-
Story
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
We currently only use the deployment name in our antiaffinity rules, making it impossible for an upgrade to work in a single replica deployment with a single zone.
We should include a hash of the deployment as a label selector for the antiaffinity rule so that it's possible to do an upgrade no matter the topology.
This is an example from the router deployment:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions: - key: ingresscontroller.operator.openshift.io/deployment-ingresscontroller
operator: In
values: - default
- key: ingresscontroller.operator.openshift.io/hash
operator: In
values: - 788dc6d9f8
topologyKey: kubernetes.io/hostname
We want to refactor the config library to enforce programatically that no new component can be merged without satisfying our affinity requirements
We also want to validate in an e2e test that every component has the expected affinity, tolerations, priority and node selector.