Photo by Amy Shamblen / Unsplash

TIL - Pod Topology Spread Constraints

kubernetes Oct 30, 2022

In Kubernetes, pod topology spread constraints are used to control how pods are spread across the cluster. This helps to achieve high availability by evenly distributing workloads between nodes.


Example Scenario

There is an internal web application deployed in the staging cluster. However, the developers have reported that the web application takes a lot of time to respond. Upon investigating, you see that the node on which the web application is deployed has a resource crunch.

Upon further investigation, you see that two pods of the same security logging module are running on that node.

These pods with the security logging module has not been deployed as a DaemonSet because it is under evaluation and in the pilot stages. To collect sufficient logs, it is essential that two pods are deployed on two different nodes. Surely something went wrong and both replicas ended up on the same node.

As a senior engineer on the team, you came up with the below pod specification to fix the issue using the "Pod Topology Spread Constraints" concept.

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    id: very-important-for-security
  name: deploy-important
  namespace: staging-internal
spec:
  replicas: 2
  selector:
    matchLabels:
      id: very-important-for-security
  template:
    metadata:
      labels:
        id: very-important-for-security
    spec:
      volumes:
      - name: volume-mount
        emptyDir: {}
      containers:
      - image: securitycorp/log-producer:fictitious
        name: fictitious-log-producer
        command:
        - /bin/sh
        args:
        - "-c"
        - "produce-security-logs /mnt/logs/important-logs"
        volumeMounts:
        - name: volume-mount
          path: /mnt/logs
      - image: securitycorp/log-consumer:fictitious
        name: fictitious-log-consumer
        command:
        - /bin/sh
        args:
        - "-c"
        - "consume-security-logs /mnt/logs/important-logs"
        volumeMounts:
        - name: volume-mount
          path: /mnt/logs
      topologySpreadConstraints:
      - maxSkew: 1
        topologyKey: kubernetes.io/hostname
        whenUnsatisfiable: DoNotSchedule
        labelSelector:
          matchLabels:
            id: very-important-for-security

References

Pod Topology Spread Constraints
You can use topology spread constraints to control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains. This can help to achieve high availability as well as efficient resource utilization.You can set cluster-level con…
Introducing PodTopologySpread
Author: Wei Huang (IBM), Aldo Culquicondor (Google)Managing Pods distribution across a cluster is hard. The well-known Kubernetes features for Pod affinity and anti-affinity, allow some control of Pod placement in different topologies. However, these features only resolve part of Pods distribution…

Tags