I have find such a nice toleration used in control plane i was thinking if anyone added taint to control plane with NoExecute then what will happen all pod will evict ohohj then i explore pod of control plane by json i gound they have given toleartion with only effect and exists means ig taint exists with NoExecute match it whatever you add it that great like *:Noexecute done means match any taints
This toleration is often used with daemonsets to ensure a pod is created on every node regardless of taints. You will find it in kube-proxy - in fact you only need provide the operator and not the effect, as that really does mean all nodes!
yes bro but they use nodeName spec for daemonset yes they use toleration for default taint lie memorypressure to keep demon running ok but they bypass taint by nodeName but tell me iam correct because iam learner i could be wrong but i tested it and then give answer but i respect your answer also on point
nodeName is set by the scheduler, not by the DaemonSet manifest. When you create your manifest, you have no advance notice of what the node names are, especially if
You are creating a helm chart for other people to run your daemonset on their clusters
Your cluster has a cluster autoscaler meaning that nodes come and go.
Therefore the way to ensure the daemonset pods will launch on every node is to use a toleration statement like the above.
In day-to-day operation of a cluster you should never explicitly set nodeName as it bypasses the scheduler, except for launching pods as part of a troubleshooting procedure, to ensure your debug pod goes to a specific node.
Yes sir it is correct scheduler take all request from api server all nodes health and resources info then set nodeName in pod but if we not want to use daemon set in like our one of the node then we should not use this above toleration method if want then we should use it yes it is correct not to use nodeName in production because it would make all descisison of scheduler and pod can be deploy in any node that we not want so we can use validation policy to not to be allow yaml request or workload to deploy with nodeName thanks for showing more use cases of toleration i saw it is used in controller of control plane where if anyone of node get tolerated then it will be bypass and match taint so controller will not evict and cluster workflow will continue as state that great we can also use it in pod toleration like to match taint with toleration with toleration second for match that specfic seconds so if in that interval taint node removed pod will evict schdule on next node as per scheduling techniques define on deploy or workload thanks for expanding my knowledge iam gratefull for giving me knowledge thanks
but tell me iam correct because iam learner i could be wrong but i tested it and then give answer but i respect your answer also on point