LinuxCommandLibrary

kubectl-drain

Evict pods from node for maintenance

TLDR

Drain a node

$ kubectl drain [node_name]
copy

Drain a node, ignoring DaemonSet-managed pods
$ kubectl drain [node_name] --ignore-daemonsets
copy

Drain a node and delete pods using emptyDir volumes (local data will be lost)
$ kubectl drain [node_name] --ignore-daemonsets --delete-emptydir-data
copy

Drain a node, forcing eviction of pods not managed by a controller
$ kubectl drain [node_name] --force
copy

Drain a node with a custom grace period for pod termination
$ kubectl drain [node_name] --grace-period [seconds]
copy

Drain a node, evicting only pods that match a label selector
$ kubectl drain [node_name] --pod-selector [label_key]=[label_value]
copy

Drain a node with a timeout
$ kubectl drain [node_name] --timeout [duration]
copy

Preview the drain operation without actually evicting pods (dry run)
$ kubectl drain [node_name] --dry-run=[none|server|client]
copy

SYNOPSIS

kubectl drain <node-name> [--force] [--grace-period=<seconds>] [--timeout=<duration>] [--ignore-daemonsets] [--delete-emptydir-data] [--disable-eviction] [--pod-selector=<selector>] [--dry-run=<mode>]

PARAMETERS

--delete-emptydir-data=false
    Continue despite pods with local emptyDir data.

--disable-eviction=false
    Skip API eviction, use direct DELETE.

--dry-run=client
    Dry run without sending requests (client-side).

--force=false
    Force drain by skipping PDB checks.

--grace-period=-1
    Time to wait before pod termination (seconds).

--ignore-daemonsets=false
    Ignore DaemonSet-managed pods.

--ignore-errors=false
    Continue on per-pod eviction errors.

--pod-selector=""
    Label selector to filter pods for draining.

--timeout=0s
    Max time to complete draining.

DESCRIPTION

The kubectl drain command gracefully prepares a Kubernetes node for maintenance by marking it as unschedulable (cordon) and evicting all pods. It respects Pod Disruption Budgets (PDBs) to ensure minimum availability, terminating pods with a configurable grace period.

Workflow: First, cordons the node to prevent new pods. Then, drains existing pods by issuing deletion requests. DaemonSet pods are ignored by default, and pods using emptyDir volumes trigger warnings unless overridden. Local storage or StatefulSets may require manual handling.

Ideal for node upgrades, repairs, or decommissioning. After maintenance, use kubectl uncordon to resume scheduling. Errors during eviction (e.g., PDB violations) halt unless ignored. Supports dry-runs for testing and selectors for targeted draining.

Ensures cluster stability during disruptions, integrating with Kubernetes APIs for safe operations. (187 words)

CAVEATS

Respects PDBs by default; use --force/--disable-eviction to bypass. Does not delete StatefulSet pods with PVCs. Node must exist and be reachable. Skips static pods.

EXAMPLES

Basic drain: kubectl drain node01
Force with timeout: kubectl drain node01 --force --grace-period=0 --timeout=30s

EXIT CODES

0: Success
1: Errors (e.g., PDB violation, unreachable node)

HISTORY

Introduced in Kubernetes v1.1 (2015) as part of node maintenance tools. Evolved with PDB support in v1.5; enhanced selectors and dry-runs in later releases. Core to Kubernetes ops since adoption.

SEE ALSO

kubectl cordon(1), kubectl uncordon(1), kubectl get(1), kubectl delete(1)

Copied to clipboard