X
22Apr

Taints and Tolerations

Taints and tolerations are used to restrict the pods to schedule them onto respective nodes. There is nothing to do with security.

If no restrictions are applied K8s scheduler places the pods in all respective nodes equally to balance all the pods

Assume we have certain resources assigned for application in a particular node, and we have tainted that node with some key value pair. By default pods doesn’t have tolerations, which means unless until specify, none of the pods scheduled into that tainted node, so this solves half of our requirement, no unwanted pod is going to place in that node.

To allow a pod to place in tainted node, we should add tolerations to that pod. How to add tolerations to that pod.

Lets 1st taint a node

Kubectl taint nodes  

For example: kubectl taint nodes node1 app=blue:NoSchedule

Effects: NoSchedule, No execute, prefer no schedule

Tolerations to pod:

Under spec of pod definition file

    Tolerations:
    - Key: “app”
      Operator: “Equal”
      Value: “blue”
      Effect: “NoSchedule”

If pods are updated/created with new tolerations, either they are not scheduled on node or they evicted from the existed node depending on what effect is being set.

Taints and tolerations only meant to accept certain pods , it will define which pod has to go which node, for that we have node affinity concept which will be given in next blog

5

1st case – all pods has to place in 1st node because no tolerations applied to pods, and all pods will place in un-tainted node

2-case:

Pod A & B can place in 1st node or node 3 only, and c  & D will be placed in node 2 or node 1.

Have your thought why pods are not scheduled in master node. Here is the answer for that;

 

Execute: kubectl describe node kubemaster | grep Taint

You will find it that, master has got tainted by default while creating the cluster

Related

Quick Understanding on Stateful Sets in Kubernetes

Stateful sets are similar to deployments, they can scale up and scale down, they can perform rolling...

Read More >

How to do Installation of K8S using kubeadm?

Till now I have given blogs on k8s objects, services, namespaces, ingress etc. but where to execute ...

Read More >

HOW TO DO BACKUP AND RESTORE ENTIRE K8S CLUSTER?

If you have deployed different applications on k8s cluster using various objects like deployments, p...

Read More >

NODE AFFINITY

The k8s node affinity feature is to ensure pods are hosted on a particular node. As mentioned in pre...

Read More >

What is ingress and what are the components of it?

Ingress is a resource, which exposes the http and https from external sources to the services within...

Read More >

Kubernetes RBAC (Role Based Access Control)

The Kubernetes RBAC (role bases access control) system helps us in defining set of rules in controll...

Read More >

Namespaces in Kubernetes

A default namespace is created automatically when the cluster is being setup. To isolate or prevent ...

Read More >

Kubernetes basic Objects

In this article, we will learn about the basic objects of Kubernetes in detail with their respective...

Read More >

Difference Between K8S vs Azure Kubernetes Service (AKS)

Kubernetes aka K8s is container orchestration tool, which helps us to control our containers in the ...

Read More >

Share

Post a Comment

  • Recent
  • Popular
  • Tag
Tags
Monthly Archive
Subscribe
Name

Text/HTML
Text/HTML
Contact Us
  • *
  • *