From 85c39cc34cb1a6096344b739dc976866ce6133a4 Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Thu, 8 Dec 2022 12:24:10 -0800 Subject: [PATCH] fix: add default toleration for all taints (#1371) ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration - An empty `key` with operator `Exists` matches all keys, values and effects which means this will tolerate everything. Signed-off-by: Anish Ramasekar --- manifest_staging/charts/aad-pod-identity/README.md | 2 +- manifest_staging/charts/aad-pod-identity/values.yaml | 7 ++++--- manifest_staging/deploy/infra/deployment-rbac.yaml | 2 ++ manifest_staging/deploy/infra/deployment.yaml | 2 ++ manifest_staging/deploy/infra/managed-mode-deployment.yaml | 2 ++ .../deploy/infra/noazurejson/deployment-rbac.yaml | 2 ++ manifest_staging/deploy/infra/noazurejson/deployment.yaml | 2 ++ 7 files changed, 15 insertions(+), 4 deletions(-) diff --git a/manifest_staging/charts/aad-pod-identity/README.md b/manifest_staging/charts/aad-pod-identity/README.md index 6ad19726e..038aee88d 100755 --- a/manifest_staging/charts/aad-pod-identity/README.md +++ b/manifest_staging/charts/aad-pod-identity/README.md @@ -286,7 +286,7 @@ The following tables list the configurable parameters of the aad-pod-identity ch | `nmi.podAnnotations` | Pod annotations for NMI | `{}` | | `nmi.podLabels` | Pod labels for NMI | `{}` | | `nmi.affinity` | Affinity settings | `{}` | -| `nmi.tolerations` | List of node taints to tolerate | `[]` | +| `nmi.tolerations` | List of node taints to tolerate | `[{"operator": "Exists"}]` | | `nmi.ipTableUpdateTimeIntervalInSeconds` | Override iptables update interval in seconds | `60` | | `nmi.micNamespace` | Override mic namespace to short circuit MIC token requests | If not provided, default is `default` namespace | | `nmi.probePort` | Override http liveliness probe port | If not provided, default is `8085` | diff --git a/manifest_staging/charts/aad-pod-identity/values.yaml b/manifest_staging/charts/aad-pod-identity/values.yaml index 58821b4d4..09a9f5303 100644 --- a/manifest_staging/charts/aad-pod-identity/values.yaml +++ b/manifest_staging/charts/aad-pod-identity/values.yaml @@ -194,9 +194,10 @@ nmi: nodeSelector: kubernetes.io/os: linux - tolerations: [] - # - key: "CriticalAddonsOnly" - # operator: "Exists" + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + ## An empty key with operator Exists matches all keys, values and effects which means this will tolerate everything. + tolerations: + - operator: "Exists" # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity affinity: {} diff --git a/manifest_staging/deploy/infra/deployment-rbac.yaml b/manifest_staging/deploy/infra/deployment-rbac.yaml index a0e3cbc4c..11cc81ac5 100644 --- a/manifest_staging/deploy/infra/deployment-rbac.yaml +++ b/manifest_staging/deploy/infra/deployment-rbac.yaml @@ -518,6 +518,8 @@ spec: port: 8085 initialDelaySeconds: 10 periodSeconds: 5 + tolerations: + - operator: Exists nodeSelector: kubernetes.io/os: linux --- diff --git a/manifest_staging/deploy/infra/deployment.yaml b/manifest_staging/deploy/infra/deployment.yaml index 2a9e9e700..69a7c47c4 100644 --- a/manifest_staging/deploy/infra/deployment.yaml +++ b/manifest_staging/deploy/infra/deployment.yaml @@ -474,6 +474,8 @@ spec: port: 8085 initialDelaySeconds: 10 periodSeconds: 5 + tolerations: + - operator: Exists nodeSelector: kubernetes.io/os: linux --- diff --git a/manifest_staging/deploy/infra/managed-mode-deployment.yaml b/manifest_staging/deploy/infra/managed-mode-deployment.yaml index f07facf7b..818f95a72 100644 --- a/manifest_staging/deploy/infra/managed-mode-deployment.yaml +++ b/manifest_staging/deploy/infra/managed-mode-deployment.yaml @@ -351,5 +351,7 @@ spec: port: 8085 initialDelaySeconds: 10 periodSeconds: 5 + tolerations: + - operator: Exists nodeSelector: kubernetes.io/os: linux diff --git a/manifest_staging/deploy/infra/noazurejson/deployment-rbac.yaml b/manifest_staging/deploy/infra/noazurejson/deployment-rbac.yaml index d4f6466ea..af13bc492 100644 --- a/manifest_staging/deploy/infra/noazurejson/deployment-rbac.yaml +++ b/manifest_staging/deploy/infra/noazurejson/deployment-rbac.yaml @@ -516,6 +516,8 @@ spec: port: 8085 initialDelaySeconds: 10 periodSeconds: 5 + tolerations: + - operator: Exists nodeSelector: kubernetes.io/os: linux --- diff --git a/manifest_staging/deploy/infra/noazurejson/deployment.yaml b/manifest_staging/deploy/infra/noazurejson/deployment.yaml index 732542e79..0d1a0d02e 100644 --- a/manifest_staging/deploy/infra/noazurejson/deployment.yaml +++ b/manifest_staging/deploy/infra/noazurejson/deployment.yaml @@ -472,6 +472,8 @@ spec: port: 8085 initialDelaySeconds: 10 periodSeconds: 5 + tolerations: + - operator: Exists nodeSelector: kubernetes.io/os: linux ---