Kubernetes - Taints and Tolerations and Node Affinity rules

Taints and Tolerations and Node Affinity rules

1. How many Nodes exist on the system?
including the master/controlplane node

-> Run the command 'kubectl get nodes' and count the number of nodes.
# kc get nodes

2. Do any taints exist on node01?
-> Run the command 'kubectl describe node node01' and see the taint property

# kc describe node node01 | grep taint

None

3. Create a taint on node01 with key of 'spray', value of 'mortein' and effect of 'NoSchedule'
-> Run the command 'kubectl taint nodes node01 spray=mortein:NoSchedule'.

# kc taint nodes node01 spray=mortein:NoSchedule
# kc describe nodes node01 | grep -i taint

4. Create a new pod with the NGINX image, and Pod name as 'mosquito'

# kc run mosquitos --image=nginx
# kc get pods
or
# cat mosquitos.yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: mosquito
spec:
  - image: nginx
    name: mosquito

5. What is the state of the POD?
-> Run the command 'kubectl get pods' and see the state
# kc get pods -o wide
Its on pending state

6. Why do you think the pod is in a pending state?
POD Mosquito can not tolerate ttaint mortein.

7. Create another pod named 'bee' with the NGINX image, which has a toleration set to the taint Mortein

# cat bee.yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: bee
spec:
  containers:
  - image: nginx
    name: bee
  tolerations:
    - key: spray
      value: mortein
      effect: NoSchedule
      operator: Equal

# kc create -f bee.yaml

8. Notice the 'bee' pod was scheduled on node node01 despite the taint.

# kc get pod -o wide

because we set toleration on bee pod.

8. Do you see any taints on master/controlplane node?
-> Run the command 'kubectl describe node master/controlplane' and see the taint property

# kc describe node controlplane | grep -i taint
does have taints - NoSchedule

9. Remove the taint on master/controlplane, which currently has the taint effect of NoSchedule
-> Run the command 'kubectl taint nodes master/controlplane node-role.kubernetes.io/master:NoSchedule-'.
# kc taint node controlplane node-role.kubernetes.io/master:NoSchedule-

remember the - at the end.

10. What is the state of the pod 'mosquito' now? Which node is the POD 'mosquito' on now?
-> Run the command 'kubectl get pods'
Running on controlplane


Node Affinity

1. How many Labels exist on node node01?
-> Run the command kubectl describe node node01 and count the number of labels.

5 - GO to Labels section and count

2. What is the value set to the label beta.kubernetes.io/arch on node01?
-> Run the command kubectl describe node node01 OR kubectl get node node01 --show-labels and check the value for the label
it is set to amd64

3. Apply a label color=blue to node node01
-> Run the command kubectl label node node01 color=blue.

# kc label node node01 color=blue
# kc describe node node01 | more  or
# kc get node node01 --show-lables

4. Create a new deployment named blue with the nginx image and 6 replicas
-> Run the command kubectl create deployment blue --image=nginx followed by kubectl scale deployment blue --replicas=6
# kc create deployment blue --image=nginx --replicas=6
# kc get pods -o wide

5. Which nodes can the pods for the blue deployment placed on?
-> Check if master/controlplane and node01 have any taints on them that will prevent the pods to be scheduled on them. If there are no taints, the pods can be scheduled on either node.

# kc describe node node01 | grep -i traints
# kc describe node controlplane | grep -i traints

# kc get pods -o wide
On controlplane and node01 since no traits set on hosts.
no traits set , so it can be on either of them


6. Set Node Affinity to the deployment to place the pods on node01 only

Name: blue
Replicas: 6
Image: nginx
NodeAffinity: requiredDuringSchedulingIgnoredDuringExecution
Key: color
values: blue

Create a yaml file

# cat pod-deployment.yaml
apiVersion: v1
kind: Deployment
metadate:
  name: Blue
spec:
  replicas: 6
  selector:
    matchLabels:
      run: nginx
    template:
      metadata:
        labels:
          run: nginx
      spec:
        conainers:
        - name: nginx
          image: nginx
          imagePullPolicy: Always
        affinity:
          nodeAffinity:
            requiredDuringSchedulingIgnoreDuringExecution: no
              nodeSelectorTerms:
              - mathExpressions:
                - key: size
                  operator: In    # NotIn
                  values:
                  - blue


# kc delete deployment blue
# kc apply -f pid-definition.yaml

7. Which nodes are the pods placed on now?

-> Run the command kubectl get pods -o wide and see the Node column

All pods are on node1


8. Create a new deployment named red with the nginx image and 3 replicas, and ensure it gets placed on the master/controlplane node only.

Use the label - node-role.kubernetes.io/master - set on the master/controlplane node.

Name: red
Replicas: 3
Image: nginx
NodeAffinity: requiredDuringSchedulingIgnoredDuringExecution
Key: node-role.kubernetes.io/master
Use the right operator


# cat pod-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadate:
  name: Red
spec:
  replicas: 3
  selector:
    matchLabels:
      run: nginx
    template:
      metadata:
        labels:
          run: nginx
      spec:
        conainers:
        - name: nginx
          image: nginx
          imagePullPolicy: Always
        affinity:
          nodeAffinity:
            requiredDuringSchedulingIgnoreDuringExecution:
              nodeSelectorTerms:
              - mathExpressions:
                - key: node-role.kubernetes.io/master
                  operator: Exists