This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 73%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
Hi all,
Currently we are using AKS v1.22.6 where we have 2 node pools configured with 1 system mode and 1 user mode. As we understood from the document, System mode is capable of hosting both system pods and user pods(in other words application pods) whereas, User mode is only accepts the user pods/application pods. Please do correct me if I am wrong.
Question here is, on what ground AKS is segregating the system/pods/application pods and make them running on respective node pools(system and user mode).
For instance: Kube-system pods will only run under "system" node pool, and some webserver pods running under "User" node pool.
Thanks in advance.
Hello @Vignesh Murugan ,
Thank you for reaching out to the Microsoft Q&A platform. Happy to answer your question. Your understanding is correct for system mode and user mode nodepools.
Differences discussed here Use system node pools in Azure Kubernetes Service (AKS) - Azure Kubernetes Service | Microsoft Learn
While I don’t have clear explaination on what dictactes scheduling preferences of pods in AKS for the two nodepools. Users can explicitly make system nodepools dedicated for system pods with this –
On System nodepool, AKS automatically assigns the label kubernetes.azure.com/mode: system to its nodes. This causes AKS to prefer scheduling system pods on node pools that contain this label. This label does not prevent you from scheduling application pods on system node pools. However, we recommend you isolate critical system pods from your application pods to prevent misconfigured or rogue application pods from accidentally killing system pods. You can enforce this behavior by creating a dedicated system node pool. Use the CriticalAddonsOnly=true:NoSchedule taint to prevent application pods from being scheduled on system node pools.
You can explicitly deploy a Pod to a specific node pool by setting any of the below:
This forces a Pod to run only on nodes in that node pool. For more example see, Deploying a Pod to a specific node pool
Please "Accept as Answer" and Upvote if the answer provided is useful, so that you can help others in the community looking for remediation for similar issues.