Placing pods on nodes with restrictions

When you want to reserve nodes for critical services and stop other tasks from running on those nodes, you can use taints and tolerations.

With these tools, you can tag nodes with taints and pods with tolerations. In this way, only pods for which you have specified tolerations will run on nodes with the specified taints.

Before configuring taints and tolerations, please read the BRIX Enterprise advanced settings article to learn about all the pod placement tools and recommendations for using them together.

How to configure taints and tolerations

Suppose, you need to split the workload between two groups of nodes: for monitoring (monitoring) and for the main application (brix). Let's see how you can do it:

1. Add taints:

• on nodes dedicated to monitoring:

kubectl taint nodes node-1 role=monitoring:NoSchedule

• on nodes dedicated to BRIX:

kubectl taint nodes node-1 role=brix:NoSchedule

You can specify one node and multiple taints in the command by separating the taints labels with spaces.

2. In the .Values.global.tolerations field, configure tolerations, for example:

• for monitoring pods in the values-monitoring.yaml file:

global:
tolerations:
- key: "role"
  operator: "Equal"
  value: "monitoring"
  effect: "NoSchedule"

• for brix pods in the values-elma365.yaml file:

global:
tolerations:
- key: "role"
  operator: "Equal"
  value: "brix"
  effect: "NoSchedule"

Where:

• key. Taint name.
• operator. Comparison operator:
  • Equal. A taint value for the node must match the value specified in the value parameter.
  • Exists. A taint with the added key must be specified in the node parameters. The value parameter is not considered.
• value. A taint value that is used with the Equal operator.
• effect. A type of taint action:
  • NoSchedule. A pod is only placed on a node with a taint if the corresponding toleration is configured for it.
  • PreferNoSchedule. It is preferred to schedule a pod only on those nodes with a taint for which toleration is configured. However, if there are no other nodes, the pod is scheduled on the node.
  • NoExecute. The pod is not placed on a node with a given taint.

In this example, monitoring pods will only be placed on nodes with the role=monitoring taint, and BRIX pods will only be placed on nodes with the role=brix taint.

Default values for tolerations

By default, no values are set in the .Values.global.tolerations field. Therefore, tolerations are scheduled on any available nodes without considering taints. If you want to split the workload between different types of nodes, configure taints on the nodes and the corresponding tolerations in the pod configuration.

Was this helpful?

Thanks for your feedback!

Please specify why:

Recommendations did not help meArticle is hard to understandDidn’t answer my questionContent does not match the topicOther

How can we improve the article?

YesNo

Please specify whyRecommendations did not help meArticle is hard to understandDidn’t answer my questionContent does not match the topicOther