Add toleration to fm-rest-api

A toleration needs to be added to all pods since the node-role.kubernetes.io/master taint will be restored to all master nodes. This will ensure that the pod will run on the master node. Test Plan: PASS: After controller node taint application is applied PASS: If controller has no taint application is applied FAIL (expected): After user override removing toleration apply fails PASS: Other taint is added to controller and after user overrides apply succceeds Notes: - Tested in AIO-SX (Both Virt. and Physical Machine) - Tested with taint node-role.kubernetes.io/master:NoSchedule - Tested with taint openstack-compute-node:NoSchedule - Apply fails -> pods pending untolerated taints Story: 2009232 Task: 44116 Depends-On: https://review.opendev.org/c/starlingx/openstack-armada-app/+/813239 Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com> Change-Id: Id51ac972668e57d78218a8c8acbea615857aad1a
2021-10-06 19:15:59 -03:00
parent 4c6bd7423d
commit 1b9f518a4c
8 changed files with 28 additions and 2 deletions
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/deployment.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/deployment.yaml
@@ -75,11 +75,12 @@ spec:
 {{ toYaml .Values.resources | indent 12 }}
      nodeSelector:
        {{ .Values.labels.fm_api.node_selector_key }}: {{ .Values.labels.fm_api.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.fm.enabled }}
+{{ tuple $envAll "fm" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
      affinity:
        {{ tuple $envAll "fm" "fmapi" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
    {{- with .Values.tolerations }}
-      tolerations:
-{{ toYaml . | indent 8 }}
    {{- end }}
      volumes:
        - name: fm-etc
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-db-drop.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-db-drop.yaml
@@ -9,5 +9,8 @@
 {{- if and .Values.manifests.certificates .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
 {{- $_ := set $dbDropJob "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
 {{- end -}}
+{{- if .Values.pod.tolerations.fm.enabled -}}
+{{- $_ := set $dbDropJob "tolerationsEnabled" true -}}
+{{- end -}}
 {{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
 {{- end }}
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-db-init.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-db-init.yaml
@@ -9,5 +9,8 @@
 {{- if and .Values.manifests.certificates .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
 {{- $_ := set $dbInitJob "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
 {{- end -}}
+{{- if .Values.pod.tolerations.fm.enabled -}}
+{{- $_ := set $dbInitJob "tolerationsEnabled" true -}}
+{{- end -}}
 {{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
 {{- end }}
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-db-sync.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-db-sync.yaml
@@ -9,5 +9,8 @@
 {{- if .Values.manifests.certificates -}}
 {{- $_ := set $dbSyncJob "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
 {{- end -}}
+{{- if .Values.pod.tolerations.fm.enabled -}}
+{{- $_ := set $dbSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
 {{ $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }}
 {{- end }}
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-ks-endpoints.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-ks-endpoints.yaml
@@ -9,5 +9,8 @@
 {{- if .Values.manifests.certificates -}}
 {{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.faultmanagement.fm_api.internal -}}
 {{- end -}}
+{{- if .Values.pod.tolerations.fm.enabled -}}
+{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
+{{- end -}}
 {{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
 {{- end }}
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-ks-service.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-ks-service.yaml
@@ -9,5 +9,8 @@
 {{- if .Values.manifests.certificates -}}
 {{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.faultmanagement.fm_api.internal -}}
 {{- end -}}
+{{- if .Values.pod.tolerations.fm.enabled -}}
+{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
+{{- end -}}
 {{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
 {{- end }}
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-ks-user.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/templates/job-ks-user.yaml
@@ -6,6 +6,9 @@

 {{- if .Values.manifests.job_ks_user }}
 {{- $ksUserJob := dict "envAll" . "serviceName" "fm" -}}
+{{- if .Values.pod.tolerations.fm.enabled -}}
+{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
+{{- end -}}
 {{- if .Values.manifests.certificates -}}
 {{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.faultmanagement.fm_api.internal -}}
 {{- end -}}
--- a/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/values.yaml
+++ b/fm-rest-api/fm-rest-api/helm-charts/fm-rest-api/values.yaml
@@ -283,6 +283,13 @@ pod:
        default: preferredDuringSchedulingIgnoredDuringExecution
      topologyKey:
        default: kubernetes.io/hostname
+  tolerations:
+    fm:
+      enabled: false
+      tolerations:
+      - key: node-role.kubernetes.io/master
+        operator: Exists
+        effect: NoSchedule
  mounts:
    fm_rest_api:
      init_container: null