1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl taint - Update the taints on one or more nodes
10
14 kubectl taint [OPTIONS]
15
19 Update the taints on one or more nodes.
20 • A taint consists of a key, value, and effect. As an argument
23 here, it is expressed as key=value:effect.
24 • The key must begin with a letter or number, and may contain
26 letters, numbers, hyphens, dots, and underscores, up to 253
27 characters.
28 • Optionally, the key can begin with a DNS subdomain prefix and
30 a single '/', like example.com/my-app
31 • The value is optional. If given, it must begin with a letter
33 or number, and may contain letters, numbers, hyphens, dots,
34 and underscores, up to 63 characters.
35 • The effect must be NoSchedule, PreferNoSchedule or NoExecute.
37 • Currently taint can only apply to node.
39
44 --all=false Select all nodes in the cluster
45 --allow-missing-template-keys=true If true, ignore any errors in
48 templates when a field or map key is missing in the template. Only ap‐
49 plies to golang and jsonpath output formats.
50 --dry-run="none" Must be "none", "server", or "client". If client
53 strategy, only print the object that would be sent, without sending it.
54 If server strategy, submit server-side request without persisting the
55 resource.
56 --field-manager="kubectl-taint" Name of the manager used to track
59 field ownership.
60 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
63 plate|go-template-file|template|templatefile|jsonpath|json‐
64 path-as-json|jsonpath-file.
65 --overwrite=false If true, allow taints to be overwritten, other‐
68 wise reject taint updates that overwrite existing taints.
69 -l, --selector="" Selector (label query) to filter on, supports
72 '=', '==', and '!='.(e.g. -l key1=value1,key2=value2)
73 --template="" Template string or path to template file to use when
76 -o=go-template, -o=go-template-file. The template format is golang tem‐
77 plates [http://golang.org/pkg/text/template/#pkg-overview].
78 --validate=true If true, use a schema to validate the input before
81 sending it
82
86 --add-dir-header=false If true, adds the file directory to the
87 header of the log messages
88 --alsologtostderr=false log to standard error as well as files
91 --application-metrics-count-limit=100 Max number of application
94 metrics to store (per container)
95 --as="" Username to impersonate for the operation
98 --as-group=[] Group to impersonate for the operation, this flag
101 can be repeated to specify multiple groups.
102 --azure-container-registry-config="" Path to the file containing
105 Azure container registry configuration information.
106 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
109 list of files to check for boot-id. Use the first one that exists.
110 --cache-dir="/builddir/.kube/cache" Default cache directory
113 --certificate-authority="" Path to a cert file for the certificate
116 authority
117 --client-certificate="" Path to a client certificate file for TLS
120 --client-key="" Path to a client key file for TLS
123 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
126 CIDRs opened in GCE firewall for L7 LB traffic proxy health
127 checks
128 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
131 CIDRs opened in GCE firewall for L4 LB traffic proxy health
132 checks
133 --cluster="" The name of the kubeconfig cluster to use
136 --container-hints="/etc/cadvisor/container_hints.json" location of
139 the container hints file
140 --containerd="/run/containerd/containerd.sock" containerd endpoint
143 --containerd-namespace="k8s.io" containerd namespace
146 --context="" The name of the kubeconfig context to use
149 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
152 tionSeconds of the toleration for notReady:NoExecute that is added by
153 default to every pod that does not already have such a toleration.
154 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
157 tionSeconds of the toleration for unreachable:NoExecute that is added
158 by default to every pod that does not already have such a toleration.
159 --disable-root-cgroup-stats=false Disable collecting root Cgroup
162 stats
163 --docker="unix:///var/run/docker.sock" docker endpoint
166 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
169 ronment variable keys matched with specified prefix that needs to be
170 collected for docker containers
171 --docker-only=false Only report docker containers in addition to
174 root stats
175 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
178 from docker info (this is a fallback, default: /var/lib/docker)
179 --docker-tls=false use TLS to connect to docker
182 --docker-tls-ca="ca.pem" path to trusted CA
185 --docker-tls-cert="cert.pem" path to client certificate
188 --docker-tls-key="key.pem" path to private key
191 --enable-load-reader=false Whether to enable cpu load reader
194 --event-storage-age-limit="default=0" Max length of time for which
197 to store events (per type). Value is a comma separated list of key val‐
198 ues, where the keys are event types (e.g.: creation, oom) or "default"
199 and the value is a duration. Default is applied to all non-specified
200 event types
201 --event-storage-event-limit="default=0" Max number of events to
204 store (per type). Value is a comma separated list of key values, where
205 the keys are event types (e.g.: creation, oom) or "default" and the
206 value is an integer. Default is applied to all non-specified event
207 types
208 --global-housekeeping-interval=1m0s Interval between global house‐
211 keepings
212 --housekeeping-interval=10s Interval between container housekeep‐
215 ings
216 --insecure-skip-tls-verify=false If true, the server's certificate
219 will not be checked for validity. This will make your HTTPS connections
220 insecure
221 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
224 quests.
