1KUBERNETES(1)(kubernetes) KUBERNETES(1)(kubernetes)
2Eric Paris Jan 2015
6
9 kubectl taint - Update the taints on one or more nodes
10
14 kubectl taint [OPTIONS]
15
19 Update the taints on one or more nodes.
20 • A taint consists of a key, value, and effect. As an argument
23 here, it is expressed as key=value:effect.
24 • The key must begin with a letter or number, and may contain
26 letters, numbers, hyphens, dots, and underscores, up to 253
27 characters.
28 • Optionally, the key can begin with a DNS subdomain prefix and
30 a single '/', like example.com/my-app
31 • The value is optional. If given, it must begin with a letter
33 or number, and may contain letters, numbers, hyphens, dots,
34 and underscores, up to 63 characters.
35 • The effect must be NoSchedule, PreferNoSchedule or NoExecute.
37 • Currently taint can only apply to node.
39
44 --all=false Select all nodes in the cluster
45 --allow-missing-template-keys=true If true, ignore any errors in
48 templates when a field or map key is missing in the template. Only ap‐
49 plies to golang and jsonpath output formats.
50 --dry-run="none" Must be "none", "server", or "client". If client
53 strategy, only print the object that would be sent, without sending it.
54 If server strategy, submit server-side request without persisting the
55 resource.
56 --field-manager="kubectl-taint" Name of the manager used to track
59 field ownership.
60 -o, --output="" Output format. One of: json|yaml|name|go-tem‐
63 plate|go-template-file|template|templatefile|jsonpath|json‐
64 path-as-json|jsonpath-file.
65 --overwrite=false If true, allow taints to be overwritten, other‐
68 wise reject taint updates that overwrite existing taints.
69 -l, --selector="" Selector (label query) to filter on, supports
72 '=', '==', and '!='.(e.g. -l key1=value1,key2=value2)
73 --show-managed-fields=false If true, keep the managedFields when
76 printing objects in JSON or YAML format.
77 --template="" Template string or path to template file to use when
80 -o=go-template, -o=go-template-file. The template format is golang tem‐
81 plates [http://golang.org/pkg/text/template/#pkg-overview].
82 --validate=true If true, use a schema to validate the input before
85 sending it
86
90 --add-dir-header=false If true, adds the file directory to the
91 header of the log messages
92 --alsologtostderr=false log to standard error as well as files
95 --application-metrics-count-limit=100 Max number of application
98 metrics to store (per container)
99 --as="" Username to impersonate for the operation
102 --as-group=[] Group to impersonate for the operation, this flag
105 can be repeated to specify multiple groups.
106 --azure-container-registry-config="" Path to the file containing
109 Azure container registry configuration information.
110 --boot-id-file="/proc/sys/kernel/random/boot_id" Comma-separated
113 list of files to check for boot-id. Use the first one that exists.
114 --cache-dir="/builddir/.kube/cache" Default cache directory
117 --certificate-authority="" Path to a cert file for the certificate
120 authority
121 --client-certificate="" Path to a client certificate file for TLS
124 --client-key="" Path to a client key file for TLS
127 --cloud-provider-gce-l7lb-src-cidrs=130.211.0.0/22,35.191.0.0/16
130 CIDRs opened in GCE firewall for L7 LB traffic proxy health
131 checks
132 --cloud-provider-gce-lb-src-cidrs=130.211.0.0/22,209.85.152.0/22,209.85.204.0/22,35.191.0.0/16
135 CIDRs opened in GCE firewall for L4 LB traffic proxy health
136 checks
137 --cluster="" The name of the kubeconfig cluster to use
140 --container-hints="/etc/cadvisor/container_hints.json" location of
143 the container hints file
144 --containerd="/run/containerd/containerd.sock" containerd endpoint
147 --containerd-namespace="k8s.io" containerd namespace
150 --context="" The name of the kubeconfig context to use
153 --default-not-ready-toleration-seconds=300 Indicates the tolera‐
156 tionSeconds of the toleration for notReady:NoExecute that is added by
157 default to every pod that does not already have such a toleration.
158 --default-unreachable-toleration-seconds=300 Indicates the tolera‐
161 tionSeconds of the toleration for unreachable:NoExecute that is added
162 by default to every pod that does not already have such a toleration.
