Isolate cluster nodes with Kubernetes¶
This topic describes how to use a Kubernetes namespace to deploy a Kubernetes workload to worker nodes using the MKE web UI.
MKE uses the scheduler.alpha.kubernetes.io/node-selector
annotation key to
assign node selectors to namespaces. Assigning the name of the node selector
to this annotation pins all applications deployed in the namespace to the nodes
that have the given node selector specified.
To isolate cluster nodes with Kubernetes:
Create a Kubernetes namespace.
Note
You can also associate nodes with a namespace by providing the namespace definition information in a configuration file.
Log in to the MKE web UI as an administrator.
In the left-side navigation panel, navigate to Kubernetes and click Create to open the Create Kubernetes Object page.
Paste the following in the Object YAML editor:
apiVersion: v1 kind: Namespace metadata: name: namespace-name
Click Create to create the namespace-name namespace.
Grant access to the Kubernetes namespace:
Create a role binding for a user of your choice to access the namespace-name namespace with the built-in cluster-admin Cluster Role.
Associate nodes with the namespace:
From the left-side navigation panel, navigate to Shared Resources > Nodes.
Select the required node.
Click the Edit Node icon in the upper-right corner.
Scroll down to the Kubernetes Labels section and click Add Label.
In the Key field, enter
zone
.In the Value field, enter
example-zone
.Click Save.
Add a scheduler node selector annotation as part of the namespace definition:
apiVersion: v1 kind: Namespace metadata: annotations: scheduler.alpha.kubernetes.io/node-selector: zone=example-zone name: ops-nodes