225 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
228 trace
229 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
232 sor container
233 --log-dir="" If non-empty, write log files in this directory
236 --log-file="" If non-empty, use this log file
239 --log-file-max-size=1800 Defines the maximum size a log file can
242 grow to. Unit is megabytes. If the value is 0, the maximum file size is
243 unlimited.
244 --log-flush-frequency=5s Maximum number of seconds between log
247 flushes
248 --logtostderr=true log to standard error instead of files
251 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
254 Comma-separated list of files to check for machine-id. Use the
255 first one that exists.
256 --match-server-version=false Require server version to match
259 client version
260 -n, --namespace="" If present, the namespace scope for this CLI
263 request
264 --one-output=false If true, only write logs to their native sever‐
267 ity level (vs also writing to each lower severity level
268 --password="" Password for basic authentication to the API server
271 --profile="none" Name of profile to capture. One of
274 (none|cpu|heap|goroutine|threadcreate|block|mutex)
275 --profile-output="profile.pprof" Name of the file to write the
278 profile to
279 --referenced-reset-interval=0 Reset interval for referenced bytes
282 (container_referenced_bytes metric), number of measurement cycles after
283 which referenced bytes are cleared, if set to 0 referenced bytes are
284 never cleared (default: 0)
285 --request-timeout="0" The length of time to wait before giving up
288 on a single server request. Non-zero values should contain a corre‐
289 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
290 out requests.
291 -s, --server="" The address and port of the Kubernetes API server
294 --skip-headers=false If true, avoid header prefixes in the log
297 messages
298 --skip-log-headers=false If true, avoid headers when opening log
301 files
302 --stderrthreshold=2 logs at or above this threshold go to stderr
305 --storage-driver-buffer-duration=1m0s Writes in the storage driver
308 will be buffered for this duration, and committed to the non memory
309 backends as a single transaction
310 --storage-driver-db="cadvisor" database name
313 --storage-driver-host="localhost:8086" database host:port
316 --storage-driver-password="root" database password
319 --storage-driver-secure=false use secure connection with database
322 --storage-driver-table="stats" table name
325 --storage-driver-user="root" database username
328 --tls-server-name="" Server name to use for server certificate
331 validation. If it is not provided, the hostname used to contact the
332 server is used
333 --token="" Bearer token for authentication to the API server
336 --update-machine-info-interval=5m0s Interval between machine info
339 updates.
340 --user="" The name of the kubeconfig user to use
343 --username="" Username for basic authentication to the API server
346 -v, --v=0 number for the log level verbosity
349 --version=false Print version information and quit
352 --vmodule= comma-separated list of pattern=N settings for
355 file-filtered logging
356 --warnings-as-errors=false Treat warnings received from the server
359 as errors and exit with a non-zero exit code
360
364 # Update node 'foo' with a taint with key 'dedicated' and value 'special-user' and effect 'NoSchedule'.
365 # If a taint with that key and effect already exists, its value is replaced as specified.
366 kubectl taint nodes foo dedicated=special-user:NoSchedule
367 # Remove from node 'foo' the taint with key 'dedicated' and effect 'NoSchedule' if one exists.
369 kubectl taint nodes foo dedicated:NoSchedule-
370 # Remove from node 'foo' all the taints with key 'dedicated'
372 kubectl taint nodes foo dedicated-
373 # Add a taint with key 'dedicated' on nodes having label mylabel=X
375 kubectl taint node -l myLabel=X dedicated=foo:PreferNoSchedule
376 # Add to node 'foo' a taint with key 'bar' and no value
378 kubectl taint nodes foo bar:NoSchedule
379
384 kubectl(1),
385
389 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
390 com) based on the kubernetes source material, but hopefully they have
391 been automatically generated since!
392Manuals User KUBERNETES(1)(kubernetes)