Enable PodTolerationRestriction on gcloud k8s cluster

3/21/2019

I have a namespace in k8s with the setting: scheduler.alpha.kubernetes.io/defaultTolerations: '[{"key": "role_va", "operator": "Exists"}]'

If I am not mistaken all pods that are created in this namespace must get this toleration. But the pods don't get it. I read this and understood that I must enable the PodTolerationRestriction controller. How can I do this on gloud?

-- malcolm
google-cloud-platform
kubernetes

1 Answer

3/27/2019

In order to enable PodTolerationRestriction you might be required to set --enable-admission-plugins flag in kube-apiserver configuration. This is according to the official documentation, as by default this plugin is not included in admission controller plugins list.

However, in GKE there is no possibility to adapt any specific flag for the current API server run-time configuration, because Kubernetes cluster engine core components are not exposed to any user purpose actions (related Stackoverflow thread).

Assuming that, you can consider using GCE and bootstrap cluster with any cluster building solutions, depending on your preference, within a particular GCE VM.

-- mk_sta
Source: StackOverflow