From 783a2d5289b65f544c0a4ba162c880f034f671bf Mon Sep 17 00:00:00 2001 From: Daniel Lipovetsky Date: Tue, 9 Apr 2019 22:14:12 -0700 Subject: [PATCH] Document workaround for kubeadm Taints field issue (#13343) * Document workaround for kubeadm Taints field issue * Remove trailing whitespace in kubeadm troubleshooting --- .../independent/troubleshooting-kubeadm.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/content/en/docs/setup/independent/troubleshooting-kubeadm.md b/content/en/docs/setup/independent/troubleshooting-kubeadm.md index 9bc6211b00..f0065e477a 100644 --- a/content/en/docs/setup/independent/troubleshooting-kubeadm.md +++ b/content/en/docs/setup/independent/troubleshooting-kubeadm.md @@ -100,7 +100,7 @@ Right after `kubeadm init` there should not be any pods in these states. until you have deployed the network solution. - If you see Pods in the `RunContainerError`, `CrashLoopBackOff` or `Error` state after deploying the network solution and nothing happens to `coredns` (or `kube-dns`), - it's very likely that the Pod Network solution that you installed is somehow broken. + it's very likely that the Pod Network solution that you installed is somehow broken. You might have to grant it more RBAC privileges or use a newer version. Please file an issue in the Pod Network providers' issue tracker and get the issue triaged there. - If you install a version of Docker older than 1.12.1, remove the `MountFlags=slave` option @@ -302,4 +302,20 @@ kubectl -n kube-system patch ds kube-proxy -p='{ "spec": { "template": { "spec": The tracking issue for this problem is [here](https://github.com/kubernetes/kubeadm/issues/1027). +## The NodeRegistration.Taints field is omitted when marshalling kubeadm configuration + +*Note: This [issue](https://github.com/kubernetes/kubeadm/issues/1358) only applies to tools that marshal kubeadm types (e.g. to a YAML configuration file). It will be fixed in kubeadm API v1beta2.* + +By default, kubeadm applies the `role.kubernetes.io/master:NoSchedule` taint to control-plane nodes. +If you prefer kubeadm to not taint the control-plane node, and set `InitConfiguration.NodeRegistration.Taints` to an empty slice, +the field will be omitted when marshalling. When the field is omitted, kubeadm applies the default taint. + +There are at least two workarounds: + +1. Use the `role.kubernetes.io/master:PreferNoSchedule` taint instead of an empty slice. [Pods will get scheduled on masters](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/), unless other nodes have capacity. + +2. Remove the taint after kubeadm init exits: +```bash +kubectl taint nodes NODE_NAME role.kubernetes.io/master:NoSchedule- +``` {{% /capture %}}