Scheduling - Taints and Tolerations

$ k apply -f bee.yaml 
pod/bee created​

taint : 노드마다 설정가능. 설정한 노드에는 pod이 스케줄되지 않음 (NoSchedule, PreferNoSchedule, NoExecute)
key=value:NoSchedule means key=value가 아닌 pod들은 schedule될 수 없음
toleration : pod에 설정, key, value, effect, operator을 지정해서 어떤 taint를 무시할 지 정할 수 있음
operator이 Equal이면 value설정해야함 (key value 둘 다 matching 필요), Exists면 key만 있으면 됨

 

$ k get po
NAME       READY   STATUS    RESTARTS   AGE
mosquito   0/1     Pending   0          30s

Q) How many nodes exist on the system?
Including the controlplane node.

$ k get no -A --no-headers | wc -l
2

A) 2

 

Q) Do any taints exist on node01 node?

$ k describe no node01 | grep Taints
Taints:             <none>

A) No

 

Q) Create a taint on node01 with key of spray, value of mortein and effect of NoSchedule

$ k taint no node01 spray=mortein:NoSchedule
node/node01 tainted

 

Q) Create a new pod with the nginx image and pod name as mosquito.

$ k run mosquito --image=nginx
pod/mosquito created

 

Q) What is the state of the pod modquito?

$ k get po
NAME       READY   STATUS    RESTARTS   AGE
mosquito   0/1     Pending   0          30s

A) Pending

 

Q) Why do you think the pod is in a pending state?

Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               -------
  Warning  FailedScheduling  95s   default-scheduler  0/2 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 1 node(s) had untolerated taint {spray: mortein}. preemption: 0/2 nodes are available: 2 Preemption is not helpful for scheduling.

A) POD Mosquito cannot tolerate taint Mortein

 

Q) Create another pod named bee with the nginx image, which has a toleration set to the taint mortein.

$ k run bee --image=nginx --dry-run=client -o yaml > bee.yaml

$ vi bee.yaml

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: bee
  name: bee
spec:
  containers:
  - image: nginx
    name: bee
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
  # spec 밑에 tolerations 추가 
  tolerations:
  - key: spray
    value: mortein
    effect: NoSchedule
    operator: Equal
status: {}

$ k apply -f bee.yaml 
pod/bee created

 

Q) Do you see any taints on controlplane node?

$ k describe no controlplane | grep -i taints
Taints:             node-role.kubernetes.io/control-plane:NoSchedule

A) Yes - NoSchedule

 

Q) Remove the taint on controlplane, which currently has the taint effect of NoSchedule.

$ k taint no controlplane node-role.kubernetes.io/control-plane:NoSchedule-
node/controlplane untainted