Tips for using Managed Service for Kubernetes
Use these recommendations for your PRODUCTION applications that require:
- High availability and fault tolerance.
- Load scaling.
- Resource isolation.
High availability and fault tolerance
- Use the
REGULARorSTABLErelease channel. NodeLocal DNS and Pod Topology Constraints are available in all Kubernetes versions.
Tip
Use the RAPID release channel for test environments to more quickly test Kubernetes and Managed Service for Kubernetes updates.
-
Update your cluster and your node groups manually. To do this, disable automatic master and node group updates.
-
Select the highly available master type located in three zones. Kubernetes services will be available in the event of an availability zone level failure. The Managed Service for Kubernetes [Service Level Agreement] applies to the configuration with a highly available master located in three zones.
-
Deploy your
DeploymentandStatefulSettype services in multiple instances in different availability zones. Use the Pod Topology Constraints and the AntiAffinity strategies to ensure high service availability and efficient usage of Kubernetes cluster resources.Use the label combinations below for all strategies:
topology.kubernetes.io/zoneto keep the services available in the event of an availability zone failure.kubernetes.io/hostnameto keep the services available in the event of a cluster node failure.
Tip
Test the strategies in a test environment before migrating them to
PRODUCTION.
Load scaling
Use these recommendations if the load on your Managed Service for Kubernetes cluster is constantly growing:
- To make your cluster more robust, create node groups with automatic scaling in multiple availability zones.
- To reduce the load on the Kubernetes DNS, use NodeLocal DNS. If the cluster contains over 50 nodes, use automatic DNS scaling.
- To reduce horizontal traffic within the cluster, use a Network Load Balancer and the
externalTrafficPolicy:Localrule where possible. - Consider node storage requirements in advance:
- Review disk limits for Yandex Compute Cloud.
- Load test your disk subsystem in a test environment.
- To reduce latency at high IOPS, use non-replicated disks.
Isolating resources
Follow these recommendations for applications that use shared Kubernetes cluster resources.
Adjust limits and requests for all the cluster services:
---
...
containers:
...
resources:
limits:
cpu: 250m
memory: 128Mi
requests:
cpu: 100m
memory: 64Mi
...
Specify vCPU availability in thousandths and RAM in megabytes. The service will not exceed the vCPU or RAM limits specified in limits. Customized requests allow you to autoscale cluster nodes.
To manage pod resources automatically, configure Kubernetes policies:
- Quality of Service for Pods to create pods of different availability classes.
- Limit Ranges to set limits at the namespace level.