- Release Notes and Announcements
- Beginner’s Guide
- Product Introduction
- Purchase Guide
- Quick Start
- User Guide
- High-risk Operations of Container Service
- Deploying Containerized Applications in the Cloud
- Kubernetes API Operation Guide
- Open Source Components
- Cluster Management
- Cluster Overview
- Cluster Hosting Modes Introduction
- Cluster Lifecycle
- TKE-Optimized Series Images
- Creating a Cluster
- Deleting a Cluster
- Cluster Scaling
- Changing the Cluster Operating System
- Connecting to a Cluster
- Upgrading a Cluster
- Enabling IPVS for a Cluster
- Enabling GPU Scheduling for a Cluster
- CVM Container Cluster Network
- Custom Kubernetes Component Launch Parameters
- Node Management
- Node Pool Management
- Kubernetes Object Management
- Overview
- Namespace
- Workload
- Deployment Management
- StatefulSet Management
- DaemonSet Management
- Job Management
- CronJob Management
- Setting the Resource Limit of Workload
- Setting the Scheduling Rule for a Workload
- Setting the Health Check for a Workload
- Setting the Run Command and Parameter for a Workload
- Using a Container Image in a TCR Enterprise Instance to Create a Workload
- Auto Scaling
- Configuration
- Virtual Node Management
- Service Management
- GPU Share
- Ingress Management
- Storage Management
- Add-On Management
- Helm Application
- Network Management
- Container Network Overview
- GlobalRouter Mode
- VPC-CNI Mode
- VPC-CNI Mode
- Multiple Pods with Shared ENI Mode
- Pods with Exclusive ENI Mode
- Static IP Address Mode Instructions
- Non-static IP Address Mode Instructions
- Interconnection Between VPC-CNI and Other Cloud Resources/IDC Resources
- Security Group of VPC-CNI Mode
- Instructions on Binding an EIP to a Pod
- VPC-CNI Component
- Limits on the Number of Pods in VPC-CNI Mode
- Application Market
- OPS Center
- Cloud Native Monitoring
- Remote Terminals
- Elastic Cluster Guide
- Edge Cluster Guide
- Kubecost Guide
- Best Practices
- Cluster
- Cluster Migration
- EKS Cluster
- Security
- Service Deployment
- Hybrid Cloud
- Network
- Using Network Policy for Network Access Control
- Deploying NGINX Ingress on TKE
- Using NodeLocal DNS Cache in a TKE Cluster
- Nginx Ingress High-Concurrency Practices
- Nginx Ingress Best Practices
- Limiting the bandwidth on pods in TKE
- Directly connecting TKE to the CLB of pods based on the ENI
- Use CLB-Pod Direct Connection on TKE
- Obtaining the Real Client Source IP in TKE
- Implementing Custom Domain Name Resolution in TKE
- Using Traefik Ingress in TKE
- Release
- Logs
- Monitoring
- OPS
- Removing and Re-adding Nodes from and to Cluster
- Using Ansible to Batch Operate TKE Nodes
- Using Cluster Audit for Troubleshooting
- Using cert-manager to Issue Free Certificates
- Using cert-manager to Issue Free Certificate for DNSPod Domain Name
- Using the TKE NPDPlus Plug-In to Enhance the Self-Healing Capability of Nodes
- Using kubecm to Manage Multiple Clusters kubeconfig
- Customizing RBAC Authorization in TKE
- DevOps
- Auto Scaling
- Cluster Auto Scaling Practices
- Using tke-autoscaling-placeholder to Implement Auto Scaling in Seconds
- Installing metrics-server on TKE
- Using Custom Metrics for Auto Scaling in TKE
- Utilizing HPA to Auto Scale Businesses on TKE
- Using VPA to Realize Pod Scaling up and Scaling down in TKE
- Adjusting HPA Scaling Sensitivity Based on Different Business Scenarios
- Storage
- Containerization
- Cost Management
- Permission Management
- Overview
- Description of Role Permissions Related to Service Authorization
- TKE Image Registry Resource-level Permission Settings
- Controlling TKE cluster-level permissions
- TKE Kubernetes Object-level Permission Control
- Fault Handling
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Cluster APIs
- DescribeClusterKubeconfig
- DescribeClusters
- CreateCluster
- DescribeClusterSecurity
- DeleteCluster
- ModifyClusterEndpointSP
- DescribeClusterEndpointVipStatus
- DescribeClusterEndpointStatus
- DeleteClusterEndpointVip
- DeleteClusterEndpoint
- CreateClusterEndpointVip
- CreateClusterEndpoint
- ModifyClusterAttribute
- AcquireClusterAdminRole
