Version 1.10. This version is no longer supported. For information about how to upgrade to version 1.11, seeUpgrading Anthos on bare metalin the 1.11 documentation. For more information about supported and unsupported versions, see theVersion historypage in the latest documentation.
When you need to repair or maintain nodes, you should first put the nodes into
maintenance mode. Putting nodes into maintenance mode safely drains their
pods/workloads and excludes the nodes from pod scheduling. In maintenance mode,
you can work on your nodes without a risk of disrupting pod traffic.
Google Distributed Cloud provides a way to place nodes into maintenance mode. This
approach lets other cluster components correctly know that the node is in
maintenance mode. When you place a node in maintenance mode, no additional pods
can be scheduled on the node, and existing pods are stopped.
Instead of using maintenance mode, you can manually use Kubernetes commands such
askubectl cordonandkubectl drainon a specific node. If you run
Google Distributed Cloud version 1.12.0 (anthosBareMetalVersion: 1.12.0) or
lower, see the known issue onNodes uncordoned if you don't use the maintenance mode procedure.
Choose the nodes you want to put into maintenance mode by specifying IP ranges
for the selected nodes undermaintenanceBlocksin your cluster configuration
file. The nodes you choose must be in a ready state, and functioning in the
cluster.
To put nodes into maintenance mode:
Edit the cluster configuration file to select the nodes you want to put into
maintenance mode.
You can edit the configuration file with an editor of your choice, or you
can edit the cluster custom resource directly by running the following
command:
kubectl-nCLUSTER_NAMESPACEeditclusterCLUSTER_NAME
Replace the following:
CLUSTER_NAMESPACE: the namespace of the cluster.
CLUSTER_NAME: the name of the cluster.
Add themaintenanceBlockssection to the cluster configuration file to
specify either a single IP address, or an address range, for nodes you want
to put into maintenance mode.
The following sample shows how to select multiple nodes by specifying a
range of IP addresses:
ThisUNDERMAINTENANCEcolumn in this sample shows that one node is in
maintenance mode.
Google Distributed Cloud also adds the following taints to nodes when they are
put into maintenance mode:
baremetal.cluster.gke.io/maintenance:NoExecute
baremetal.cluster.gke.io/maintenance:NoSchedule
To remove nodes from maintenance mode:
Edit the cluster configuration file to clear the nodes you want to remove
from maintenance mode.
You can edit the configuration file with an editor of your choice, or you
can edit the cluster custom resource directly by running the following
command:
kubectl-nCLUSTER_NAMESPACEeditclusterCLUSTER_NAME
Replace the following:
CLUSTER_NAMESPACE: the namespace of the cluster.
CLUSTER_NAME: the name of the cluster.
Either edit the IP addresses to remove specific nodes from maintenance mode
or remove themaintenanceBlockssection remove all does from maintenance
mode.
Save and apply the updated cluster configuration.
Usekubectlcommands to check the status of your nodes.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eMaintenance mode in Google Distributed Cloud allows for safe node repair and maintenance by draining pods and preventing new pod scheduling on selected nodes.\u003c/p\u003e\n"],["\u003cp\u003eNodes are placed into maintenance mode by specifying their IP addresses or ranges in the \u003ccode\u003emaintenanceBlocks\u003c/code\u003e section of the cluster configuration file.\u003c/p\u003e\n"],["\u003cp\u003eThe status \u003ccode\u003eSchedulingDisabled\u003c/code\u003e in the \u003ccode\u003ekubectl get nodes\u003c/code\u003e output, along with the \u003ccode\u003eUNDERMAINTENANCE\u003c/code\u003e column in \u003ccode\u003ekubectl get nodepools\u003c/code\u003e, indicates that a node is in maintenance mode.\u003c/p\u003e\n"],["\u003cp\u003eNodes in maintenance mode have the taints \u003ccode\u003ebaremetal.cluster.gke.io/maintenance:NoExecute\u003c/code\u003e and \u003ccode\u003ebaremetal.cluster.gke.io/maintenance:NoSchedule\u003c/code\u003e applied.\u003c/p\u003e\n"],["\u003cp\u003eRemoving nodes from maintenance mode involves editing the cluster configuration file to either remove their IP from the \u003ccode\u003emaintenanceBlocks\u003c/code\u003e list or remove the \u003ccode\u003emaintenanceBlocks\u003c/code\u003e section entirely, and then saving and applying the changes.