Last Updated on October 13, 2022 by sandeeppote

Taints are applied to Node’s and Tolerations are applied to Pod’s.

They restrict Pod’s to be allocated to Node’s

Check if any taints are already applied to node

kubectl describe controlplane | grep Taints

Apply taint to a node

//kubectl taint nodes <<node name>> <<key>>=<<value>>:<<effect>>
kubectl taint nodes controlplane app=webapp:NoSchedule

Taint types/effects:-

  • NoSchedule – The pod will not get scheduled to the node without a matching toleration.
  • PreferNoSchedule  – This is a softer version of NoSchedule where the controller will not try to schedule a pod with the tainted node. However, it is not a strict requirement
  • NoExecute – This will immediately evict all the pods without the matching toleration from the node

Add toleration to Pod-

// nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx-app
spec:
  containers:
  - name: nginx
    image: nginx
  tolerations:
  - key: color
    value: blue
    operator: Equal
    effect: NoSchedule

Tolerations Operators-

  • Equal – default value. Checks the value of key with the node taint key and value
  • Exists – checks if the key ecists in the node taint key

Create a new Pod

kubectl create -f nginx-pod.yaml

Check the POD created on which node-

kubectl get pods -o wide

Untaint the node (note “-” after NoSchedule)

kubectl taint nodes controlplane node-role.kubernetes.io/master: NoSchedule-

Reference- https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/

Loading