add affinity

b061249b · Kavitha Thulasiraman · b5920ac1 · b061249b · b061249b · b061249b
Commit b061249b authored Mar 29, 2021 by Kavitha Thulasiraman
4 changed files
--- a/chart/templates/twistlock_console.yaml
+++ b/chart/templates/twistlock_console.yaml
@@ -74,6 +74,15 @@ spec:
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+{{- end }}
+    {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
      containers:
      - name: twistlock-console
        image: {{ .Values.console.image.repository }}:{{ .Values.console.image.tag }}

--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -27,3 +27,6 @@ console:
  persistence:
    size: 100Gi
    accessMode: ReadWriteOnce
+nodeSelector: {}
+affinity: {}
--- a/docs/affinity.md
+++ b/docs/affinity.md
+# Affinity
+* [kubernetes affinity ](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)
+Pod constraints for istio operator is implemented following the kubernetes affinity documentation. Istio Operator can constraint a pod using nodeSelector or Affinity/Antti-affinity feature
+## nodeSelector 
+in the values.yaml  add nodeSelector like:
+```
+ nodeSelector:
+    <key>: <values> 
+```
+## nodeAffinity
+in the values of yaml. add nodeaffinity like:
+```
+affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: kubernetes.io/e2e-az-name
+            operator: In
+            values:
+            - e2e-az1
+            - e2e-az2
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 1
+        preference:
+          matchExpressions:
+          - key: another-node-label-key
+            operator: In
+            values:
+            - another-node-label-value
+```
+## podAffinity
+in the values.yaml add pod affinity/antiaffinity like:
+```
+affinity:
+    podAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - labelSelector:
+          matchExpressions:
+          - key: security
+            operator: In
+            values:
+            - S1
+        topologyKey: topology.kubernetes.io/zone
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          labelSelector:
+            matchExpressions:
+            - key: security
+              operator: In
+              values:
+              - S2
+          topologyKey: topology.kubernetes.io/zone
+```
--- a/tests/test-values.yml
+++ b/tests/test-values.yml
@@ -2,7 +2,7 @@ istio:
  enabled: true
 imagePullSecrets:
- name: private-registry-mil
+- name: private-registry
 console:
  persistence: