一、k8s的node节点磁盘 /data已使用率超过 85% , 出现disk pressure ，驱逐pod现象

evicted ， the node had condition:[DiskPressure]

#修改/var/lib/kubelet/config.yaml
]# cat /var/lib/kubelet/config.yaml
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:anonymous:enabled: falsewebhook:cacheTTL: 0senabled: truex509:clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:mode: Webhookwebhook:cacheAuthorizedTTL: 0scacheUnauthorizedTTL: 0s
cgroupDriver: systemd
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
fileCheckFrequency: 0s
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
kind: KubeletConfiguration
logging:flushFrequency: 0options:json:infoBufferSize: "0"verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
rotateCertificates: true
runtimeRequestTimeout: 0s
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
volumeStatsAggPeriod: 0s#202506 添加：
evictionHard:imagefs.available: 1%memory.available: 100Minodefs.available: 1%nodefs.inodesFree: 1%#重启该node节点的 kubelet
systemctl restart kubelet
systemctl status kubelet

#参考文章：
https://blog.csdn.net/qq_59634082/article/details/136868417   《k8s资源不足时驱赶pod阈值调整》
https://stackoverflow.com/questions/54155534/kubernetes-eviction-manager-evicting-control-plane-pods-to-reclaim-ephemeral-sto/60068671#60068671  
https://devpress.csdn.net/k8s/62ffc7fac67703293080625f.html  《Kubernetes 驱逐管理器驱逐控制平面 pod 以回收临时存储》

END

二、删除ES索引和其数据。

k8s上部署3个ES节点 ， 版本elasticsearch:7.6.0 。 删除索引名称带202407的索引。kubectl exec -it  es-new-0 -n test bash
#查看索引名称
curl -s "http://192.168.1.100:9200/_cat/indices?h=index"  | grep -i "202407"
#删除索引 【三个ES节点的IP 都要执行】
curl -X DELETE "http://192.168.1.100:9200/api_xxx_202407*"
curl -X DELETE "http://192.168.1.101:9200/api_xxx_202407*"
curl -X DELETE "http://192.168.1.102:9200/api_xxx_202407*"###查看占用容量 ， 单位MB
curl "http://192.168.1.100:9200/_cat/allocation?v&bytes=gb"
curl "http://192.168.1.100:9200/_cat/indices/api_xxx_202407*?v&h=index,store.size,pri.store.size,status&bytes=mb&s=store.size:desc"

参考文章：
https://blog.csdn.net/weixin_44711737/article/details/125833601  《ES索引清理脚本-总结》 （清理脚本：ES有密码，索引按（周、日）时间命名的清理脚本）

END

三、nginx设置反向代理到mysql服务

#环境信息：
192.168.1.100 ，端口 33306，nginx反代
192.168.1.101 ，端口 3306 ，mysql服务#具体配置：
root@7zbkt:/etc/nginx# cat nginx.conf
user  nginx;
worker_processes 1;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;
events {worker_connections  1024;
}
stream {# mysql生产环境upstream mysqlprod {server 192.168.1.101:3306 weight=5 max_fails=3 fail_timeout=30s;}server {listen 33306; # 数据库服务器监听端口proxy_pass mysqlprod;proxy_timeout 30000s; # 设置客户端和代理服务之间的超时时间，如果5分钟内没有操作将自动断开proxy_connect_timeout 10s;}
}
http {include       /etc/nginx/mime.types;default_type  application/octet-stream;log_format  main  '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;sendfile        on;   # 开启高效文件传输模式tcp_nopush      on;   # 防止网络阻塞tcp_nodelay     on;   # 防止网络阻塞server_tokens   off;  # 屏蔽nginx版本号keepalive_timeout  120;  # 用于设置客户端连接保持活动的超时时间，在超过这个时间之后服务器会关闭该链接。client_header_buffer_size 16k;  # 用于指定来自客户端请求头headerbuffer大小large_client_header_buffers 4 128k;  # 用来指定客户端请求中较大的消息头的缓存最大数量和大小server_names_hash_bucket_size 128;  # 服务器名字的hash表大小proxy_headers_hash_max_size 51200;  # 设置头部哈希表的最大值proxy_headers_hash_bucket_size 6400;  # 设置头部哈希表大小client_body_buffer_size 256k;  # 缓冲区代理缓冲用户端请求的最大字节数# header安全配置add_header X-Frame-Options "SAMEORIGIN";add_header X-XSS-Protection "1; mode=block";add_header X-Content-Type-Options "nosniff";add_header Content-Security-Policy "frame-ancestors 'self'; object-src 'none'";add_header Strict-Transport-Security "max-age=31536000;includeSubDomains";send_timeout 3m;  # 服务器超时设置gzip  on;  # 开启gzip压缩输出gzip_vary on;gzip_proxied any;gzip_comp_level 6;gzip_buffers 4 16k;  # 表示申请4个单位为16k的内存作为压缩结果流缓存，默认值是申请与原始数据大小相同的内存空间来存储gzip压缩结果gzip_http_version 1.1;gzip_min_length 1k;  # 用于设置允许压缩的页面最小字节数gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;include /etc/nginx/conf.d/*.conf;
}

此时navicat通过访问192.168.1.100 ，端口 33306 ，就能访问内部192.168.1.101的mysql服务。