Config - Taints and Tolerations Flashcards
What are Taints and Tolerations used for?
- used for creating restrictions, what pods can be deployed on what nodes
When can Taints and Tolerations come in to use?
- when we have nodes with certain resources meant for applications with certain needs
What kind of tolerations are default for pods?
no tolerations
What kind of tolerations exist?
- intolerant
- tolerant
If we apply a taint Blue to a node, what does that mean for pods to be scheduled?
- by default pods have no tolerations, therefore they cannot use the tainted node
- only pods with a toleration to blue, would be able to be scheduled there
Where are Taints / Tolerations set?
Taints = nodes
Tolerations = pods
How do we taint a node?
kubectl taint nodes node-name key=value:taint-effect
i.e.
kubectl taint nodes control-plane app=blue:NoSchedule
-> applies a blue taint
taint-effect = what happens to pods, that DO NO Tolerate this taint
What does the taint-effect do?
Specifies what happens to pods, that don’t tolerate the taint
What taint-effects exist?
- NoSchedule -> pods will not be scheduled on node
- PreferNoSchedule -> system will try to avoid placing pod on node, but not guaranteed
- NoExecute -> pods not scheduled and existing pods on the node will be evicted if they do not tolerate the taint
How do we apply Tolerations to a pod? I.e for a tainted node with:
‘kubectl taint nodes control-plane app=blue:NoSchedule’
pod-yaml:
apiVersion: v1
kind: Pod
metadata:
name:
spec:
containers:
- name:
image:
tolerations:
- key: app
operator: Equal
value: blue
effect: NoSchedule
Is a tolerant pod able to be scheduled on other nodes as well?
Yes. It can be scheduled on nodes, where it is Tolerant of the taint as well as nodes without Taint
How can you find out if a node is tainted or not?
kubectl describe node node-name | grep Taint
