Practice the vocabulary of reserving a specialized node for only the workloads meant to run there.
0 / 5 completed
1 / 5
At standup, a dev mentions marking a node so the scheduler won't place an ordinary pod on it unless that pod explicitly declares it can tolerate the marking. What is this Kubernetes mechanism called?
A node taint paired with a pod toleration marks a node so the scheduler won't place an ordinary pod on it unless that pod explicitly declares it can tolerate the taint's marking. A resource limit constrains how much CPU or memory a pod can request, which is an entirely separate concern from whether the scheduler considers a node eligible in the first place. This taint-and-toleration mechanism is what lets a team reserve a specialized node, like one with a GPU, for only the workloads meant to run there.
2 / 5
During a design review, the team wants a taint that not only repels a new pod without a matching toleration but also evicts an already-running pod from that node if the taint is added afterward. Which capability supports this?
The NoExecute taint effect not only repels a newly scheduled pod without a matching toleration but also evicts an already-running pod from that node if the taint is added afterward. A taint effect that only ever repels new scheduling decisions leaves an existing pod running on a node that's since been marked as unsuitable. This eviction behavior is what lets NoExecute enforce a taint's intent even against a pod that was already placed before the taint existed.
3 / 5
In a code review, a dev notices a toleration is scoped to match a specific taint's key, value, and effect exactly, rather than tolerating every taint present on a node indiscriminately. What does this represent?
Precise toleration matching against a specific taint's key, value, and effect ensures a pod only bypasses the exact taint it's meant to tolerate, not every taint that happens to be present on a node. Configuring a toleration that matches indiscriminately would let a pod land on a node tainted for an entirely unrelated reason. This precision is what keeps taints and tolerations a meaningful, targeted scheduling constraint rather than an easily bypassed one.
4 / 5
An incident report shows a batch of ordinary application pods was accidentally scheduled onto a specialized, GPU-reserved node because those pods carried an overly broad toleration that matched the node's taint even though they had no actual need for a GPU. What practice would prevent this?
Scoping each pod's toleration precisely to only the specific taint it genuinely needs to tolerate prevents it from accidentally matching an unrelated taint and landing on a node it has no real business running on. Adding a broad, catch-all toleration to every pod is exactly what let ordinary application pods land on the GPU-reserved node in this incident. This precise scoping is essential to keeping a specialized node genuinely reserved for the workloads that actually need it.
5 / 5
During a PR review, a teammate asks why the team taints a specialized GPU node instead of just relying on a resource request to naturally steer the scheduler toward placing only GPU workloads there. What is the reasoning?
A resource request only affects how much of a resource, like memory or GPU count, a pod consumes on a node, but doesn't stop an ordinary pod with no GPU request from still being scheduled there if capacity happens to be free. A taint actively repels an ordinary pod unless it explicitly declares a matching toleration, reserving the node far more deliberately. The tradeoff is the added configuration overhead of applying the correct toleration to every pod that's genuinely meant to run on the tainted node.