Forcing specific deployments/pods to deploy on master

0 votes

I have cluster with three master nodes. Because master nodes have a NoSchedule taint by default, I added tolerations to my deployments. Kubernetes version is 1.5:

Deployment.yaml:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
    […]

Even after adding the tolerations the pods are deploying on the worker nodes only. I want to deploy these only on Master. Any help is appreciated. thanks

Oct 12, 2018 in Kubernetes by DragonLord999
• 8,360 points
105 views

1 answer to this question.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
0 votes

Tolerations do not guarantee that a pod will be scheduled an a node with that taint. It just means that it can tolerate such taints and schedule on those nodes. If you specifically want to deploy your pod on a specific node, use labels. Example, give your master node a label say dedicated=master and set nodeSelector for your pod to look for this label.

to add the label to you node:

kubectl label nodes name_of_your_node dedicated=master

Kubernetes 1.6 and above syntax

nodeSelector for your pod:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
    spec:
      nodeSelector:
        dedicated: master
      tolerations:
      - key: dedicated
        operator: Equal
        value: master
        effect: NoSchedule
    […]

You can also use affinity under spec:

affinity:
  nodeAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      nodeSelectorTerms:
        matchExpressions:
        - key: dedicated
          operator: Equal
          values: ["master"]

Pre 1.6 syntax

nodeSelector for your pod:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 3
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-lb
        name: nginx-ingress-lb
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
      nodeSelector:
        dedicated: master
    […]

Annotations instead of nodeSelector:

scheduler.alpha.kubernetes.io/affinity: >
  {
    "nodeAffinity": {
      "requiredDuringSchedulingIgnoredDuringExecution": {
        "nodeSelectorTerms": [
          {
            "matchExpressions": [
              {
                "key": "dedicated",
                "operator": "Equal",
                "values": ["master"]
              }
            ]
          }
        ]
      }
    }
  }

NoSchedule does not stop already scheduled pods. Check https://kubernetes.io/docs/user-guide/node-selection/ for more info.

answered Oct 12, 2018 by ajs3033
• 7,000 points

Related Questions In Kubernetes

0 votes
1 answer

Unable to deploy nginx ingress on kubernetes

The nginix ingress controller uses hostPort to ...READ MORE

answered Oct 1, 2018 in Kubernetes by Kalgi
• 35,750 points
41 views
0 votes
1 answer

Is possible to have same k8s service for multiple pods?

Reserve a static IP and then assign ...READ MORE

answered Jul 20, 2018 in Kubernetes by Kalgi
• 35,750 points
20 views
0 votes
1 answer

Unable to run Kubernetes on rancher cluster

switch Docker to 1.12.x; Kubernetes doesn't support ...READ MORE

answered Aug 28, 2018 in Kubernetes by Kalgi
• 35,750 points
81 views
0 votes
1 answer
0 votes
1 answer
0 votes
3 answers

Error while joining cluster with node

Hi Kalgi after following above steps it ...READ MORE

answered Jan 17 in Others by anonymous
469 views
0 votes
1 answer
0 votes
1 answer

Forcing ssl for Kubernetes Ingress on GKE

https://github.com/kubernetes/ingress-gce#frontend-https If you want to block http, you ...READ MORE

answered Sep 6, 2018 in Kubernetes by ajs3033
• 7,000 points
690 views
0 votes
1 answer

© 2018 Brain4ce Education Solutions Pvt. Ltd. All rights Reserved.
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.