- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Quick Start
- User Guide
- High-risk Operations of Container Service
- Deploying Containerized Applications in the Cloud
- Kubernetes API Operation Guide
- Open Source Components
- Cluster Management
- Cluster Overview
- Cluster Hosting Modes Introduction
- Cluster Lifecycle
- TKE-Optimized Series Images
- Creating a Cluster
- Deleting a Cluster
- Cluster Scaling
- Connecting to a Cluster
- Upgrading a Cluster
- Enabling IPVS for a Cluster
- Enabling GPU Scheduling for a Cluster
- CVM Container Cluster Network
- Custom Kubernetes Component Launch Parameters
- Node Management
- Node Pool Management
- Kubernetes Object Management
- Overview
- Namespace
- Workload
- Deployment Management
- StatefulSet Management
- DaemonSet Management
- Job Management
- CronJob Management
- Setting the Resource Limit of Workload
- Setting the Scheduling Rule for a Workload
- Setting the Health Check for a Workload
- Setting the Run Command and Parameter for a Workload
- Using a Container Image in a TCR Enterprise Instance to Create a Workload
- Auto Scaling
- Configuration
- Virtual Node Management
- Service Management
- Ingress Management
- Storage Management
- Add-On Management
- Helm Application
- Network Management
- Application Market
- OPS Center
- Remote Terminals
- Elastic Cluster Guide
- Edge Cluster Guide
- Best Practices
- Cluster
- Cluster Migration
- EKS Cluster
- Security
- Service Deployment
- Network
- Using Network Policy for Network Access Control
- Deploying NGINX Ingress on TKE
- Using NodeLocal DNS Cache in a TKE Cluster
- Nginx Ingress High-Concurrency Practices
- Limiting the bandwidth on pods in TKE
- Directly connecting TKE to the CLB of pods based on the ENI
- Use CLB-Pod Direct Connection on TKE
- Obtaining the Real Client Source IP in TKE
- Implementing Custom Domain Name Resolution in TKE
- Using Traefik Ingress in TKE
- Release
- Logs
- Monitoring
- OPS
- Removing and Re-adding Nodes from and to Cluster
- Using Ansible to Batch Operate TKE Nodes
- Using Cluster Audit for Troubleshooting
- Using cert-manager to Issue Free Certificates
- Using the TKE NPDPlus Plug-In to Enhance the Self-Healing Capability of Nodes
- Using kubecm to Manage Multiple Clusters kubeconfig
- Customizing RBAC Authorization in TKE
- DevOps
- Auto Scaling
- Cluster Auto Scaling Practices
- Using tke-autoscaling-placeholder to Implement Auto Scaling in Seconds
- Installing metrics-server on TKE
- Using Custom Metrics for Auto Scaling in TKE
- Utilizing HPA to Auto Scale Businesses on TKE
- Using VPA to Realize Pod Scaling up and Scaling down in TKE
- Adjusting HPA Scaling Sensitivity Based on Different Business Scenarios
- Storage
- Containerization
- Cost Management
- Permission Management
- Overview
- Description of Role Permissions Related to Service Authorization
- TKE Image Registry Resource-level Permission Settings
- Controlling TKE cluster-level permissions
- TKE Kubernetes Object-level Permission Control
- Fault Handling
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Cluster APIs
- DescribeClusterKubeconfig
- DescribeClusters
- CreateCluster
- DescribeClusterSecurity
- DeleteCluster
- ModifyClusterEndpointSP
- DescribeClusterEndpointVipStatus
- DescribeClusterEndpointStatus
- DeleteClusterEndpointVip
- DeleteClusterEndpoint
- CreateClusterEndpointVip
- CreateClusterEndpoint
- ModifyClusterAttribute
- AcquireClusterAdminRole
- UpgradeClusterInstances
- UpdateClusterVersion
- GetUpgradeInstanceProgress
- DescribeAvailableClusterVersion
- DescribeClusterCommonNames
- Node APIs
- Network APIs
- Scaling group APIs
- Cloud Native Monitoring APIs
- Node Pool APIs
- DescribeClusterAsGroupOption
- RemoveNodeFromNodePool
- ModifyClusterNodePool
- DescribeClusterNodePools
- DescribeClusterNodePoolDetail
- DeleteClusterNodePool
- CreateClusterNodePoolFromExistingAsg
- CreateClusterNodePool
- AddNodeToNodePool
- ModifyClusterAsGroupOptionAttribute
- SetNodePoolNodeProtection
