Kubernetes CPU and Memory Resource Model¶

In Kubernetes, resource management is primarily handled through the configuration of CPU and memory for containers within a Pod. These configurations define the resource requests and limits, which determine how the scheduler places Pods and how the kubelet enforces resource constraints via [[cgroups]]^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Resource Classification¶

Kubernetes categorizes resources into two types based on how resource shortages are handled^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]:

Compressible Resources (CPU): When CPU resources are insufficient, the Pod will experience "throttling" or starvation (performance degradation) but will not be terminated^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].
Incompressible Resources (Memory): When memory resources are insufficient, the Pod is at risk of being killed by the kernel via OOM (Out-Of-Memory) Killer^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Requests and Limits¶

Resource configuration is specified at the container level within a Pod specification^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]. The Pod's overall resource allocation is the sum of its containers' configurations^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

requests: The amount of resources guaranteed to the container. The kube-scheduler uses this value to determine which Node has sufficient resources to host the Pod^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].
limits: The maximum amount of resources the container is allowed to use. The kubelet uses this value to set [[cgroups]] enforcement on the host machine^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

This approach, inspired by Borg, allows users to declare a smaller requests value for scheduling purposes while setting a higher limits value to handle usage spikes^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Quality of Service (QoS) Classes¶

Based on the settings of requests and limits, Kubernetes assigns a QoS class to each Pod^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]. This classification is critical when the kubelet needs to reclaim resources (Eviction) from a Node under pressure^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Guaranteed¶

Condition: Every container in the Pod must have both requests and limits set, and the values must be equal for both CPU and memory^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].
Behavior: These Pods have the highest priority. Guaranteed Pods are only selected for eviction if they exceed their limits or the host is under severe memory pressure^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Burstable¶

Condition: The Pod does not meet the Guaranteed criteria, but at least one container has set a requests value^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].
Behavior: These Pods have a medium priority for eviction. They can use more resources than requested up to their limits, but may be killed before Guaranteed Pods if resources are scarce^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

BestEffort¶

Condition: The Pod has no requests or limits set for any container^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].
Behavior: These Pods have the lowest priority. They are the first to be evicted when the Node faces resource exhaustion^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

The eviction priority order is: BestEffort < Burstable < Guaranteed^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

CPU Allocation Strategies¶

CPU Requests and Limits¶

CPU resources can be defined with a sub-unit (e.g., "250m" for 0.25 cores) or integers^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

CPUsets (Exclusive CPU Allocation)¶

For performance-critical applications, it is possible to bind a Pod to specific CPU cores exclusively, avoiding the context-switching overhead associated with shared CPU time^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Requirements for CPUsets: 1. The Pod must be of Guaranteed QoS class^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md]. 2. The CPU requests and limits must be set to an equal integer value^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

For example, setting cpu: "2" (requests and limits equal) will bind the Pod to two exclusive CPU cores^[400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md].

Kubernetes Scheduler
[[Cgroups]]
Pod
[[Quality of Service (QoS)]]

Sources¶

400-devops__06-Kubernetes__k8s-paas__原理及源码解析__Kubernetes调度机制.md