Skip to content

Deployment recommendations

Resource limits

Setting up proper resource requests and limits is required to ensure your cluster will remain stable.

  • https://kubernetes.io/docs/tasks/configure-pod-container/assign-memory-resource/
  • https://kubernetes.io/docs/tasks/configure-pod-container/assign-cpu-resource/
  • https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/

Pod anti-affinity

...
  template:
    metadata:
      labels:
        app: demo-app01
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - demo-app01
              topologyKey: kubernetes.io/hostname
      containers:
...

...
  template:
    metadata:
      labels:
        app: demo-app01
    spec:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - demo-app01
            topologyKey: kubernetes.io/hostname
      containers:
...

Difference between requiredDuringSchedulingIgnoredDuringExecution and preferredDuringSchedulingIgnoredDuringExecution is the first keyword, required means it will refuse to ever shedule on a node where another copy of the app is present while prefered would still allow it IF there is no suitable alternative. Depending on your desire for a HA app you may want to use required, however if you have 3 nodes that also mean you application can scale a MAX of 3 replicas - then it will no longer be able to scale horizontally. With the prefered setting it would still allow to place more replicas on one node but this could lead to impact of the app in the longrun due to multible copies ending up existing on only one node after a scaledown happens.

  • https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/

Non-root processes

Liveness & Readiness check

  • https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/