163 --disable-root-cgroup-stats=false Disable collecting root Cgroup
166 stats
167 --docker="unix:///var/run/docker.sock" docker endpoint
170 --docker-env-metadata-whitelist="" a comma-separated list of envi‐
173 ronment variable keys matched with specified prefix that needs to be
174 collected for docker containers
175 --docker-only=false Only report docker containers in addition to
178 root stats
179 --docker-root="/var/lib/docker" DEPRECATED: docker root is read
182 from docker info (this is a fallback, default: /var/lib/docker)
183 --docker-tls=false use TLS to connect to docker
186 --docker-tls-ca="ca.pem" path to trusted CA
189 --docker-tls-cert="cert.pem" path to client certificate
192 --docker-tls-key="key.pem" path to private key
195 --enable-load-reader=false Whether to enable cpu load reader
198 --event-storage-age-limit="default=0" Max length of time for which
201 to store events (per type). Value is a comma separated list of key val‐
202 ues, where the keys are event types (e.g.: creation, oom) or "default"
203 and the value is a duration. Default is applied to all non-specified
204 event types
205 --event-storage-event-limit="default=0" Max number of events to
208 store (per type). Value is a comma separated list of key values, where
209 the keys are event types (e.g.: creation, oom) or "default" and the
210 value is an integer. Default is applied to all non-specified event
211 types
212 --global-housekeeping-interval=1m0s Interval between global house‐
215 keepings
216 --housekeeping-interval=10s Interval between container housekeep‐
219 ings
220 --insecure-skip-tls-verify=false If true, the server's certificate
223 will not be checked for validity. This will make your HTTPS connections
224 insecure
225 --kubeconfig="" Path to the kubeconfig file to use for CLI re‐
228 quests.
229 --log-backtrace-at=:0 when logging hits line file:N, emit a stack
232 trace
233 --log-cadvisor-usage=false Whether to log the usage of the cAdvi‐
236 sor container
237 --log-dir="" If non-empty, write log files in this directory
240 --log-file="" If non-empty, use this log file
243 --log-file-max-size=1800 Defines the maximum size a log file can
246 grow to. Unit is megabytes. If the value is 0, the maximum file size is
247 unlimited.
248 --log-flush-frequency=5s Maximum number of seconds between log
251 flushes
252 --logtostderr=true log to standard error instead of files
255 --machine-id-file="/etc/machine-id,/var/lib/dbus/machine-id"
258 Comma-separated list of files to check for machine-id. Use the
259 first one that exists.
260 --match-server-version=false Require server version to match
263 client version
264 -n, --namespace="" If present, the namespace scope for this CLI
267 request
268 --one-output=false If true, only write logs to their native sever‐
271 ity level (vs also writing to each lower severity level)
272 --password="" Password for basic authentication to the API server
275 --profile="none" Name of profile to capture. One of
278 (none|cpu|heap|goroutine|threadcreate|block|mutex)
279 --profile-output="profile.pprof" Name of the file to write the
282 profile to
283 --referenced-reset-interval=0 Reset interval for referenced bytes
286 (container_referenced_bytes metric), number of measurement cycles after
287 which referenced bytes are cleared, if set to 0 referenced bytes are
288 never cleared (default: 0)
289 --request-timeout="0" The length of time to wait before giving up
292 on a single server request. Non-zero values should contain a corre‐
293 sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
294 out requests.
295 -s, --server="" The address and port of the Kubernetes API server
298 --skip-headers=false If true, avoid header prefixes in the log
301 messages
302 --skip-log-headers=false If true, avoid headers when opening log
305 files
306 --stderrthreshold=2 logs at or above this threshold go to stderr
309 --storage-driver-buffer-duration=1m0s Writes in the storage driver
312 will be buffered for this duration, and committed to the non memory
313 backends as a single transaction
314 --storage-driver-db="cadvisor" database name
317 --storage-driver-host="localhost:8086" database host:port
320 --storage-driver-password="root" database password
323 --storage-driver-secure=false use secure connection with database
326 --storage-driver-table="stats" table name
329 --storage-driver-user="root" database username
332 --tls-server-name="" Server name to use for server certificate
335 validation. If it is not provided, the hostname used to contact the
336 server is used
337 --token="" Bearer token for authentication to the API server
340 --update-machine-info-interval=5m0s Interval between machine info
343 updates.
344 --user="" The name of the kubeconfig user to use
347 --username="" Username for basic authentication to the API server
350 -v, --v=0 number for the log level verbosity
353 --version=false Print version information and quit
356 --vmodule= comma-separated list of pattern=N settings for
359 file-filtered logging
360 --warnings-as-errors=false Treat warnings received from the server
363 as errors and exit with a non-zero exit code
364
368 # Update node 'foo' with a taint with key 'dedicated' and value 'special-user' and effect 'NoSchedule'.
369 # If a taint with that key and effect already exists, its value is replaced as specified.
370 kubectl taint nodes foo dedicated=special-user:NoSchedule
371 # Remove from node 'foo' the taint with key 'dedicated' and effect 'NoSchedule' if one exists.
373 kubectl taint nodes foo dedicated:NoSchedule-
374 # Remove from node 'foo' all the taints with key 'dedicated'
376 kubectl taint nodes foo dedicated-
377 # Add a taint with key 'dedicated' on nodes having label mylabel=X
379 kubectl taint node -l myLabel=X dedicated=foo:PreferNoSchedule
380 # Add to node 'foo' a taint with key 'bar' and no value
382 kubectl taint nodes foo bar:NoSchedule
383
388 kubectl(1),
389
393 January 2015, Originally compiled by Eric Paris (eparis at redhat dot
394 com) based on the kubernetes source material, but hopefully they have
395 been automatically generated since!
396Manuals User KUBERNETES(1)(kubernetes)