Kubernetes 中是否有任何选项可以在特定的 cgroup 目录中 运行 pod?

Is there any option in Kubernetes to run pod in a specific cgroup directory?

我正在尝试动态限制 pod 中每个容器的资源使用。对于 docker,我使用 --cgroup-parent 将容器放在特定的 cgroup 目录中。但是,在 Kubernetes 中,我还没有找到任何可以执行此操作的选项。

您可以使用 Kubernetes 支持的 cgroupfs 驱动程序。

但也许您只想 set the Pod and Container resources alone? Kubernetes allows setting the limits for specific containers as well,因此您可以拥有 500Mi RAM 的应用程序和 50Mi RAM (requests) 的日志,但将两者都扩展到1Gi 如有必要 (limits):

spec:
  containers:
  - name: app
    image: images.my-company.example/app:v4
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"
  - name: log-aggregator
    image: images.my-company.example/log-aggregator:v6
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"

更新:

David Maze, you can also utilize autoscalers such as Vertical Pod Autoscaler which will adjust the Pod resources. For that however a CustomResourceDefinition 所述,这是必要的,因此即使是创建 CRD 和部署集群的适当权限(因此,如果您的访问权限有限并且需要联系集群管理员,则可能无法正常工作) .

... it will set the requests automatically based on usage ... It will also maintain ratios between limits and requests that were specified in initial containers configuration.

apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
metadata:
  name: my-app-vpa
spec:
  targetRef:
    apiVersion: "apps/v1"
    kind:       Deployment
    name:       my-app
  updatePolicy:
    updateMode: "Auto"

甚至 Horizontal autoscaling,以防您需要单独的 实例 应用程序(因此管理 Pod count).