Skip to content

Added Anti Affinity when HA is configured #2893

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ihcsim merged 8 commits into from
Jul 18, 2019
Merged

Added Anti Affinity when HA is configured #2893

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
0cbeee5
Added Anti Affinity when HA is configured
Pothulapati Jun 4, 2019
d5e054b
Merge branch 'master' into ha
Pothulapati Jun 13, 2019
6e1ed59
Move check to validate()
Pothulapati Jun 13, 2019
c3b3158
test output with anti-affinity when ha upgrade
Pothulapati Jun 13, 2019
b757429
Merge branch 'master' into ha
Pothulapati Jul 10, 2019
5e7276f
Add anti-affinity to identity deployment
Pothulapati Jul 17, 2019
d9bb911
made host anti-affinity default when ha
Pothulapati Jul 17, 2019
fb96985
define affinity template in a separate file
Pothulapati Jul 18, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions chart/templates/_affinity.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{{- define "pod-affinity" }}
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: {{ .Label }}
operator: In
values:
- {{ .Component }}
topologyKey: failure-domain.beta.kubernetes.io/zone
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: {{ .Label }}
operator: In
values:
- {{ .Component }}
topologyKey: kubernetes.io/hostname
{{- end }}
4 changes: 4 additions & 0 deletions chart/templates/controller.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,4 +131,8 @@ spec:
- name: config
configMap:
name: linkerd-config
{{- if .HighAvailability }}
{{- $local := dict "Label" .ControllerComponentLabel "Component" "controller" }}
{{- include "pod-affinity" $local | nindent 6 }}
{{- end }}
{{end -}}
6 changes: 5 additions & 1 deletion chart/templates/identity.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,10 @@ spec:
name: linkerd-config
- name: identity-issuer
secret:
secretName: linkerd-identity-issuer
secretName: linkerd-identity-issuer
{{- if .HighAvailability }}
{{- $local := dict "Label" .ControllerComponentLabel "Component" "identity" }}
{{- include "pod-affinity" $local | nindent 6 }}
{{- end }}
{{end -}}
{{end -}}
5 changes: 5 additions & 0 deletions chart/templates/proxy_injector.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,11 @@ spec:
- name: tls
secret:
secretName: linkerd-proxy-injector-tls
{{- if .HighAvailability }}
{{- $local := dict "Label" .ControllerComponentLabel "Component" "proxy-injector" }}
{{- include "pod-affinity" $local | nindent 6 }}
{{- end }}

---
kind: Service
apiVersion: v1
Expand Down
4 changes: 4 additions & 0 deletions chart/templates/sp_validator.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,4 +81,8 @@ spec:
- name: tls
secret:
secretName: linkerd-sp-validator-tls
{{- if .HighAvailability }}
{{- $local := dict "Label" .ControllerComponentLabel "Component" "sp-validator" }}
{{- include "pod-affinity" $local | nindent 6 }}
{{- end }}
{{end -}}
4 changes: 4 additions & 0 deletions chart/templates/tap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,4 +71,8 @@ spec:
{{ end -}}
securityContext:
runAsUser: {{.ControllerUID}}
{{- if .HighAvailability }}
{{- $local := dict "Label" .ControllerComponentLabel "Component" "tap" }}
{{- include "pod-affinity" $local | nindent 6 }}
{{- end }}
{{end -}}
3 changes: 3 additions & 0 deletions cli/cmd/install.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ type (
LinkerdNamespaceLabel string
ControllerUID int64
EnableH2Upgrade bool
HighAvailability bool
NoInitContainer bool
WebhookFailurePolicy string
OmitWebhookSideEffects bool
Expand Down Expand Up @@ -606,6 +607,7 @@ func (options *installOptions) buildValuesWithoutIdentity(configs *pb.All) (*ins
ControllerReplicas: options.controllerReplicas,
ControllerLogLevel: options.controllerLogLevel,
ControllerUID: options.controllerUID,
HighAvailability: options.highAvailability,
EnableH2Upgrade: !options.disableH2Upgrade,
NoInitContainer: options.noInitContainer,
WebhookFailurePolicy: "Ignore",
Expand Down Expand Up @@ -701,6 +703,7 @@ func (values *installValues) render(w io.Writer, configs *pb.All) error {
if values.stage == "" || values.stage == controlPlaneStage {
files = append(files, []*chartutil.BufferedFile{
{Name: "templates/_resources.yaml"},
{Name: "templates/_affinity.yaml"},
{Name: "templates/config.yaml"},
{Name: "templates/identity.yaml"},
{Name: "templates/controller.yaml"},
Expand Down
100 changes: 100 additions & 0 deletions cli/cmd/testdata/install_ha_output.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -702,6 +702,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-identity
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- identity
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- identity
topologyKey: kubernetes.io/hostname
containers:
- args:
- identity
Expand Down Expand Up @@ -936,6 +956,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-controller
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- controller
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
containers:
- args:
- public-api
Expand Down Expand Up @@ -1965,6 +2005,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-proxy-injector
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- proxy-injector
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- proxy-injector
topologyKey: kubernetes.io/hostname
containers:
- args:
- proxy-injector
Expand Down Expand Up @@ -2203,6 +2263,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-sp-validator
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- sp-validator
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- sp-validator
topologyKey: kubernetes.io/hostname
containers:
- args:
- sp-validator
Expand Down Expand Up @@ -2414,6 +2494,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-tap
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- tap
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- tap
topologyKey: kubernetes.io/hostname
containers:
- args:
- tap
Expand Down
100 changes: 100 additions & 0 deletions cli/cmd/testdata/install_ha_with_overrides_output.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -702,6 +702,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-identity
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- identity
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- identity
topologyKey: kubernetes.io/hostname
containers:
- args:
- identity
Expand Down Expand Up @@ -936,6 +956,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-controller
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- controller
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
containers:
- args:
- public-api
Expand Down Expand Up @@ -1965,6 +2005,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-proxy-injector
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- proxy-injector
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- proxy-injector
topologyKey: kubernetes.io/hostname
containers:
- args:
- proxy-injector
Expand Down Expand Up @@ -2203,6 +2263,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-sp-validator
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- sp-validator
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- sp-validator
topologyKey: kubernetes.io/hostname
containers:
- args:
- sp-validator
Expand Down Expand Up @@ -2414,6 +2494,26 @@ spec:
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-tap
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- tap
topologyKey: failure-domain.beta.kubernetes.io/zone
weight: 100
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: linkerd.io/control-plane-component
operator: In
values:
- tap
topologyKey: kubernetes.io/hostname
containers:
- args:
- tap
Expand Down
Loading