From 9b268d05e98bd91cc90c23d7aac0e4a9941341c1 Mon Sep 17 00:00:00 2001
From: Sanya Kochhar <42152676+SanyaKochhar@users.noreply.github.com>
Date: Wed, 16 Feb 2022 12:36:11 -0500
Subject: [PATCH] charts(osm-*): add pod and node affinities to control plane
 pods (#4527)

* Adds pod anti-affinities to osm-controller, osm-bootstrap,
osm-injector to ensure better resilience for pod distribution
across nodes
* Replaces NodeSelectors with NodeAffinities for consistency

Signed-off-by: Sanya Kochhar <kochhars@microsoft.com>
---
 .../templates/osm-bootstrap-deployment.yaml   | 27 ++++++++++++++++---
 charts/osm/templates/osm-deployment.yaml      | 27 ++++++++++++++++---
 .../templates/osm-injector-deployment.yaml    | 27 ++++++++++++++++---
 3 files changed, 72 insertions(+), 9 deletions(-)

diff --git a/charts/osm/templates/osm-bootstrap-deployment.yaml b/charts/osm/templates/osm-bootstrap-deployment.yaml
index 8b20da0311..7e76df97c8 100644
--- a/charts/osm/templates/osm-bootstrap-deployment.yaml
+++ b/charts/osm/templates/osm-bootstrap-deployment.yaml
@@ -24,14 +24,35 @@ spec:
         prometheus.io/scrape: 'true'
         prometheus.io/port: '9091'
     spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
+              - key: kubernetes.io/arch
+                operator: In
+                values:
+                - amd64
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app
+                  operator: In
+                  values:
+                  - osm-bootstrap
+              topologyKey: kubernetes.io/hostname
+            weight: 100
       priorityClassName: system-node-critical
       serviceAccountName: {{ .Release.Name }}
       {{- if not (.Capabilities.APIVersions.Has "security.openshift.io/v1") }}
       {{- include "restricted.securityContext" . | nindent 6 }}
       {{- end }}
-      nodeSelector:
-        kubernetes.io/arch: amd64
-        kubernetes.io/os: linux
       initContainers:
         - name: init-osm-bootstrap
           image: "{{ include "osmCRDs.image" . }}"
diff --git a/charts/osm/templates/osm-deployment.yaml b/charts/osm/templates/osm-deployment.yaml
index 6d86db22d9..5227235e42 100644
--- a/charts/osm/templates/osm-deployment.yaml
+++ b/charts/osm/templates/osm-deployment.yaml
@@ -27,14 +27,35 @@ spec:
         prometheus.io/scrape: 'true'
         prometheus.io/port: '9091'
     spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
+              - key: kubernetes.io/arch
+                operator: In
+                values:
+                - amd64
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app
+                  operator: In
+                  values:
+                  - osm-controller
+              topologyKey: kubernetes.io/hostname
+            weight: 100
       priorityClassName: system-node-critical
       serviceAccountName: {{ .Release.Name }}
       {{- if not (.Capabilities.APIVersions.Has "security.openshift.io/v1") }}
       {{- include "restricted.securityContext" . | nindent 6 }}
       {{- end }}
-      nodeSelector:
-        kubernetes.io/arch: amd64
-        kubernetes.io/os: linux
       initContainers:
         - name: init-osm-controller
           image: {{ .Values.osm.curlImage }}
diff --git a/charts/osm/templates/osm-injector-deployment.yaml b/charts/osm/templates/osm-injector-deployment.yaml
index 3eee2e8793..80f208bb40 100644
--- a/charts/osm/templates/osm-injector-deployment.yaml
+++ b/charts/osm/templates/osm-injector-deployment.yaml
@@ -26,14 +26,35 @@ spec:
         prometheus.io/scrape: 'true'
         prometheus.io/port: '9091'
     spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
+              - key: kubernetes.io/arch
+                operator: In
+                values:
+                - amd64
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app
+                  operator: In
+                  values:
+                  - osm-injector
+              topologyKey: kubernetes.io/hostname
+            weight: 100
       priorityClassName: system-node-critical
       serviceAccountName: {{ .Release.Name }}
       {{- if not (.Capabilities.APIVersions.Has "security.openshift.io/v1") }}
       {{- include "restricted.securityContext" . | nindent 6 }}
       {{- end }}
-      nodeSelector:
-        kubernetes.io/arch: amd64
-        kubernetes.io/os: linux
       initContainers:
         - name: init-osm-injector
           image: {{ .Values.osm.curlImage }}