Kubernetes Taints And Tolerations
This section contains knowledge relating to Kubernetes taints and tolerations.
Taints and tolerations can be used to control the scheduling and placement of pods on nodes. For example, a specific workload, such as Prometheus, may require increased resources such as RAM compared to other workloads. You can use taints and tolerations to ensure that Prometheus pods are only scheduled on nodes that have sufficient resources; perhaps a node group dedicated to Prometheus with larger RAM allocations per host node.
Further details on taints and tolerations can be found in the Kubernetes documentation.
taints should be applied to host nodes. taints are applied to nodes using the
kubectl taint command, or can be applied during node creation on the cloud provider; see aws eks for more information.
Taints are defined using the following syntax:
kubectl taint nodes <node-name> <key>=<value>:<effect>
<node-name> is the name of the node to apply the taint to.
<key> is the name of the taint.
<value> is the value of the taint.
<effect> is the effect of the taint.
kubectl taint nodes node1 nodeRole=Prometheus:NoSchedule
Taints can have one of the following effects:
NoSchedule- Pods that do not tolerate the taint will not be scheduled on the node.
PreferNoSchedule- Kubernetes will try to avoid scheduling pods that do not tolerate the taint on the node.
NoExecute- Pods that do not tolerate the taint will be evicted from the node.
NoExecuteIfNewPodScheduled- Pods that do not tolerate the taint will be evicted from the node if a new pod is scheduled on the node.
Tolerations should be applied to pods. Tolerations are applied to pods using the
tolerations property in the pod definition.
Tolerations allow pods to “tolerate” specified taints. Thus a pod with a toleration for a taint will be scheduled on a node with that taint.
Tolerations are defined using the following syntax:
tolerations: - key: "key" operator: "Equal" value: "value" effect: "NoSchedule"
key is the name of the taint.
operator is the operator used to compare the key and value. Valid values are
value is the value of the taint.
effect is the effect of the taint.
apiVersion: v1 kind: Pod metadata: name: prometheus labels: app: prometheus spec: containers: - name: prometheus image: prom/prometheus ports: - containerPort: 9090 tolerations: - key: "nodeRole" operator: "Equal" value: "Prometheus" effect: "NoSchedule"