Update the taints on one or more nodes in Kubernetes

What is meaning of taint?

a trace of a bad or undesirable substance or quality.

What is tainted?

spoiled; damaged in quality, taste, or value:

Follwing are workload which run in a cluster’s node….

  • DaemonSet
  • Deployment
  • Pod
  • ReplicaSet
  • ReplicationController
  • StatefulSet

When you submit a workload, The scheduler determines where to place the Pods associated with the workload. The scheduler is free to place a Pod on any node that satisfies the Pod’s CPU, memory, and custom resource requirements.

If your cluster runs a variety of workloads, you might want to exercise some control over which workloads can run on a particular pool of nodes.

A node taint lets you mark a node so that the scheduler avoids or prevents using it for certain Pods. A complementary feature, tolerations, lets you designate Pods that can be used on “tainted” nodes.

A taint consists of a key, value, and effect. As an argument here, it is expressed as key=value:effect.

The key must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 253 characters. The value is optional. If given, it must begin with a letter or number, and may contain letters, numbers, hyphens, dots, and underscores, up to 63 characters.

The effect must be NoSchedule, PreferNoSchedule or NoExecute. Currently taint can only apply to node. Here are the available effects:

  • NoSchedule: Pods that do not tolerate this taint are not scheduled on the node.
  • PreferNoSchedule: Kubernetes avoids scheduling Pods that do not tolerate this taint onto the node.
  • NoExecute: Pod is evicted from the node if it is already running on the node, and is not scheduled onto the node if it is not yet running on the node.

Adding / Inspecting / Removing a taint to an existing node using NoSchedule

Inspecting a node’s taints

Removing a taint from a node. Remove from node ‘node1’ the taint with key ‘dedicated’ and effect ‘NoSchedule’ if one exists.

Adding / Inspecting / Removing a taint to an existing node using PreferNoSchedule

Adding / Inspecting / Removing a taint to an existing node using NoExecute

Untaint the node and verify as below:

Untaint the setting on node2

By default, kubernetes cluster will not schedule pods on the master node for security reasons. But if we would like to be able to schedule pods on the master node, e.g: for a single-node kubernetes cluster for testing and development purposes, we can run following commands.

Rajesh Kumar
Total Page Visits: 366 - Today Page Visits: 0