Overview
Add a Taint
| Code Block |
|---|
kubectl taint nodes docker-desktop is_control=true:NoExecute |
Remove a Taint
| Code Block |
|---|
kubectl taint nodes docker-desktop is_control=true:NoExecute- |
Example
| Code Block |
|---|
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: fluentd-elasticsearch
namespace: kube-system
labels:
k8s-app: fluentd-logging
spec:
selector:
matchLabels:
name: fluentd-elasticsearch
template:
metadata:
labels:
name: fluentd-elasticsearch
spec:
tolerations:
# these tolerations are to have the daemonset runnable on control plane nodes
# remove them if your control plane nodes should not run pods
- key: node-role.kubernetes.io/control-plane"is_control"
operator: Exists
effect: NoSchedule"Equal"
value: "true"
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule effect: "NoExecute"
containers:
- name: fluentd-elasticsearch
image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 200Mi
volumeMounts:
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
terminationGracePeriodSeconds: 30
volumes:
- name: varlog
hostPath:
path: /var/log
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers. |
The above toleration will allow the pod to be deployed on a node with a matching taint.
References
| Reference | URL |
|---|---|
| Taints and Tolerations | https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ |
| Kubernetes Taints & Tolerations | https://www.densify.com/kubernetes-autoscaling/kubernetes-taints |
...