- UpgradeClusterInstances
- UpdateClusterVersion
- GetUpgradeInstanceProgress
- DescribeAvailableClusterVersion
- DescribeClusterCommonNames
- ModifyClusterAuthenticationOptions
- DescribeClusterAuthenticationOptions
- EnableClusterDeletionProtection
- DisableClusterDeletionProtection
- Node APIs
- Network APIs
- Scaling group APIs
- Cloud Native Monitoring APIs
- Node Pool APIs
- DescribeClusterAsGroupOption
- RemoveNodeFromNodePool
- ModifyClusterNodePool
- DescribeClusterNodePools
- DescribeClusterNodePoolDetail
- DeleteClusterNodePool
- CreateClusterNodePoolFromExistingAsg
- CreateClusterNodePool
- AddNodeToNodePool
- ModifyClusterAsGroupOptionAttribute
- SetNodePoolNodeProtection
- ModifyNodePoolInstanceTypes
- Other APIs
- Data Types
- Error Codes
- API Mapping Guide
- FAQs
- Service Agreement
- Glossary
- User Guide(Old)
- Release Notes and Announcements
- Beginner’s Guide
- Product Introduction
- Purchase Guide
- Quick Start
- User Guide
- High-risk Operations of Container Service
- Deploying Containerized Applications in the Cloud
- Kubernetes API Operation Guide
- Open Source Components
- Cluster Management
- Cluster Overview
- Cluster Hosting Modes Introduction
- Cluster Lifecycle
- TKE-Optimized Series Images
- Creating a Cluster
- Deleting a Cluster
- Cluster Scaling
- Changing the Cluster Operating System
- Connecting to a Cluster
- Upgrading a Cluster
- Enabling IPVS for a Cluster
- Enabling GPU Scheduling for a Cluster
- CVM Container Cluster Network
- Custom Kubernetes Component Launch Parameters
- Node Management
- Node Pool Management
- Kubernetes Object Management
- Overview
- Namespace
- Workload
- Deployment Management
- StatefulSet Management
- DaemonSet Management
- Job Management
- CronJob Management
- Setting the Resource Limit of Workload
- Setting the Scheduling Rule for a Workload
- Setting the Health Check for a Workload
- Setting the Run Command and Parameter for a Workload
- Using a Container Image in a TCR Enterprise Instance to Create a Workload
- Auto Scaling
- Configuration
- Virtual Node Management
- Service Management
- GPU Share
- Ingress Management
- Storage Management
- Add-On Management
- Helm Application
- Network Management
- Container Network Overview
- GlobalRouter Mode
- VPC-CNI Mode
- VPC-CNI Mode
- Multiple Pods with Shared ENI Mode
- Pods with Exclusive ENI Mode
- Static IP Address Mode Instructions
- Non-static IP Address Mode Instructions
- Interconnection Between VPC-CNI and Other Cloud Resources/IDC Resources
- Security Group of VPC-CNI Mode
- Instructions on Binding an EIP to a Pod
- VPC-CNI Component
- Limits on the Number of Pods in VPC-CNI Mode
- Application Market
- OPS Center
- Cloud Native Monitoring
- Remote Terminals
- Elastic Cluster Guide
- Edge Cluster Guide
- Kubecost Guide
- Best Practices
- Cluster
- Cluster Migration
- EKS Cluster
- Security
- Service Deployment
- Hybrid Cloud
- Network
- Using Network Policy for Network Access Control
- Deploying NGINX Ingress on TKE
- Using NodeLocal DNS Cache in a TKE Cluster
- Nginx Ingress High-Concurrency Practices
- Nginx Ingress Best Practices
- Limiting the bandwidth on pods in TKE
- Directly connecting TKE to the CLB of pods based on the ENI
- Use CLB-Pod Direct Connection on TKE
- Obtaining the Real Client Source IP in TKE
- Implementing Custom Domain Name Resolution in TKE
- Using Traefik Ingress in TKE
- Release
- Logs
- Monitoring
- OPS
- Removing and Re-adding Nodes from and to Cluster
- Using Ansible to Batch Operate TKE Nodes
- Using Cluster Audit for Troubleshooting
- Using cert-manager to Issue Free Certificates
- Using cert-manager to Issue Free Certificate for DNSPod Domain Name
- Using the TKE NPDPlus Plug-In to Enhance the Self-Healing Capability of Nodes
- Using kubecm to Manage Multiple Clusters kubeconfig
- Customizing RBAC Authorization in TKE
- DevOps
- Auto Scaling
- Cluster Auto Scaling Practices
- Using tke-autoscaling-placeholder to Implement Auto Scaling in Seconds
- Installing metrics-server on TKE
- Using Custom Metrics for Auto Scaling in TKE
- Utilizing HPA to Auto Scale Businesses on TKE
