diff --git a/CHANGELOG.md b/CHANGELOG.md index 93ea1acc433ac39296c3fd3af1603bffa8e143ce..87805a9f0da02a37675d8f2f634be922d8227ccb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), --- +## [0.0.3-bb.3] - 2021-04-05 +### Changed +- Affinity values modified to standardize + ## [0.0.3-bb.2] - 2021-03-31 ### Added - Values passthroughs for affinity and anti-affinity added diff --git a/chart/Chart.yaml b/chart/Chart.yaml index f64111d3f0d507f128cf7706af23ef7cf488275f..6824c662300cd6aa01d1add469731521e7a4a5f1 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v2 name: twistlock -version: 0.0.3-bb.2 +version: 0.0.3-bb.3 appVersion: 20.12.531 diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml index d671f672edd67957a989ba3a6cc9ea0c5971229a..ff9eb7c8eb9cddad64d57d3474891ce62ef6efa2 100644 --- a/chart/templates/deployment.yaml +++ b/chart/templates/deployment.yaml @@ -25,16 +25,13 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- if or .Values.antiAffinity .Values.nodeAffinity }} + {{- if .Values.nodeSelector }} + nodeSelector: + {{ toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} affinity: - {{- with .Values.antiAffinity }} - podAntiAffinity: - {{ toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml . | nindent 10 }} - {{- end }} + {{ toYaml .Values.affinity | nindent 8 }} {{- end }} containers: - name: twistlock-console diff --git a/chart/values.yaml b/chart/values.yaml index 61e8a858d48c7e1293d0e1902396354dfd21fabe..10b51852b9069ae0beebaec787e61f19c8d0e75d 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -28,18 +28,21 @@ console: size: 100Gi accessMode: ReadWriteOnce -antiAffinity: {} - # requiredDuringSchedulingIgnoredDuringExecution: - # - topologyKey: "kubernetes.io/hostname" - # labelSelector: - # matchLabels: - # dont-schedule-with: twistlock +affinity: {} + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - topologyKey: "kubernetes.io/hostname" + # labelSelector: + # matchLabels: + # dont-schedule-with: twistlock" + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: node-type + # operator: In + # values: + # - "twistlock" -nodeAffinity: {} - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: node-type - # operator: In - # values: - # - "twistlock" +nodeSelector: {} + # node-type: twistlock" diff --git a/docs/AFFINITY.md b/docs/AFFINITY.md index f24af8de77913353f0e229a645f1c9dd71917157..7e643ac532500df4f1c4b6ac5d77bf9042db46d2 100644 --- a/docs/AFFINITY.md +++ b/docs/AFFINITY.md @@ -1,33 +1,44 @@ # Node Affinity & Anti-Affinity with Twistlock -Affinity is exposed through values options for Twistlock. If you want to schedule your pods to deploy on specific nodes you can do that through the `nodeAffinity` value and as needed the `antiAffinity` value. Additional info is provided below as well to help in configuring this. +Affinity is exposed through values options for this package. If you want to schedule your pods to deploy on specific nodes you can do that through the `nodeSelector` value and as needed the `affinity` value. Additional info is provided below as well to help in configuring this. It is good to have a basic knowledge of node affinity and available options to you before customizing in this way - the upstream kubernetes documentation [has a good walkthrough of this](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). +## Values for NodeSelector + +The `nodeSelector` value at the top level can be set to do basic node selection for deployments. See the below example for an example to schedule pods to only nodes with the label `node-type` equal to `twistlock`: + +```yaml +nodeSelector: + node-type: twistlock +``` + ## Values for Affinity -The `nodeAffinity` value at the top level for Twistlock should be used to specify affinity. The format to include follows what you'd specify at a pod/deployment level. See the example below for scheduling the operator pods only to nodes with the label `node-type` equal to `operator`: +The `affinity` value at the top level should be used to specify affinity. The format to include follows what you'd specify at a pod/deployment level. See the example below for scheduling the operator pods only to nodes with the label `node-type` equal to `twistlock`: ```yaml -nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-type - operator: In - values: - - operator +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-type + operator: In + values: + - twistlock ``` ## Values for Anti-Affinity -The `antiAffinity` value at the top level for Twistlock can be set in the same way to schedule pods based on anti-affinity. See the below example to schedule Twistlock pods to not be present on the nodes that already have pods with the `dont-schedule-with: twistlock` label. +The `affinity` value at the top level can be set in the same way to schedule pods based on anti-affinity. See the below example to schedule pods to not be present on the nodes that already have pods with the `dont-schedule-with: twistlock` label: ```yaml -antiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: "kubernetes.io/hostname" - labelSelector: - matchLabels: - dont-schedule-with: twistlock +affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: "kubernetes.io/hostname" + labelSelector: + matchLabels: + dont-schedule-with: twistlock ```