Open in app

Sign in

Write

Sign in

Assign certain worker nodes to specific namespaces in Kubernetes with PodNodeSelector admission plugins

Jbn1233
2 min readOct 26, 2024

--

Add or append “PodNodeSelector” into — enable-admission-plugins parameter

--enable-admission-plugins=PodNodeSelector

restart the kube-apiserver and add this annotations to the namespace

apiVersion: v1
kind: Namespace
metadata:
  annotations:
    scheduler.alpha.kubernetes.io/node-selector: location=dc2
...
...

On certain worker nodes add this label location=dc2

apiVersion: v1
kind: Node
metadata:
  labels:
    location: dc2

If label and annotation not math pod will Pending.

POC:

Deploy nginx deployment replicas=4, pods running on any worker.

$ k create deployment  nginx --image=nginx:1.22 -n dc2
deployment.apps/nginx created
$ k scale -n dc2 deployment nginx --replicas=4
deployment.apps/nginx scaled
$ k get pod -o wide -n dc2
NAME                     READY   STATUS    RESTARTS   AGE   IP            NODE              
nginx-6bbc57b98d-8r7rt   1/1     Running   0          12s   10.69.1.130   nick129-worker1   
nginx-6bbc57b98d-9sgn9   1/1     Running   0          28s   10.69.7.142   nick129-worker2
nginx-6bbc57b98d-m77hw   1/1     Running   0          12s   10.69.3.17    nick129-worker3  
nginx-6bbc57b98d-ph8jq   1/1     Running   0          12s   10.69.8.50    nick129-worker4

Apply namespace and worker labels

$ k patch ns dc2 -p '{"metadata":{"annotations":{"scheduler.alpha.kubernetes.io/node-selector":"location=dc2"}}}'
namespace/dc2 patched
$ k patch node nick129-worker1 -p '{"metadata":{"labels":{"location":"dc2"}}}'
node/nick129-worker1 patched
$ k rollout restart deployment nginx -n dc2 
deployment.apps/nginx restarted
$ k get pod -o wide -n dc2
NAME                     READY   STATUS    RESTARTS   AGE   IP            NODE              
nginx-7d55b56f7c-c2hhw   1/1     Running   0          8s    10.69.1.117   nick129-worker1   
nginx-7d55b56f7c-g5htw   1/1     Running   0          7s    10.69.1.112   nick129-worker1   
nginx-7d55b56f7c-j4p44   1/1     Running   0          8s    10.69.1.86    nick129-worker1   
nginx-7d55b56f7c-jsw6m   1/1     Running   0          7s    10.69.1.163   nick129-worker1

After rollout restarted, ALL pod are running to specific worker (nick129-worker1).

That’s all

refer: https://stackoverflow.com/questions/52487333/how-to-assign-a-namespace-to-certain-nodes

Kubernetes

--

--

Jbn1233
Jbn1233

Written by Jbn1233

28 Followers
1 Following

Very short and simple notes for CKA/SRE and may not works on your environment | jbn1233@gmail.com | Bangkok, Thailand |

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams