Applying updates to existing node pools


This page provides instructions on how to dynamically update the network tags, node labels and node taints of an existing Google Kubernetes Engine (GKE) node pool.

Overview

Network tags are metadata on Compute Engine VMs that allow you to make firewall rules and routes applicable to specific VM instances. Node taints and labels are in the object metadata of Kubernetes nodes. Labels are used to schedule Pods on particular nodes, where taints can be used to steer Pods away from them.

Using the Kubernetes Engine API, you can apply updates on the network tags, node labels, and node taints of an existing GKE node pool without needing to recreate the node pool or disrupt running workloads. The updated node pool configuration is preserved in GKE, so that future node pool upgrades and new node provisions in the node pool will use the new configuration.

Limitations

There are some limitations for using the Kubernetes Engine API to dynamically update node pool configs:

  • The version for the node pool must be later than 1.19.7-gke.1500.
  • Updates for node taints and labels cannot be used on node pools that have autoscaling enabled. As a workaround, you can first disable autoscaling on the node pool before trying to update the node pool labels or taints. After the labels or taints are updated, re-enable autoscaling. If you are only updating network tags, autoscaling does not need to be disabled.

Updating network tags

To update network tags for your node pools, use the following command:

gcloud beta container node-pools update NODEPOOL_NAME \
    --tags=TAG1,[TAG2,...] \
    [--cluster=CLUSTER_NAME] [--region=REGION | --zone=ZONE]
    [GCLOUD_WIDE_FLAG …]

Replace the following:

  • NODEPOOL_NAME: the name of the node pool to update.
  • TAG1,[TAG2,...]: the desired new tag values.
  • CLUSTER_NAME: the name of the cluster.
  • REGION: the Compute Engine region for the cluster.
  • ZONE: the Compute Engine zone for the cluster.

Updating node labels

To update node labels for a node pool, use the following command:

gcloud beta container node-pools update NODEPOOL_NAME \
    --node-labels=[NODE_LABEL,...] \
    [--cluster=CLUSTER_NAME] [--region=REGION | --zone=ZONE]
    [GCLOUD_WIDE_FLAG …]

Replace the following:

  • NODEPOOL_NAME: the name of the node pool to update.
  • [NODE_LABEL,...]: the desired new node labels (for example, label1=value1,label2=value2).
  • CLUSTER_NAME: the name of the cluster.
  • REGION: the Compute Engine region for the cluster.
  • ZONE: the Compute Engine zone for the cluster.

Updating node taints

To update node taints for a node pool, use the following command:

gcloud beta container node-pools update NODEPOOL_NAME \
    --node-taints=[NODE_TAINT,...] \
    [--cluster=CLUSTER_NAME] [--region=REGION | --zone=ZONE]
    [GCLOUD_WIDE_FLAG …]

Replace the following:

  • NODEPOOL_NAME: the name of the node pool to update.
  • [NODE_TAINT,...]: the desired new node taints (for example, key1=val1:NoSchedule,key2=val2:PreferNoSchedule).
  • CLUSTER_NAME: the name of the cluster.
  • REGION: the Compute Engine region for the cluster.
  • ZONE: the Compute Engine zone for the cluster.

What's next