-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.19
-
None
-
None
-
False
-
Managed services marks a couple of nodes as "infra" so user workloads don't get scheduled on them. However, platform daemonsets like dns should run there – and the typical toleration for that purpose should be:
tolerations:
- operator: Exists
instead the dns-default toleration is
tolerations: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule"
Examples from other platform DS:
$ for ns in openshift-cluster-csi-drivers openshift-cluster-node-tuning-operator openshift-dns openshift-image-registry openshift-machine-config-operator openshift-monitoring openshift-multus openshift-multus openshift-multus openshift-network-diagnostics openshift-network-operator openshift-ovn-kubernetes openshift-security; do echo "NS: $ns"; oc get ds -o json -n $ns|jq '.items.[0].spec.template.spec.tolerations'; done NS: openshift-cluster-csi-drivers [ { "operator": "Exists" } ] NS: openshift-cluster-node-tuning-operator [ { "operator": "Exists" } ] NS: openshift-dns [ { "key": "node-role.kubernetes.io/master", "operator": "Exists" } ] NS: openshift-image-registry [ { "operator": "Exists" } ] NS: openshift-machine-config-operator [ { "operator": "Exists" } ] NS: openshift-monitoring [ { "operator": "Exists" } ] NS: openshift-multus [ { "operator": "Exists" } ] NS: openshift-multus [ { "operator": "Exists" } ] NS: openshift-multus [ { "operator": "Exists" } ] NS: openshift-network-diagnostics [ { "operator": "Exists" } ] NS: openshift-network-operator [ { "effect": "NoSchedule", "key": "node-role.kubernetes.io/master", "operator": "Exists" } ] NS: openshift-ovn-kubernetes [ { "operator": "Exists" } ] NS: openshift-security [ { "operator": "Exists" } ]