Surya:
Hi 
tolerations:
- key: "app" #must be given in double quotes
operator: "Exits"
value: "blue"
effect: "NoSchedule"
when we have this in the pod spec, it means the pod tolerates nodes that have the taint app=blue:NoSchedule, but that seems counter intutive since the taint says NoSchedule. Or maybe I have understood incorrectly, could someone clarify please?
Thanks
Trung Tran:
This means that no pod will be able to schedule onto tainted node unless it has a matching toleration.
Trung Tran:
• if there is at least one un-ignored taint with effect NoSchedule then Kubernetes will not schedule the pod onto that node
• if there is no un-ignored taint with effect NoSchedule but there is at least one un-ignored taint with effect PreferNoSchedule then Kubernetes will try to not schedule the pod onto the node
• if there is at least one un-ignored taint with effect NoExecute then the pod will be evicted from the node (if it is already running on the node), and will not be scheduled onto the node (if it is not yet running on the node).
Trung Tran:
The effect applied for the un-tolerated pod, not the pod with matched toleration.
Surya:
thanks for the explaination, what is un-ignored taint?
Trung Tran:
Please go through this docs https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/, it will give you all needed information about taint and toleration.
Surya:
Thank you, I did read the doc. I am confused by the example in the doc
The doc says
and thus a pod with either toleration would be able to schedule onto node1
since the node has a taint NoSchedule I am confused how it lets pods to schedule on it.
Sorry, if my doubts are too basic
Trung Tran:
As I said above, NoSchedule is the effect for the pod that NOT tolerate to the taint, if the pod tolerate to the taint, it will be schedule normally/.
Surya:
hmm so if a pod tolderates NoSchedule effect, it will get scheduled on nodes that have a taint NoSchedule.
It seems weird that it gets scheduled in a node with taint NoSchedule, but I guess it is what it is
Trung Tran:
Let read it in the easier way, schedule check the pod, if you are not tolerate to the taint, then the effect will be NoSchedule, if tolerated, process to the next step to place the pod on the node, hope it make sense.
Surya:
hmm it makes things clearer a bit better.
Thanks for the patience
Trung Tran:
Sure, feel free to get back if you have any questions or concerns.
unnivkn:
Hi @Surya fyr: https://blog.kubecost.com/blog/kubernetes-taints/#:~:text=NoSchedule—The%20pod%20will%20not,pod%20with%20the%20tainted%20node.
Neeraj Vasudeva:
@Surya What a coincidence, I too had the same doubt that if the keyword -NoSchedule exists then how come it’s able to schedule it.
Well once the node is tainted with some key value pair and ‘NoSchedule’ then u need to apply the toleration to a pod with the same key value pair… so at this point u kind of ignore the english keyword NoSchedule defined within pod and focus more on whther the pod can tolerate the key value or not. For me i am interpreting NoSchedule defined at pod level as Schedule allowed.
Surya:
Thank you Neeraj and Unnivkn.
I guess it makes sense in a way, but it is confusing. Hopefully kubernetes moves towards cleaner naming conventions.