- ModifyNodePoolInstanceTypes
- Other APIs
- Data Types
- Error Codes
- API Mapping Guide
- FAQs
- User Guide(Old)
- Service Level Agreement
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Quick Start
- User Guide
- High-risk Operations of Container Service
- Deploying Containerized Applications in the Cloud
- Kubernetes API Operation Guide
- Open Source Components
- Cluster Management
- Cluster Overview
- Cluster Hosting Modes Introduction
- Cluster Lifecycle
- TKE-Optimized Series Images
- Creating a Cluster
- Deleting a Cluster
- Cluster Scaling
- Connecting to a Cluster
- Upgrading a Cluster
- Enabling IPVS for a Cluster
- Enabling GPU Scheduling for a Cluster
- CVM Container Cluster Network
- Custom Kubernetes Component Launch Parameters
- Node Management
- Node Pool Management
- Kubernetes Object Management
- Overview
- Namespace
- Workload
- Deployment Management
- StatefulSet Management
- DaemonSet Management
- Job Management
- CronJob Management
- Setting the Resource Limit of Workload
- Setting the Scheduling Rule for a Workload
- Setting the Health Check for a Workload
- Setting the Run Command and Parameter for a Workload
- Using a Container Image in a TCR Enterprise Instance to Create a Workload
- Auto Scaling
- Configuration
- Virtual Node Management
- Service Management
- Ingress Management
- Storage Management
- Add-On Management
- Helm Application
- Network Management
- Application Market
- OPS Center
- Remote Terminals
- Elastic Cluster Guide
- Edge Cluster Guide
- Best Practices
- Cluster
- Cluster Migration
- EKS Cluster
- Security
- Service Deployment
- Network
- Using Network Policy for Network Access Control
- Deploying NGINX Ingress on TKE
- Using NodeLocal DNS Cache in a TKE Cluster
- Nginx Ingress High-Concurrency Practices
- Limiting the bandwidth on pods in TKE
- Directly connecting TKE to the CLB of pods based on the ENI
- Use CLB-Pod Direct Connection on TKE
- Obtaining the Real Client Source IP in TKE
- Implementing Custom Domain Name Resolution in TKE
- Using Traefik Ingress in TKE
- Release
- Logs
- Monitoring
- OPS
- Removing and Re-adding Nodes from and to Cluster
- Using Ansible to Batch Operate TKE Nodes
- Using Cluster Audit for Troubleshooting
- Using cert-manager to Issue Free Certificates
- Using the TKE NPDPlus Plug-In to Enhance the Self-Healing Capability of Nodes
- Using kubecm to Manage Multiple Clusters kubeconfig
- Customizing RBAC Authorization in TKE
- DevOps
- Auto Scaling
- Cluster Auto Scaling Practices
- Using tke-autoscaling-placeholder to Implement Auto Scaling in Seconds
- Installing metrics-server on TKE
- Using Custom Metrics for Auto Scaling in TKE
- Utilizing HPA to Auto Scale Businesses on TKE
- Using VPA to Realize Pod Scaling up and Scaling down in TKE
- Adjusting HPA Scaling Sensitivity Based on Different Business Scenarios
- Storage
- Containerization
- Cost Management
- Permission Management
- Overview
- Description of Role Permissions Related to Service Authorization
- TKE Image Registry Resource-level Permission Settings
- Controlling TKE cluster-level permissions
- TKE Kubernetes Object-level Permission Control
- Fault Handling
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Cluster APIs
- DescribeClusterKubeconfig
- DescribeClusters
- CreateCluster
- DescribeClusterSecurity
- DeleteCluster
- ModifyClusterEndpointSP
- DescribeClusterEndpointVipStatus
- DescribeClusterEndpointStatus
- DeleteClusterEndpointVip
- DeleteClusterEndpoint
- CreateClusterEndpointVip
- CreateClusterEndpoint
- ModifyClusterAttribute
- AcquireClusterAdminRole
- UpgradeClusterInstances
- UpdateClusterVersion
- GetUpgradeInstanceProgress
- DescribeAvailableClusterVersion
- DescribeClusterCommonNames
- Node APIs
- Network APIs
- Scaling group APIs
- Cloud Native Monitoring APIs
- Node Pool APIs
- DescribeClusterAsGroupOption
- RemoveNodeFromNodePool
- ModifyClusterNodePool
- DescribeClusterNodePools
- DescribeClusterNodePoolDetail