\u003c/p\u003e\n"]]],[],null,["# Put nodes into maintenance mode\n\n\u003cbr /\u003e\n\nWhen you need to repair or maintain nodes, you should first put the nodes into\nmaintenance mode. Putting nodes into maintenance mode safely drains their\npods/workloads and excludes the nodes from pod scheduling. In maintenance mode,\nyou can work on your nodes without a risk of disrupting pod traffic.\n\nGoogle Distributed Cloud provides a way to place nodes into maintenance mode. This\napproach lets other cluster components correctly know that the node is in\nmaintenance mode. When you place a node in maintenance mode, no additional pods\ncan be scheduled on the node, and existing pods are stopped.\n\nInstead of using maintenance mode, you can manually use Kubernetes commands such\nas `kubectl cordon` and `kubectl drain` on a specific node. If you run\nGoogle Distributed Cloud version 1.12.0 (`anthosBareMetalVersion: 1.12.0`) or\nlower, see the known issue on\n[Nodes uncordoned if you don't use the maintenance mode procedure](/anthos/clusters/docs/bare-metal/1.10/troubleshooting/known-issues#uncordoned-nodes).\n\nChoose the nodes you want to put into maintenance mode by specifying IP ranges\nfor the selected nodes under `maintenanceBlocks` in your cluster configuration\nfile. The nodes you choose must be in a ready state, and functioning in the\ncluster.\n\nTo put nodes into maintenance mode:\n\n1. Edit the cluster configuration file to select the nodes you want to put into\n maintenance mode.\n\n You can edit the configuration file with an editor of your choice, or you\n can edit the cluster custom resource directly by running the following\n command: \n\n kubectl -n \u003cvar translate=\"no\"\u003eCLUSTER_NAMESPACE\u003c/var\u003e edit cluster \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eCLUSTER_NAMESPACE\u003c/var\u003e: the namespace of the cluster.\n - \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e: the name of the cluster.\n2. Add the `maintenanceBlocks` section to the cluster configuration file to\n specify either a single IP address, or an address range, for nodes you want\n to put into maintenance mode.\n\n The following sample shows how to select multiple nodes by specifying a\n range of IP addresses: \n\n metadata:\n name: my-cluster\n namespace: cluster-my-cluster\n spec:\n maintenanceBlocks:\n cidrBlocks:\n - 172.16.128.1-172.16.128.64\n\n3. Save and apply the updated cluster configuration.\n\n Google Distributed Cloud starts putting the nodes into maintenance mode.\n4. Run the following command to get the status of the nodes in your cluster:\n\n kubectl get nodes -n \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e\n\n The response is something like the following: \n\n NAME STATUS ROLES AGE VERSION\n user-anthos-baremetal-01 Ready master 2d22h v1.17.8-gke.16\n user-anthos-baremetal-04 Ready <none> 2d22h v1.17.8-gke.16\n user-anthos-baremetal-05 Ready,SchedulingDisabled <none> 2d22h v1.17.8-gke.16\n user-anthos-baremetal-06 Ready <none> 2d22h v1.17.8-gke.16\n\n A status of `SchedulingDisabled` indicates that a node is in maintenance\n mode.\n5. Run the following command to get the number of nodes in maintenance mode:\n\n kubectl get nodepools\n\n The response should look something like the following output: \n\n NAME READY RECONCILING STALLED UNDERMAINTENANCE UNKNOWN\n np1 3 0 0 1 0\n\n This `UNDERMAINTENANCE` column in this sample shows that one node is in\n maintenance mode.\n\n Google Distributed Cloud also adds the following taints to nodes when they are\n put into maintenance mode:\n - `baremetal.cluster.gke.io/maintenance:NoExecute`\n - `baremetal.cluster.gke.io/maintenance:NoSchedule`\n\nTo remove nodes from maintenance mode:\n\n1. Edit the cluster configuration file to clear the nodes you want to remove\n from maintenance mode.\n\n You can edit the configuration file with an editor of your choice, or you\n can edit the cluster custom resource directly by running the following\n command: \n\n kubectl -n \u003cvar translate=\"no\"\u003eCLUSTER_NAMESPACE\u003c/var\u003e edit cluster \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eCLUSTER_NAMESPACE\u003c/var\u003e: the namespace of the cluster.\n - \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e: the name of the cluster.\n2. Either edit the IP addresses to remove specific nodes from maintenance mode\n or remove the `maintenanceBlocks` section remove all does from maintenance\n mode.\n\n3. Save and apply the updated cluster configuration.\n\n4. Use `kubectl` commands to check the status of your nodes."]]
