diff --git a/webhosting-operator/config/policy/shoot/kustomization.yaml b/webhosting-operator/config/policy/shoot/kustomization.yaml index 858fcea8..1c9bc2bc 100644 --- a/webhosting-operator/config/policy/shoot/kustomization.yaml +++ b/webhosting-operator/config/policy/shoot/kustomization.yaml @@ -3,11 +3,4 @@ kind: Kustomization resources: - ../default -- prepull-nginx.yaml - webhosting-operator-scheduling.yaml -- websites-scheduling.yaml - -images: -- name: pause - newName: registry.k8s.io/pause - newTag: "3.7" diff --git a/webhosting-operator/config/policy/shoot/prepull-nginx.yaml b/webhosting-operator/config/policy/shoot/prepull-nginx.yaml deleted file mode 100644 index 138d7978..00000000 --- a/webhosting-operator/config/policy/shoot/prepull-nginx.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: prepull-nginx - labels: - app: prepull-nginx - annotations: - description: | - This DaemonSet makes sure the image used for websites is present on all website workers. -spec: - selector: - matchLabels: - app: prepull-nginx - template: - metadata: - labels: - app: prepull-nginx - spec: - initContainers: - - name: nginx - image: nginx:1.21-alpine - command: - - /bin/sh - - -c - - exit 0 - containers: - - name: pause - image: pause - tolerations: - - key: dedicated-for - value: websites - effect: NoSchedule - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: dedicated-for - operator: In - values: - - websites diff --git a/webhosting-operator/config/policy/shoot/websites-scheduling.yaml b/webhosting-operator/config/policy/shoot/websites-scheduling.yaml deleted file mode 100644 index 3a31a690..00000000 --- a/webhosting-operator/config/policy/shoot/websites-scheduling.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: websites-scheduling -spec: - failurePolicy: Fail - rules: - # schedule websites on dedicated worker pool for better isolation in load tests - - name: add-scheduling-constraints - match: - any: - - resources: - kinds: - - Pod - selector: - matchLabels: - app: website - mutate: - patchesJson6902: |- - - op: add - path: "/spec/tolerations/-" - value: {"key":"dedicated-for","operator":"Equal","value":"websites","effect":"NoSchedule"} - - op: add - path: "/spec/affinity/nodeAffinity/requiredDuringSchedulingIgnoredDuringExecution/nodeSelectorTerms/-" - value: {"matchExpressions": [{"key":"dedicated-for","operator":"In","values":["websites"]}]} diff --git a/webhosting-operator/shoot.yaml b/webhosting-operator/shoot.yaml index 1de511f3..1dc71388 100644 --- a/webhosting-operator/shoot.yaml +++ b/webhosting-operator/shoot.yaml @@ -54,7 +54,7 @@ spec: workers: 10.250.0.0/16 type: openstack workers: - # runs system and monitoring components + # runs system and monitoring components, and sample websites - name: system cri: name: containerd @@ -98,31 +98,6 @@ spec: type: storage_premium_perf1 zones: - eu01-2 - # runs actual websites - - name: websites - cri: - name: containerd - machine: - image: - name: coreos - type: g1.2 - maxSurge: 5 - maxUnavailable: 0 - maximum: 10 - minimum: 1 - systemComponents: - allow: false - labels: - dedicated-for: websites - taints: - - key: dedicated-for - value: websites - effect: NoSchedule - volume: - size: 50Gi - type: storage_premium_perf1 - zones: - - eu01-2 purpose: development region: RegionOne secretBindingName: cq12kuc8ir