- DeleteClusterNodePool
- CreateClusterNodePoolFromExistingAsg
- CreateClusterNodePool
- AddNodeToNodePool
- ModifyClusterAsGroupOptionAttribute
- SetNodePoolNodeProtection
- ModifyNodePoolInstanceTypes
- Other APIs
- Data Types
- Error Codes
- API Mapping Guide
- FAQs
- User Guide(Old)
- Service Level Agreement
- Glossary
Billing Mode
Pods scheduled to the virtual node adopt the pay-as-you-go billing mode. For details, please see Elastic Clusters Billing Overview, Elastic Clusters Product Pricing, and Elastic Clusters Purchase Limits.
Pod Specification Configuration
Pod specification configuration is the basis for billing the available resources and services when the container is running. For the specification configuration of virtual node Pod and how to specify the resource specification, please see Resource Specifications and Specifying Resource Specifications.
Kubernetes Version
Only the Kubernetes clusters of v1.16 and later versions are supported.
Default Quota
By default, up to 100 Pods can be scheduled to the virtual node for each cluster. If the number of required Pods exceeds the quota limit, you can submit a ticket to apply for a higher quota. Tencent Cloud will assess your actual needs and increase your quota as appropriate.
Applying for a higher quota
- Please Submit a ticket. On the Submit a ticket page, select the product name and issue type (Others), and then complete the ticket information.
- In the Problem description field, enter a description such as "I want to apply for a higher quota for the Pod of cluster virtual node." Then, enter the region where your cluster is located and your desired quota. Finally, enter your mobile number and other information as instructed.
- After providing all the necessary information, click Submit Ticket to submit the ticket.
Pod Description
Pod temporary storage
When each Pod scheduled to the virtual node is created, a temporary image storage of no more than 20 GiB will be allocated.
Note:
- Temporary image storage will be deleted when the Pod lifecycle ends. Therefore, please do not store important data in it.
- The actual available storage will be less than 20 GiB due to the stored images.
- It is recommended to mount important data and large files to Volume for persistent storage.
Pod network
The Pods scheduled to virtual node are on the same VPC network plane as the Tencent Cloud services such as CVM and TencentDB. Each Pod will use an IP address of the VPC subnet.
Pod and Pod, Pod and other Tencent Cloud services in the same VPC can communicate directly without any performance losses.
Pod isolation
The Pod scheduled to the virtual node has the same security isolation as the CVM. Pods are scheduled and created on the underlying physical server of Tencent Cloud, and the resource isolation between Pods is guaranteed by virtualization technology during the creation.
Virtual Node Annotation Description
EKS supports the virtual nodes. You can specify annotations in a YAML file to implement capabilities such as custom DNS, as shown below:
| Annotation Key | Annotation Value and Description | Required |
|---|---|---|
| eks.tke.cloud.tencent.com/resolv-conf | Queries the list of IP addresses for the DNS server while resolving the domain name, for example nameserver 8.8.8.8.
You can use kubectl edit node eklet-subnet-xxxx to add this annotation.
After the modification, the Pods scheduled to this virtual node will adopt this DNS configuration by default. |
No |
Example
The example of a custom DNS configuration for a virtual node is as follows:
apiVersion: v1
kind: Node
metadata:
annotations:
eks.tke.cloud.tencent.com/resolv-conf:|
nameserver 4.4.4.4
nameserver 8.8.8.8
Notes on Scheduling
Special configuration
You can define template annotation in a YAML file to implement capabilities such as binding security groups and allocating resources for Pods scheduled to the virtual node. For more information about the configuration method, please see the following table.
