Mastering Kubernetes Taints and Tolerations: Precise Pod Scheduling
This guide explains Kubernetes taints and tolerations, how to create, view, and remove taints, configure tolerations in pod specs, and use nodeName and nodeSelector to control pod placement, complete with practical command‑line examples and YAML manifests.
Taint and Toleration Overview
Node affinity attracts Pods to specific nodes, while a Taint repels Pods from nodes that carry the taint, creating an exclusion relationship.
Taint Basics
A taint is applied to a node with kubectl taint and has the format key=value:effect. The effect can be NoSchedule , PreferNoSchedule , or NoExecute .
Example of viewing nodes:
# kubectl get node
NAME STATUS ROLES AGE VERSION
centos8 Ready master 134d v1.15.1
testcentos7 Ready <none> 133d v1.15.1The master node carries a NoSchedule taint by default, preventing Pods from being scheduled onto it.
Managing Taints
Set a taint:
# kubectl taint nodes [node name] key1=value:NoScheduleView a node’s taints:
# kubectl describe node centos8
Taints: node-role.kubernetes.io/master:NoScheduleRemove a taint:
# kubectl taint nodes [node name] key1:NoSchedule-Tolerations
Pods can declare tolerations to allow scheduling onto nodes with matching taints. A toleration is defined in Pod.spec.tolerations:
tolerations:
- key: "key1"
operator: "Equal"
value: "value1"
effect: "NoSchedule"
tolerationSeconds: 3600
- key: "key2"
operator: "Exists"
effect: "NoSchedule"If operator is Exists , the value is ignored; Equal requires an exact match. tolerationSeconds specifies how long a pod may remain on a node after eviction.
Example: a pod with operator: "Exists" tolerates any taint with NoSchedule effect.
Node‑Specific Scheduling
Two explicit methods force a pod onto a particular node.
nodeName
Setting spec.nodeName in a pod or deployment bypasses the scheduler and binds the pod to the named node.
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nodename-1
spec:
replicas: 3
template:
spec:
nodeName: testcentos7
containers:
- name: nodename-1
image: nginx:1.2.1All replicas are created on testcentos7. Changing nodeName to centos8 moves the pods to the master node.
nodeSelector
Using spec.nodeSelector matches node labels. The pod is scheduled only to nodes whose labels satisfy the selector.
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: node-1
spec:
replicas: 3
template:
spec:
nodeSelector:
type: ssd
containers:
- name: myweb
image: nginx:1.2.1After labeling testcentos7 with type=ssd, the pods transition from Pending to Running .
Summary
By combining taints, tolerations, nodeName, and nodeSelector, you can precisely control where Pods are placed in a Kubernetes cluster.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.