Istio node affinity setup with istioctl or overlay file

rberna · March 23, 2020, 8:43pm

Hello,

I am installing istio version 1.4.6 into our k8s cluster. I would like for all of the istio components to run on specific nodes within the cluster. Is there a way (via overlay file or flag option) to do this? Was thinking with overlay it may look something like:

apiVersion: install.istio.io/v1alpha2
kind: IstioControlPlane
metadata:
namespace: istio-operator
name: istiocontrolplane
spec:
profile: default
values:
gateways:
istio-ingressgateway:
serviceAnnotations:
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
components:
. k8s:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kops.k8s.io/instancegroup
operator: In
values:
- operations-job-nodes
tolerations:
- effect: NoExecute
key: k8s/dedicated
operator: Equal
value: operations-server

Is this correct or even possible?

ostromart · March 23, 2020, 9:26pm

Yes, you’re on the right track. You can see that affinity is just defined using the k8s API:

github.com

istio/operator/blob/3bf9ba540a4eedcda733279e4087a86c80913c10/pkg/apis/istio/v1alpha2/istiocontrolplane_types.proto#L472


message CoreDNSComponentSpec {
    TypeBoolValueForPB enabled = 1;
    string namespace = 2;
    KubernetesResourcesSpec k8s = 80;
}


// KubernetesResourcesConfig is a common set of k8s resource configs for components.
message KubernetesResourcesSpec {
    // k8s affinity.
    // https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
    k8s.io.api.core.v1.Affinity affinity = 1;
    // Deployment environment variables.
    // https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
    repeated k8s.io.api.core.v1.EnvVar env = 2;
    // k8s HorizontalPodAutoscaler settings.
    // https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
    k8s.io.api.autoscaling.v2beta1.HorizontalPodAutoscalerSpec hpa_spec = 3;
    // k8s imagePullPolicy.
    // https://kubernetes.io/docs/concepts/containers/images/
    string image_pull_policy = 4;
    // k8s nodeSelector.

Whatever works for k8s affinity settings should work in IstioControlPlane.

rberna · March 23, 2020, 9:50pm

Thanks for the response. So maybe struggling a bit with the overlay file that I have. Getting
could not unmarshal the overlay file: unknown field “k8s” in v1alpha2.IstioControlPlaneSpec. Also, would I have to make this type of change for each istio component or will one change apply to all components?

rberna · March 23, 2020, 11:02pm

Tried one of the overlay file examples on the Istio site and tried to generate the manifest file using istioctl. Still getting an error:
could not unmarshal the overlay file: unknown field “components” in v1alpha2.IstioControlPlaneSpec. Wondering if this is only possible in istio 1.5 and not available in istio 1.4.6?

Topic		Replies	Views
Help with Istio overlay files for node affinity	0	517	April 20, 2020
Many versions installed, need to clean up	0	387	November 17, 2022
Istio pilot and policy anti affinity Performance and Scalability	6	3160	April 27, 2019
Istio ingress gateway on each node Networking	0	283	October 2, 2023
Setting Node affinity for istio helm install	2	1059	October 6, 2023

Istio node affinity setup with istioctl or overlay file

Related topics