Taints and Tolerations - Blogs

Taints and Tolerations

Taints and tolerations are used to restrict the pods to schedule them onto respective nodes. There is nothing to do with security.

If no restrictions are applied K8s scheduler places the pods in all respective nodes equally to balance all the pods

Assume we have certain resources assigned for application in a particular node, and we have tainted that node with some key value pair. By default pods doesn’t have tolerations, which means unless until specify, none of the pods scheduled into that tainted node, so this solves half of our requirement, no unwanted pod is going to place in that node.

To allow a pod to place in tainted node, we should add tolerations to that pod. How to add tolerations to that pod.

Lets 1st taint a node

Kubectl taint nodes  

For example: kubectl taint nodes node1 app=blue:NoSchedule

Effects: NoSchedule, No execute, prefer no schedule

Tolerations to pod:

Under spec of pod definition file

    - Key: “app”
      Operator: “Equal”
      Value: “blue”
      Effect: “NoSchedule”

If pods are updated/created with new tolerations, either they are not scheduled on node or they evicted from the existed node depending on what effect is being set.

Taints and tolerations only meant to accept certain pods , it will define which pod has to go which node, for that we have node affinity concept which will be given in next blog


1st case – all pods has to place in 1st node because no tolerations applied to pods, and all pods will place in un-tainted node


Pod A & B can place in 1st node or node 3 only, and c  & D will be placed in node 2 or node 1.

Have your thought why pods are not scheduled in master node. Here is the answer for that;


Execute: kubectl describe node kubemaster | grep Taint

You will find it that, master has got tainted by default while creating the cluster


Set Web.Config Values Using Environment Variables for Containerizing .Net Framework Legacy Application

Application using the tech stack of .Net Framework (<4.7) passes configuration information using ...

Read More >

Deploy a Windows bases AKS Cluster using Azure Portal

Kubernetes is an orchestration tool that helps us to manage container-based resources, usually as mo...

Read More >

Volume Management in Kubernetes

Since pods created in k8s are ephemeral, we are able to get the data as long as pods are alive, but ...

Read More >

Quick Understanding on Stateful Sets in Kubernetes

Stateful sets are similar to deployments, they can scale up and scale down, they can perform rolling...

Read More >

How to do Installation of K8S using kubeadm?

Till now I have given blogs on k8s objects, services, namespaces, ingress etc. but where to execute ...

Read More >


If you have deployed different applications on k8s cluster using various objects like deployments, p...

Read More >

Node Selector

Assume you have 3 nodes cluster of which two of them are having lower hardware resources and one of ...

Read More >


The k8s node affinity feature is to ensure pods are hosted on a particular node. As mentioned in pre...

Read More >

What is ingress and what are the components of it?

Ingress is a resource, which exposes the http and https from external sources to the services within...

Read More >

Kubernetes RBAC (Role Based Access Control)

The Kubernetes RBAC (role bases access control) system helps us in defining set of rules in controll...

Read More >


Try DevOpSmartBoard Ultimate complete Azure DevOps End-to end reporting tool

Sign Up

  • Recent
  • Popular
  • Tag
Monthly Archive

Contact Us
  • *
  • *