Recommendations for using Managed Service for Kubernetes
Use these recommendations for your PRODUCTION applications that require:
- High availability and fault tolerance.
- Load scaling.
- Resource isolation.
High availability and fault tolerance
- Use the
REGULARorSTABLErelease channel. NodeLocal DNS and Pod Topology Constraints are available in all Kubernetes versions.
Tip
Use the RAPID release channel for test environments to more quickly test Kubernetes and Managed Service for Kubernetes updates.
-
Update cluster and node groups manually. To do this, disable automatic master and node group updates.
-
When creating a cluster, select the Regional master type. Kubernetes services will be available in the event of a failure at the availability zone level. [The Managed Service for Kubernetes Service Level Agreement] applies to the configuration with the regional master.
-
Deploy multiple instances of services, such as
DeploymentandStatefulSet, in different availability zones. Use the Pod Topology Constraints and the AntiAffinity strategies to ensure high service availability and efficient usage of Kubernetes cluster resources.Use combinations of the labels below for all strategies:
topology.kubernetes.io/zoneto keep the services available in case of availability zone failure.kubernetes.io/hostnameto keep the services available in the event of cluster node failure.
Tip
Test the strategies in a test environment before implementing them in
PRODUCTION.
Load scaling
Use these recommendations if the load on your Managed Service for Kubernetes cluster is constantly growing:
- To make your cluster more robust, create node groups with automatic scaling in multiple availability zones.
- To reduce the load on the Kubernetes DNS, use NodeLocal DNS. If a cluster is made up of over 50 nodes, use automatic DNS scaling.
- To reduce horizontal traffic within a cluster, use the Network Load Balancer and the
externalTrafficPolicy:Localrule if possible. - Consider node storage requirements in advance:
- Review disk limits for Yandex Compute Cloud.
- Load test your disk subsystem in a test environment.
- To reduce latency at high IOPS, use non-replicated disks.
Isolating resources
Follow these recommendations for applications that use shared Kubernetes cluster resources.
Adjust the values of limits and requests for all cluster services:
---
...
containers:
...
resources:
limits:
cpu: 250m
memory: 128Mi
requests:
cpu: 100m
memory: 64Mi
...
Specify vCPU availability in thousandths and RAM in megabytes. The service will not exceed the vCPU or RAM values specified in limits. Customized requests enable you to scale cluster nodes using automatic scaling.
To manage pod resources automatically, configure Kubernetes policies:
- Quality of Service for Pods to create pods in different availability classes.
- Limit Ranges to set limits at the namespace level.