fritzlab-public/flock
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

deploy: catch-all toleration so DS schedules on not-ready nodes
flock / release (push) Successful in 45m40s
Details

Browse Source 
Replaces the explicit toleration list with `operator: Exists`. The previous
list lacked node.kubernetes.io/not-ready:NoSchedule, so during a fresh
control-plane join the CNI agent couldn't schedule until the node became
Ready — but the node can't become Ready without the CNI. Surfaced during
host001/host002 PERC migration rebuild.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Donavan Fritz
2026-05-08 09:35:27 -05:00
parent 3d0081780c
commit 8d6e50c980
2 changed files with 8 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/daemonset.yaml
+4 -9
View File
@@ -41,15 +41,10 @@ spec:
nodeSelector:
flock.fritzlab.net/agent: ""
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoExecute
- key: node.kubernetes.io/unreachable
operator: Exists
effect: NoExecute
# CNI must schedule on a fresh node before it becomes Ready —
# the node has not-ready:NoSchedule until flock installs the CNI conflist.
# Catch-all tolerates all taints so the agent always runs.
- operator: Exists
initContainers:
- name: install-cni
image: code.fritzlab.net/fritzlab/flock:latest
deploy/install.yaml
+4 -13
View File
@@ -182,19 +182,10 @@ spec:
nodeSelector:
flock.fritzlab.net/agent: ""
tolerations:
- key: fritzlab.net/cni-test
operator: Equal
value: "true"
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoExecute
- key: node.kubernetes.io/unreachable
operator: Exists
effect: NoExecute
# CNI must schedule on a fresh node before it becomes Ready —
# the node has not-ready:NoSchedule until flock installs the CNI conflist.
# Catch-all tolerates all taints so the agent always runs.
- operator: Exists
initContainers:
- name: install-cni
image: code.fritzlab.net/fritzlab/flock:latest