- Using VPA to Realize Pod Scaling up and Scaling down in TKE
- Adjusting HPA Scaling Sensitivity Based on Different Business Scenarios
- Storage
- Containerization
- Cost Management
- Permission Management
- Overview
- Description of Role Permissions Related to Service Authorization
- TKE Image Registry Resource-level Permission Settings
- Controlling TKE cluster-level permissions
- TKE Kubernetes Object-level Permission Control
- Fault Handling
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Cluster APIs
- DescribeClusterKubeconfig
- DescribeClusters
- CreateCluster
- DescribeClusterSecurity
- DeleteCluster
- ModifyClusterEndpointSP
- DescribeClusterEndpointVipStatus
- DescribeClusterEndpointStatus
- DeleteClusterEndpointVip
- DeleteClusterEndpoint
- CreateClusterEndpointVip
- CreateClusterEndpoint
- ModifyClusterAttribute
- AcquireClusterAdminRole
- UpgradeClusterInstances
- UpdateClusterVersion
- GetUpgradeInstanceProgress
- DescribeAvailableClusterVersion
- DescribeClusterCommonNames
- ModifyClusterAuthenticationOptions
- DescribeClusterAuthenticationOptions
- EnableClusterDeletionProtection
- DisableClusterDeletionProtection
- Node APIs
- Network APIs
- Scaling group APIs
- Cloud Native Monitoring APIs
- Node Pool APIs
- DescribeClusterAsGroupOption
- RemoveNodeFromNodePool
- ModifyClusterNodePool
- DescribeClusterNodePools
- DescribeClusterNodePoolDetail
- DeleteClusterNodePool
- CreateClusterNodePoolFromExistingAsg
- CreateClusterNodePool
- AddNodeToNodePool
- ModifyClusterAsGroupOptionAttribute
- SetNodePoolNodeProtection
- ModifyNodePoolInstanceTypes
- Other APIs
- Data Types
- Error Codes
- API Mapping Guide
- FAQs
- Service Agreement
- Glossary
- User Guide(Old)
Billing
Pods scheduled to the virtual node adopt the pay-as-you-go and spot billing modes. For details, please see Billing Overview, Product Pricing, and Purchase Limits.
Kubernetes Version
Only the Kubernetes clusters of v1.16 and later versions are supported.
Default Quota
By default, up to 100 Pods can be scheduled to the virtual node for each cluster. If the number of required Pods exceeds the quota limit, you can submit a ticket to apply for a higher quota. Tencent Cloud will assess your actual needs and increase your quota as appropriate.
Applying for a higher quota
- Submit a ticket. On the Submit a ticket page, select the product name and issue type (Others), and then complete the ticket information.
- In the Problem description field, enter a description such as "I want to apply for a higher quota for the Pod of cluster virtual node." Then, enter the region where your cluster is located and your desired quota. Finally, enter your mobile number and other information as instructed.
- Click to contact customer service.
Pod Configurations
Pod specification configuration
Pod specification configuration is the basis for billing the available resources and services when the container is running. For the resource specification configuration of virtual node Pod and how to specify the resource specification, please see Resource Specifications and Specifying Resource Specifications.
Pod temporary storage
When each Pod scheduled to the virtual node is created, a temporary image storage of no more than 20 GiB will be allocated.
Note:
- Temporary image storage will be deleted when the Pod lifecycle ends. Therefore, please do not store important data in it.
- The actual available storage will be less than 20 GiB due to the stored images.
- It is recommended to mount important data and large files to Volume for persistent storage.
Pod network
The Pods scheduled to virtual node are on the same VPC network plane as the Tencent Cloud services such as CVM and TencentDB. Each Pod will use an IP address of the VPC subnet.
Pod and Pod, Pod and other Tencent Cloud services in the same VPC can communicate directly without any performance losses.
Pod isolation
The Pod scheduled to the virtual node has the same security isolation as the CVM. Pods are scheduled and created on the underlying physical server of Tencent Cloud, and the resource isolation between Pods is guaranteed by virtualization technology during the creation.
