Skip to content

Commit

Permalink
feat(helm): Add support for nodeSelectors, tolerations, and topologyS… (
Browse files Browse the repository at this point in the history 
#559)

feat(helm): Add support for nodeSelectors, tolerations, and topologySpreadConstraints
  • Loading branch information
@jonstacks
jonstacks authored Dec 19, 2024
1 parent 7905148 commit 5e5c0b8
Show file tree
Hide file tree
Showing 9 changed files with 264 additions and 17 deletions.
13 changes: 11 additions & 2 deletions helm/ngrok-operator/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ To uninstall the chart:
| `commonLabels` | Labels to add to all deployed objects | `{}` |
| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
| `oneClickDemoMode` | If true, then the operator will startup without required fields or API registration, become Ready, but not actually be running | `false` |
| `podAnnotations` | Custom pod annotations to apply to all pods. | `{}` |
| `podLabels` | Custom pod labels to apply to all pods. | `{}` |

### Image configuration

Expand Down Expand Up @@ -70,15 +72,16 @@ To uninstall the chart:

| Name | Description | Value |
| ------------------------------------ | ----------------------------------------------------------------------------------------- | ------- |
| `podAnnotations` | Custom pod annotations to apply to all pods. | `{}` |
| `podLabels` | Custom pod labels to apply to all pods. | `{}` |
| `replicaCount` | The number of controllers to run. | `1` |
| `affinity` | Affinity for the controller pod assignment | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` |
| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` |
| `nodeSelector` | Node labels for manager pod(s) | `{}` |
| `tolerations` | Tolerations for manager pod(s) | `[]` |
| `topologySpreadConstraints` | Topology Spread Constraints for manager pod(s) | `[]` |
| `priorityClassName` | Priority class for pod scheduling | `""` |
| `lifecycle` | an object containing lifecycle configuration | `{}` |
| `podDisruptionBudget.create` | Enable a Pod Disruption Budget creation | `false` |
Expand Down Expand Up @@ -134,6 +137,9 @@ To uninstall the chart:
| `agent.serviceAccount.create` | Specifies whether a ServiceAccount should be created for the agent. | `true` |
| `agent.serviceAccount.name` | The name of the ServiceAccount to use for the agent. | `""` |
| `agent.serviceAccount.annotations` | Additional annotations to add to the agent ServiceAccount | `{}` |
| `agent.tolerations` | Tolerations for the agent pod(s) | `[]` |
| `agent.nodeSelector` | Node labels for the agent pod(s) | `{}` |
| `agent.topologySpreadConstraints` | Topology Spread Constraints for the agent pod(s) | `[]` |

### Kubernetes Gateway feature configuration

Expand All @@ -157,6 +163,9 @@ To uninstall the chart:
| `bindings.forwarder.serviceAccount.create` | Specifies whether a ServiceAccount should be created for the bindings forwarder pod(s). | `true` |
| `bindings.forwarder.serviceAccount.name` | The name of the ServiceAccount to use for the bindings forwarder pod(s). | `""` |
| `bindings.forwarder.serviceAccount.annotations` | Additional annotations to add to the bindings-forwarder ServiceAccount | `{}` |
| `bindings.forwarder.tolerations` | Tolerations for the bindings forwarder pod(s) | `[]` |
| `bindings.forwarder.nodeSelector` | Node labels for the bindings forwarder pod(s) | `{}` |
| `bindings.forwarder.topologySpreadConstraints` | Topology Spread Constraints for the bindings forwarder pod(s) | `[]` |
| `bindings.ngrokCA` | The ngrok intermediate CA certificate to use for verifyng self-signed TLS certs from ngrok | `-----BEGIN CERTIFICATE-----
MIIDwjCCAqqgAwIBAgIUZqF2AkB17pISojTndgc2U5BDt7wwDQYJKoZIhvcNAQEL
BQAwbzEQMA4GA1UEAwwHUm9vdCBDQTENMAsGA1UECwwEcHJvZDESMBAGA1UECgwJ
Expand Down
12 changes: 12 additions & 0 deletions helm/ngrok-operator/templates/agent/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,18 @@ spec:
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" $component "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- with $agent.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{ with $agent.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $agent.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "ngrok-operator.agent.serviceAccountName" . }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
Expand Down
12 changes: 12 additions & 0 deletions helm/ngrok-operator/templates/bindings-forwarder/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,18 @@ spec:
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" $component "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- with $forwarder.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{ with $forwarder.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $forwarder.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "ngrok-operator.bindings.forwarder.serviceAccountName" . }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
Expand Down
12 changes: 12 additions & 0 deletions helm/ngrok-operator/templates/controller-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,18 @@ spec:
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" $component "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{ with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "ngrok-operator.serviceAccountName" . }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
Expand Down
42 changes: 42 additions & 0 deletions helm/ngrok-operator/tests/agent/deployment_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,45 @@ tests:
content:
labelKey1: labelValue1
labelKey2: labelValue2
- it: Supports selecting which nodes the agent should run on with node selectors
set:
agent:
nodeSelector: &nodeSelector
disktype: ssd
template: agent/deployment.yaml
asserts:
- equal:
path: spec.template.spec.nodeSelector
value: *nodeSelector
- it: Supports setting tolerations on the agent pods
set:
agent:
tolerations:
- &toleration
key: "key1"
operator: "Equal"
value: "value1"
effect: "NoSchedule"
template: agent/deployment.yaml
asserts:
- contains:
path: spec.template.spec.tolerations
content: *toleration
- it: Supports setting topologySpreadConstraints on the agent pods
set:
agent:
topologySpreadConstraints:
- &tsc
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app: foo
matchLabelKeys:
- pod-template-hash
template: agent/deployment.yaml
asserts:
- contains:
path: spec.template.spec.topologySpreadConstraints
content: *tsc
45 changes: 45 additions & 0 deletions helm/ngrok-operator/tests/bindings-forwarder/deployment_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,3 +43,48 @@ tests:
content:
labelKey1: labelValue1
labelKey2: labelValue2
- it: Supports selecting which nodes the bindings forwarders should run on with node selectors
set:
bindings:
forwarder:
nodeSelector: &nodeSelector
disktype: ssd
template: bindings-forwarder/deployment.yaml
asserts:
- equal:
path: spec.template.spec.nodeSelector
value: *nodeSelector
- it: Supports setting tolerations on the bindings forwarder pods
set:
bindings:
forwarder:
tolerations:
- &toleration
key: "key1"
operator: "Equal"
value: "value1"
effect: "NoSchedule"
template: bindings-forwarder/deployment.yaml
asserts:
- contains:
path: spec.template.spec.tolerations
content: *toleration
- it: Supports setting topologySpreadConstraints on the bindings forwarder pods
set:
bindings:
forwarder:
topologySpreadConstraints:
- &tsc
maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app: foo
matchLabelKeys:
- pod-template-hash
template: bindings-forwarder/deployment.yaml
asserts:
- contains:
path: spec.template.spec.topologySpreadConstraints
content: *tsc
Loading

0 comments on commit 5e5c0b8

Please sign in to comment.