https://github.com/frankkkkk/k8s-nodeselector-ensurer

A POC to remove pods when their nodeSelector no longer matches
https://github.com/frankkkkk/k8s-nodeselector-ensurer

kubernetes nodeselector pods watcher

Last synced: 2 months ago
JSON representation

A POC to remove pods when their nodeSelector no longer matches

• Host: GitHub
• URL: https://github.com/frankkkkk/k8s-nodeselector-ensurer
• Owner: Frankkkkk
• Created: 2020-05-18T11:29:36.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2022-12-09T05:19:27.000Z (over 2 years ago)
• Last Synced: 2025-02-25T12:56:08.021Z (2 months ago)
• Topics: kubernetes, nodeselector, pods, watcher
• Language: Python
• Homepage:
• Size: 69.3 KB
• Stars: 2
• Watchers: 3
• Forks: 1
• Open Issues: 8
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# ☸️ Kubernetes NodeSelector ensurer

`k8s-nodeselector-ensurer` is a watcher whose role is to ensure that all

the pods running on the kubernetes cluster adhere to their `nodeSelector` label list.

That is, when a node stops offering a particular label (e.g. `foo=bar`) that a pod

needs, `k8s-nodeselector-ensurer` will detect this and thus kill the aforementionned pod.

# Example

```bash

$ kubectl apply -f nodeselector-ensurer.yml

deployment.apps/nodeselector-ensurer created

$ kubectl apply -f example.yml 

deployment.apps/test-nodeselector created

$ kl get pod -l name=test-nodeselector

NAME                                 READY   STATUS    RESTARTS   AGE

test-nodeselector-5c68758d5f-9dhlw   0/1     Pending   0          3s

$ kl label node node-c24v-2 foo=bar

node/node-c24v-2 labeled

$ kl get pod -l name=test-nodeselector

NAME                                 READY   STATUS    RESTARTS   AGE

test-nodeselector-5c68758d5f-9dhlw   1/1     Running   0          28s

$ kl label node node-c24v-2 foo=notbar --overwrite

node/node-c24v-2 labeled

$ kl get pod -l name=test-nodeselector

NAME                                 READY   STATUS    RESTARTS   AGE

test-nodeselector-5c68758d5f-287sj   0/1     Pending   0          88s

```

# How to use it ❓

First of all, this is a POC, so don't use it. But if you still want to, follow these steps:

## Installation

To install this watcher, simply `kubectl apply -f nodeselector-ensurer.yml`

## Pod usage

By default, this watcher does not change the existing nodeSelector logic.

In order to mark pods as being killable when their `nodeSelector` no longer matches their node's,

just annote the pods with `frankkkkk.nodeSelectorDuringExecution: "true"`

# Why this watcher ⁉️

Kubernetes plans on offering the extra `requiredDuringSchedulingRequiredDuringExecution` affinity type.

However it is still (as of k8s 1.18) still not implemented in the node scheduler 😞.

At first I wanted the watcher to implement this feature, however the Pod resource definition is

not customizable.