prep notes - cka exam - scheduling

kubernetes
1

Taints & Tolerations

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  nodeSelector:
    node-role.kubernetes.io/control-plane: ""
  tolerations:
  - key: "node-role.kubernetes.io/control-plane"
    operator: "Exists"
    effect: "NoSchedule"      
  containers:
  - image: nginx
    name: nginx
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

Taints

A property that can be applied to a node to repel certain pods unless those pods have a matching toleration. A taint consists of three parts:

  1. Key: A string that serves as the identifier for the taint.
  2. Value: A string that provides additional information about the taint.
  3. Effect: This defines what happens to pods that do not tolerate the taint. There are three possible effects:
  • NoSchedule: Pods that do not tolerate the taint will not be scheduled on the node.
  • PreferNoSchedule: Kubernetes will try to avoid scheduling pods that do not tolerate the taint on the node, but it is not guaranteed.
  • NoExecute: Pods that do not tolerate the taint will be evicted from the node if they are already running there.

Tolerations

A property that can be applied to a pod to allows the pod to be scheduled on nodes with matching taints. A toleration specifies which taints the pod can tolerate, allowing it to be scheduled on nodes that have those taints.

A toleration consists of the following fields:

  1. Key: The key of the taint that the pod can tolerate.
  2. Operator: This can be Exists (the toleration applies to any taint with the specified key) or Equal (the toleration applies only to taints with the specified key and value).
  3. Value: The value of the taint that the pod can tolerate (only used if the operator is Equal).
  4. Effect: The effect of the taint that the pod can tolerate (optional).

Node Affinity

  • is a a type of affinity that specifies which nodes a Pod can be scheduled on based on node labels.
  • the two types of node affinity are:
      • requiredDuringSchedulingIgnoredDuringExecution: The scheduler can’t schedule the Pod unless the rule is met. This functions like nodeSelector, but with a more expressive syntax.
      • preferredDuringSchedulingIgnoredDuringExecution: The scheduler tries to find a node that meets the rule. If a matching node is not available, the scheduler still schedules the Pod.
  • valid logical operators include In, NotIn, Exists, DoesNotExist, Gt and Lt.
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: kubernetes.io/hostname
            operator: In
            values:
            - worker2
  containers:
  - image: nginx
    name: nginx
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}