FAQ

Why is there no latest tag on Docker Hub?

Use of latest for production deployments is bad practice - see here for details. The manifest on main refers to latest for local development testing with minikube only; for production use choose a versioned manifest from the release page.

Make kured run on control-plane with taint

In a cluster setup your control-plane might have taints that block the kured deployment.

To get the taints of your cluster node you can run the following commands:

kubectl get nodes ${NODENAME} -o json | jq .spec.taints

Alternativly you can also use VS Code to read the whole yaml (or json):

kubectl get nodes ${NODENAME} -o yaml | code -

or use the describe command:

kubectl describe nodes ${NODENAME}

In this example the control-plane nodes have the following taint:

JSON:

[
  {
    "effect": "NoExecute",
    "key": "CriticalAddonsOnly",
    "value": "true"
  }
]

YAML:

taints:
  - effect: NoExecute
    key: CriticalAddonsOnly
    value: "true"

In order to make kured run on these nodes as well we will need to edit the daemonset of the deployment.

You can get a full deployment file by running the followig command:

# while writing latest is 1.14.0
latest=$(curl -s https://api.github.com/repos/kubereboot/kured/releases | jq -r '.[0].tag_name')
wget "https://github.com/kubereboot/kured/releases/download/$latest/kured-$latest-dockerhub.yaml"

In the kured-1.14.0-dockerhub.yaml the daemonset has the following tolerations:

tolerations:
    - key: node-role.kubernetes.io/control-plane
        effect: NoSchedule
    - key: node-role.kubernetes.io/master
        effect: NoSchedule

In the docs about taint and toleration you an read up about the concept.

In Order to tollerate kured on the tainted nodes change this section into:

tolerations:
    - key: CriticalAddonsOnly
        operator: Exists

after applying the kured-1.14.0-dockerhub.yaml file you can check the number of pods with:

kubectl -n kube-system get daemonsets/kured