity.adoc#nodes-scheduler-pod-affinity-example-affinity_nodes-scheduler-pod-affinity[pod affinity], xref:../nodes/scheduling/nodes-scheduler-node-affinity.adoc#nodes-scheduler-node-affinity[node affinity], and xref:../nodes/scheduling/nodes-scheduler-pod-affinity.adoc#nodes-scheduler-pod-anti-affinity-configuring_nodes-scheduler-pod-affinity[anti-affinity]. |
| 75 | +** xref:../nodes/scheduling/nodes-scheduler-node-selectors.adoc#nodes-scheduler-node-selectors[Node labels and selectors]. |
| 76 | +** xref:../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations[Taints and tolerations]. |
| 77 | +** xref:../nodes/scheduling/nodes-scheduler-pod-topology-spread-constraints.adoc#nodes-scheduler-pod-topology-spread-constraints[Pod topology spread constraints]. |
| 78 | +** xref:../nodes/scheduling/nodes-custom-scheduler.adoc#nodes-custom-scheduler[Custom schedulers]. |
| 79 | +* xref:../nodes/scheduling/nodes-descheduler.adoc#nodes-descheduler[Configure the descheduler to evict pods] based on specific strategies so that the scheduler reschedules the pods to more appropriate nodes. |
| 80 | +* xref:../nodes/pods/nodes-pods-configuring.adoc#nodes-pods-configuring-restart_nodes-pods-configuring[Configure how pods behave after a restart using pod controllers and restart policies]. |
| 81 | +* xref:../nodes/pods/nodes-pods-configuring.adoc#nodes-pods-configuring-bandwidth_nodes-pods-configuring[Limit both egress and ingress traffic on a pod]. |
| 82 | +* xref:../nodes/containers/nodes-containers-volumes.adoc#nodes-containers-volumes[Add and remove volumes to and from any object that has a pod template]. A volume is a mounted file system available to all the containers in a pod. Container storage is ephemeral; you can use volumes to persist container data. |
| 83 | + |
| 84 | +[discrete] |
| 85 | +=== Enhancement operations |
| 86 | + |
| 87 | +You can work with pods more easily and efficiently with the help of various tools and features available in {product-title}. The following operations involve using those tools and features to better manage pods. |
| 88 | + |
| 89 | + |
| 90 | +[cols="2,1,2"] |
| 91 | +|=== |
| 92 | +|Operation |User |More information |
| 93 | + |
| 94 | +|Create and use a horizontal pod autoscaler. |
| 95 | +|Developer |
| 96 | +|You can use a horizontal pod autoscaler to specify the minimum and the maximum number of pods you want to run, as well as the CPU utilization or memory utilization your pods should target. Using a horizontal pod autoscaler, you can xref:../nodes/pods/nodes-pods-autoscaling.adoc#nodes-pods-autoscaling[automatically scale pods]. |
| 97 | + |
| 98 | +|xref:../nodes/pods/nodes-pods-vertical-autoscaler.adoc#nodes-pods-vpa[Install and use a vertical pod autoscaler]. |
| 99 | +|Administrator and developer |
| 100 | +|As an administrator, use a vertical pod autoscaler to better use cluster resources by monitoring the resources and the resource requirements of workloads. |
| 101 | + |
| 102 | +As a developer, use a vertical pod autoscaler to ensure your pods stay up during periods of high demand by scheduling pods to nodes that have enough resources for each pod. |
| 103 | + |
| 104 | +|Provide access to external resources using device plug-ins. |
| 105 | +|Administrator |
| 106 | +|A xref:../nodes/pods/nodes-pods-plugins.adoc#nodes-pods-device[device plug-in] is a gRPC service running on nodes (external to the kubelet), which manages specific hardware resources. You can xref:../nodes/pods/nodes-pods-plugins.adoc#methods-for-deploying-a-device-plug-in[deploy a device plug-in] to provide a consistent and portable solution to consume hardware devices across clusters. |
| 107 | + |
| 108 | +|Provide sensitive data to pods xref:../nodes/pods/nodes-pods-secrets.adoc#nodes-pods-secrets[using the `Secret` object]. |
| 109 | +|Administrator |
| 110 | +|Some applications need sensitive information, such as passwords and usernames. You can use the `Secret` object to provide such information to an application pod. |
| 111 | + |
| 112 | + |
| 113 | +|=== |
| 114 | + |
| 115 | +[id="containers-overview"] |
| 116 | +== About containers |
| 117 | + |
| 118 | +A container is the basic unit of an {product-title} application, which comprises the application code packaged along with its dependencies, libraries, and binaries. Containers provide consistency across environments and multiple deployment targets: physical servers, virtual machines (VMs), and private or public cloud. |
| 119 | + |
| 120 | +Linux container technologies are lightweight mechanisms for isolating running processes and limiting access to only designated resources. |
| 121 | +As an administrator, You can perform various tasks on a Linux container, such as: |
| 122 | + |
| 123 | +* xref:../nodes/containers/nodes-containers-copying-files.adoc#nodes-containers-copying-files[Copy files to and from a container]. |
| 124 | +* xref:../nodes/containers/nodes-containers-downward-api.adoc#nodes-containers-downward-api[Allow containers to consume API objects]. |
| 125 | +* xref:../nodes/containers/nodes-containers-remote-commands.adoc#nodes-containers-remote-commands[Execute remote commands in a container]. |
| 126 | +* xref:../nodes/containers/nodes-containers-port-forwarding.adoc#nodes-containers-port-forwarding[Use port forwarding to access applications in a container]. |
| 127 | + |
| 128 | +{product-title} provides specialized containers called xref:../nodes/containers/nodes-containers-init.adoc#nodes-containers-init[Init containers]. Init containers run before application containers and can contain utilities or setup scripts not present in an application image. You can use an Init container to perform tasks before the rest of a pod is deployed. |
| 129 | + |
| 130 | +Apart from performing specific tasks on nodes, pods, and containers, you can work with the overall {product-title} cluster to keep the cluster efficient and the application pods highly available. |
0 commit comments