Note:
- If no security group is specified, the Pod will be bound to the specified security group of the node pool by default. Please ensure that the network policy of the security group does not affect the normal operation of the Pod. For example, you need to open port 80 if the Pods provide service via port 80.
- To allocate CPU resources, you must specify both
cpuandmemannotations and make sure that their values meet the CPU specifications in Resource Specifications. In addition, you can select Intel or AMD CPUs to allocate by specifyingcpu-type. AMD CPUs are more cost-effective. For more information, see Product Pricing.
| Annotation Key | Annotation Value and Description | Required |
|---|---|---|
| eks.tke.cloud.tencent.com/security-group-id | Default security group bound with a workload. Specify the security group ID.
,). For example, sg-id1,sg-id2. |
No. If you do not specify it, the workload is bound to the specified security group of the node pool by default. If you specify it, ensure that the security group ID already exists in the region to which the workload belongs. |
| eks.tke.cloud.tencent.com/cpu | Number of CPU cores required by a Pod. For more information, see Resource Specifications. The unit is core by default. | No. If you specify it, ensure that the specifications are supported and specify the cpu and mem parameters. |
| eks.tke.cloud.tencent.com/mem | Memory required by a Pod. For more information, see Resource Specifications. The unit must be included in the value, for example, 512 MiB, 0.5 GiB, or 1 GiB. | No. If you specify it, ensure that the specifications are supported and specify the cpu and mem parameters. |
| eks.tke.cloud.tencent.com/cpu-type | Model of the GPU resources required by a Pod. Currently, supported models include:
|
No. If you do not specify it, the CPU type is not forcibly specified by default. The system will match the most suitable specifications according to Specifying Resource Specifications. If the matched specifications are supported by both Intel and AMD, Intel CPUs are preferred. |
| eks.tke.cloud.tencent.com/gpu-type | Model of the GPU resources required by a Pod. Currently, the supported models include:
|
If GPUs are required, this option is required. When specifying it, ensure that the GPU model is supported. Otherwise, an error will be reported. |
| eks.tke.cloud.tencent.com/retain-ip | The static IP of a Pod. Enter the value "true" to enable this feature. If a Pod with the static IP enabled is terminated, its IP will be retained 24 hours by default. If the Pod is rebuilt within 24 hours after termination, its IP can still be used. Otherwise, its IP may be occupied by other Pod. |
No |
| eks.tke.cloud.tencent.com/retain-ip-hours | Modifies the default retention duration of the Pod’s static IP. Enter a number. Unit: hour. Default value: 24 hours. The IP can be retained up to one year. | No |
For samples, please see Annotation.
Workload limits
The Pods for workloads of the DaemonSet type will not be scheduled to the virtual node.
Service limits
If the cluster service using GlobalRouter Mode has enabled externaltrafficpolicy = local, the traffic will not be forwarded to the Pod scheduled to the virtual node.
Volume limits
The Pods that mount volumes of hostpath type will not be scheduled to the virtual node.
Notes
- The virtual node feature is not available for the cluster without any server nodes.
- The Pods that occupy the CPU resource cannot be scheduled to the virtual node.
- The Pods that have enabled the Static IP Address cannot be scheduled to the virtual node.
- The Pods that have specified the hostPort will not be scheduled to the virtual node.
- The Pods that have specified the hostIP will use the Pod IP as the value of hostIP by default.
- If the anti-affinity feature is enabled, only one of the Pods with the same workload will be created on the virtual node.
- If the container logs are stored in the specified node file, and log collection is performed through the node file, the Pod logs on the virtual node cannot be collected.
The Relationship Between Virtual Node and Cluster Auto Scaling
If Cluster Scaling and virtual node are enabled for the cluster at the same time, Pods will be scheduled to the virtual node, and the scaling out will not be triggered. If the Pod cannot be scheduled to the virtual node due to the above scheduling limits, the node scaling out will be triggered normally.
Yes
No
Was this page helpful?