Nodes Flashcards
What should be unique in a Node
Node name should be unique and we register with k8s with a unique node name. No 2 nodes can have the same node name
What are the two ways you can register nodes with k8s apiserver
Self registration and manual registration
What is required for a kubelet on a node to self register
kubeconfig to identify and authenticate to API server for registration. Flag –register-node set to true for automatically register the node.
What is the flag –node-ip used for
It provides a list of ip address (v4 or v6) to contact the node. You can only register a single ip for each family for example only 1 per IPV4 and 1 for IPV6.
What is the –node-labels used for
This will provide labels to assign to the node on registration.
how can you ensure a node is added with certain taints that will stop it from running certain pods
use the flag –register-with-taints for self registration
What is the best practice to change –node-labels for a node
It is always recommended to re-register the node to API server when changing node labels to avoid incorrect pod scheduling
How can you find how much resources a node has
kubectl describe node will provide the capacity and allocatable
Explain different conditions of the node
Ready - normal operating mode
Disk pressure - True if pressure on disk size meaning if the disk capacity goes low this will be set to True
Memory pressure - If node memory is low
PID pressure - if there are too many processes on the node
NetworkUnavaiable - If the network is not correctly configured
How to use a different hostname for kubelet than what is configured in the node operating system
–host-name-override option can be used with kubelet.
How long does the API server wait for before marking the node as unschedulable
node-monitor-grace-period which is 40 seconds by default
What happens when a node is not reachable by the api server.
API server marks the node with taints based on the type of condition
Node is not reachable - Mark with taint node.kubernetes.io/unreachable for Unknown Status
Kubelet not responding - Mark node.kubernetes.io/not-ready taint
What tain will cause the pods from a node to be evicted
NoExecute taint which is set will evict the pods that were running on the node
Why daemonsets are not evicted when you cordon a node
Scheduler decides to evict pods based on the taints attached to the node, daemonset controller when scheduling a pod adds a bunch of tolerations to the pod such as node.kubernetes.io/unreachable:NoExecute etc… these tolerations will allow the pod to run even though the nodes have been tainted
What is one of the field, the scheduler considers before scheduling a pod on a node
Scheduler looks for taints on the node to decide if the pod can be scheduled on the node.
