☣️ What is a Taint?
A taint is applied to a node to mark it as unsuitable for certain pods, unless those pods explicitly tolerate the taint.
It works like this:
🛑 "This node doesn't want your pod... unless you're okay with my taint."
🔧 Taint Syntax
kubectl taint nodes <node-name> key=value:effect🧪 Example
kubectl taint nodes node1 key=env:NoSchedule🛡️ What is a Toleration?
A toleration is added to a pod spec. It tells Kubernetes:
✅ "I'm okay with this taint, let me run on that node."
🔧 Toleration YAML Example
tolerations:
- key: "env"
operator: "Equal"
value: "production"
effect: "NoSchedule"
This allows the pod to be scheduled on a node that has this taint:
env=production:NoSchedule
💥 Taint Effects
| Effect | Description | Real-World Use case |
| NoSchedule | Don't schedule pods unless they tolerate the taint. | Run only special workloads |
| PreferNoSchedule | Avoid scheduling, but not strictly enforced. | Isolate production environments |
| NoExecute | Evict existing pods that don't tolerate the taint. Also prevents new ones. |
Node maintenance (drain-like) |
🔹 1. Node Selector (Simple)
`nodeSelector` is the simplest way to schedule a Pod onto a specific node based on exact label match.
✅ Example:
spec:
nodeSelector:
disktype: ssdThis Pod will only be scheduled on a node with:
kubectl label node <node-name> disktype=ssd🔸 2. Node Affinity (Advanced)
`nodeAffinity` is a more powerful and flexible way to do what nodeSelector does — with expressions, preferred vs required, and complex logic.
💬 Two Types:
- requiredDuringSchedulingIgnoredDuringExecution (💥 must match)
- preferredDuringSchedulingIgnoredDuringExecution (👌 best effort)
✅ Example: Required Node Affinity
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: disktype
operator: In
values:
- ssd
- nvmeThis only schedules on nodes where `disktype` is ssd or nvme
✅ Example: Preferred Node Affinity
spec:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: zone
operator: In
values:
- us-east-1aThis tries to schedule in `us-east-1a`, but fall abck to others if needed.
🧠 Node Selector vs Node Affinity
| Feature | NodeSelector | NodeAffinity |
| Match type | Exact | Expressions (In, NotIn, Exists, etc.) |
| Logic flexibility | Low | High |
| Required/Preferred separation | ❌ No | ✅ Yes |
| Common usage | Simple pinning | Advanced placement logic |
🔁 Quick Overview
| Feature | Node Affinity | Taints & Tolerations |
| Who defines it? | Pod (chooses preferred nodes) | Node (repels Pods unless tolerated) |
| Direction | Pod ➡️ Node | Node ➡️ Pod |
| Behavior | "I want to run on this kind of node" | "I don’t want Pods on me unless allowed" |
| Use case | Attraction – guide scheduling | Repulsion – restrict scheduling |
| Hard/Soft control | Has required (hard) and preferred (soft) rules | Mostly hard rules unless PreferNoSchedule |
| Node setup needed? | No (but nodes must have labels) | Yes (nodes must be tainted) |
'CS > Kubernetes' 카테고리의 다른 글
| [Kubernetes] Scheduling(1) (0) | 2025.04.04 |
|---|---|
| [Kubernetes] Service (1) | 2025.03.28 |
| [Kubernetes] Replicaset & Deployment (1) | 2025.03.27 |
| [Kubernetes] YAML (1) | 2025.03.27 |
| [Kubernetes] Kubernetes concepts (1) | 2025.03.27 |