Other special configurations
You can define template annotation in a YAML file to implement capabilities such as binding security groups, allocating resources and allocating EIP for Pods scheduled to the virtual node. For more information about the configuration method, please see the following table:
Note:
- If no security group is specified, the Pod will be bound to the specified security group of the node pool by default. Please ensure that the network policy of the security group does not affect the normal operation of the Pod. For example, you need to open port 80 if the Pods provide service via port 80.
- To allocate CPU resources, you must specify both
cpuandmemannotations and make sure that their values meet the CPU specifications in Resource Specifications. In addition, you can select Intel or AMD CPUs to allocate by specifyingcpu-type. AMD CPUs are more cost-effective. For more information, see Product Pricing.
| Annotation Key | Annotation Value and Description | Required |
|---|---|---|
| eks.tke.cloud.tencent.com/security-group-id | Default security group bound with a workload. Specify the security group ID.
,). For example, sg-id1,sg-id2. |
No. If you do not specify it, the workload is bound to the specified security group of the node pool by default. If you specify it, ensure that the security group ID already exists in the region to which the workload belongs. |
| eks.tke.cloud.tencent.com/cpu | Number of CPU cores required by a Pod. For more information, see Resource Specifications. The unit is core by default. | No. If you specify it, ensure that the specifications are supported and specify the cpu and mem parameters. |
| eks.tke.cloud.tencent.com/mem | Memory required by a Pod. For more information, see Resource Specifications. The unit must be included in the value, for example, 512 MiB, 0.5 GiB, or 1 GiB. | No. If you specify it, ensure that the specifications are supported and specify the cpu and mem parameters. |
| eks.tke.cloud.tencent.com/cpu-type | Model of the GPU resources required by a Pod. Currently, supported models include:
|
No. If you do not specify it, the CPU type is not forcibly specified by default. The system will match the most suitable specifications according to Specifying Resource Specifications. If the matched specifications are supported by both Intel and AMD, Intel CPUs are preferred. |
| eks.tke.cloud.tencent.com/gpu-type | Model of the GPU resources required by a Pod. Currently, the supported models include:
|
If GPUs are required, this option is required. When specifying it, ensure that the GPU model is supported. Otherwise, an error will be reported. |
| eks.tke.cloud.tencent.com/retain-ip | The static IP of a Pod. Enter the value "true" to enable this feature. If a Pod with the static IP enabled is terminated, its IP will be retained 24 hours by default. If the Pod is rebuilt within 24 hours after termination, its IP can still be used. Otherwise, its IP may be occupied by other Pod.Only valid for statefulset and rawpod. |
No |
| eks.tke.cloud.tencent.com/retain-ip-hours | Modifies the default retention duration of the Pod’s static IP. Enter a number. Unit: hour. Default value: 24 hours. The IP can be retained up to one year.Only valid for statefulset and rawpod. | No |
| eks.tke.cloud.tencent.com/eip-attributes | Indicates that the Pod of the Workload needs to be associated with EIP. When the value is "", it indicates that the default EIP configuration is used. You can enter the API parameter json of the EIP in "" to realize custom configuration. For example, if the value of annotation is '{"InternetMaxBandwidthOut":2}', it means the bandwidth is 2M. | No |
| eks.tke.cloud.tencent.com/eip-claim-delete-policy | After the Pod is deleted, whether the EIP is automatically reclaimed (It is reclaimed by default). “Never” means the EIP is not reclaimed. | No |
| eks.tke.cloud.tencent.com/eip-injection | When the value is "true", it indicates that the IP information of EIP will be exposed in the Pod. Run the `ip addr` command in the Pod to view the EIP address. | No |
For samples, please see Annotation.
Pod limits
Workload limits
The Pods for workloads of the DaemonSet type will not be scheduled to the virtual node.
Service limits
If the cluster service using GlobalRouter Mode has enabled externaltrafficpolicy = local, the traffic will not be forwarded to the Pod scheduled to the virtual node.
Volume limits
The Pods that mount volumes of hostpath type will not be scheduled to the virtual node.
Other limits
- The virtual node feature is not available for the cluster without any server nodes.
- The Pods that have enabled the Static IP Address cannot be scheduled to the virtual node.
- The Pods that have specified the hostPort will not be scheduled to the virtual node.
- The Pods that have specified the hostIP will use the Pod IP as the value of hostIP by default.
- If the anti-affinity feature is enabled, only one of the Pods with the same workload will be created on the virtual node.
- If the container logs are stored in the specified node file, and log collection is performed through the node file, the Pod logs on the virtual node cannot be collected.
Yes
No
Was this page helpful?