Taints and Tolerations — Kubernetes
Taints are a property of nodes that push pods away if they don’t tolerate this taint. Like Labels, one or more Taints can be applied to a node. This means that the node must not accept any pod that does not tolerate all of these taints.
Tolerations are applied to pods, and allow the pods to schedule onto nodes with matching taints.
Taints and tolerations work together to ensure pods are not scheduled onto inappropriate nodes.
Taint is like key=value: Effect
Key: A string that represents the taint's label.
Value: A string that represents the taint's value.
Effect: A string that specifies the effect of the taint.
Assign 3 different values to effect.
NoSchedule: The Pod will not be scheduled on the node unless it tolerates the taint.PreferNoSchedule: The system will try to avoid placing a Pod that does not tolerate the shame on the node, but it is not a hard requirement.NoExecute: The Pod will be evicted if it is already running on the node and does not tolerate the taint.
Tolerations are applied to pods and indicate that the pod can be scheduled on nodes with specific taints. A pod with toleration will only be scheduled on nodes that have a matching taint.
By setting tolerations, you can make sure that certain pods are placed on nodes with specific attributes or restrictions, even if those nodes are tainted.
Taints and Tolerations are only meant to restrict node accept certain PODs. It does not guarantee that the POD with the toleration will be kept only placed on the node with taint.
NodeSelector
Node Selector is the simplest form of node selection constraint in Kubernetes. It is used to specify a key-value pair that must match the labels on a node for a Pod to be scheduled on that node.
Node Affinity
Node Affinity is a feature in Kubernetes that allows you to constrain which nodes your Pods are eligible to be scheduled on based on node labels. It provides more flexible and expressive ways to influence Pod placement compared to node selectors.
Types of Node Affinity:
- requiredDuringSchedulingIgnoredDuringExecution
- preferredDuringSchedulingIgnoredDuringExecution
Labels arekey-value pairs that can be attached to Kubernetes objects. Labels can be used to organize and group objects, and they can be used to select objects for operations such as deletion and updates.
Selectors are used to select a group of objects for an operation. Selectors can be specified using labels, and they can be used to select all objects with a given label or all objects that match a certain pattern.
Kubernetes deployment usesLabels and Selectors to select which pods need to be updated when a new version of a pod is deployed.
matchLabeltells what pods the deployment will apply to. So, in your YAML description file for the deployment.
Example of a taint:
Let’s say you have a node with a specific GPU and you want to reserve it for running only GPU-intensive workloads.
kubectl taint nodes <node-name> gpu=true:NoScheduleThis taint would prevent any new pods from being scheduled on this node unless they tolerate the gpu=true taint.
Example of toleration:
Let’s consider the previous example of the node with the GPU taint. To allow a pod to be scheduled on the GPU node, the pod’s YAML definition would include toleration like this:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
tolerations:
- key: "gpu"
- effect: NoSchedule
operator: ExistsIn this example, the pod has a tolerance for the gpu taint with the NoSchedule effect. This means the pod can be scheduled on nodes with the taint gpgpu=true:NoScheduleallowing it to utilize the GPU resources.
Read more https://ibrahims.medium.com/taints-and-tolerations-kubernetes-673307c49447
Thank you 🙏 for taking the time to read our blog.