What are Taints and Tolerations in Kubernetes and how do they control pod scheduling?
Taints and Tolerations are Kubernetes mechanisms that control which pods can be scheduled on which nodes.
What are Taints?
A taint is applied to a node and repels pods that do not have a matching toleration. Taints have three effects:
- NoSchedule: Pod will not be scheduled on the node
- PreferNoSchedule: Kubernetes tries to avoid scheduling the pod on the node
- NoExecute: Pod is evicted if already running and not tolerating the taint
Example taint command:
kubectl taint nodes node1 key=value:NoScheduleWhat are Tolerations?
Tolerations are applied to pods and allow the scheduler to place pods on nodes with matching taints.
Example toleration in a pod spec:
tolerations:
- key: "key"
operator: "Equal"
value: "value"
effect: "NoSchedule"Common Use Cases
- Dedicated nodes: Taint GPU nodes so only GPU workloads run on them
- Node maintenance: Taint nodes before draining to prevent new pod scheduling
- Special hardware: Reserve nodes with SSDs or high memory for specific workloads
- Multi-tenancy: Isolate team workloads on specific nodes
Key Difference from Node Affinity
Node Affinity attracts pods to nodes, while Taints repel pods from nodes. They complement each other for fine-grained scheduling control.