Skip to content

Latest commit

 

History

History
100 lines (77 loc) · 3.32 KB

K8s-Taint-Toleration.md

File metadata and controls

100 lines (77 loc) · 3.32 KB

LAB: K8s Taint Toleration

This scenario shows:

  • how to taint/untaint the node,
  • how to see the node details,
  • the pod that does not tolerate the taint is not running the node.

Steps

  • Run minikube (in this scenario, K8s runs on WSL2- Ubuntu 20.04) ("minikube start")

image

  • Create Yaml file (podtoleration.yaml) in your directory and copy the below definition into the file:
apiVersion: v1
kind: Pod
metadata:
  name: toleratedpod1
  labels:
    env: test
spec:
  containers:
  - name: toleratedcontainer1
    image: nginx:latest
  tolerations:                    # pod tolerates "app=production:NoSchedule"
  - key: "app"
    operator: "Equal"
    value: "production"
    effect: "NoSchedule"
---
apiVersion: v1
kind: Pod
metadata:
  name: toleratedpod2
  labels:
    env: test
spec:
  containers:
  - name: toleratedcontainer2
    image: nginx:latest
  tolerations:
  - key: "app"                     # pod tolerates "app:NoSchedule", value is not important in this pod
    operator: "Exists"             # pod can run on the nodes which has "app=test:NoSchedule" or "app=production:NoSchedule"
    effect: "NoSchedule" 
  • When we look at the node details, there is not any taint on the node (minikube):
kubectl describe node minikube

image

  • Add taint to the node (minikube):
kubectl taint node minikube platform=production:NoSchedule

image

  • Create pod that does not tolerate the taint:
kubectl run test --image=nginx --restart=Never

image

  • This pod always waits as pending, because it is not tolerated the taints:

image

image

  • In the yaml file above (podtoleration.yaml), we have 2 pods that tolerates this taint => "app=production:NoSchedule"
  • Create these 2 pods:

image

  • These pods tolerate the taint and they are running on the node, but "test" does not tolerate the taint, it still waits:

image

  • But if we define another taint with "NoExecute", running pods are terminated:
kubectl taint node minikube version=new:NoExecute

image

image

  • Delete taint from the node:
kubectl taint node minikube version-

image

  • Delete minikube:

image