From c51bef21d0a3ac1940729c568ba151e257fb70de Mon Sep 17 00:00:00 2001 From: mamutmk5 <3045922+mamutmk5@users.noreply.github.com> Date: Fri, 6 Oct 2023 11:07:28 +0200 Subject: [PATCH 1/4] BC-5423 - test for podAffinity --- .../templates/amqp-files-deployment.yml.j2 | 20 ++++++++++++++++ .../api-delete-s3-files-cronjob.yml.j2 | 23 +++++++++++++++++++ .../templates/api-files-deployment.yml.j2 | 20 ++++++++++++++++ .../templates/api-fwu-deployment.yml.j2 | 20 ++++++++++++++++ .../templates/deployment.yml.j2 | 20 ++++++++++++++++ .../templates/management-deployment.yml.j2 | 20 ++++++++++++++++ .../api-ldap-sync-full-cronjob.yml.j2 | 23 +++++++++++++++++++ .../api-ldap-worker-deployment.yml.j2 | 20 ++++++++++++++++ .../api-tsp-sync-base-cronjob.yml.j2 | 23 +++++++++++++++++++ .../templates/api-tsp-sync-deployment.yml.j2 | 20 ++++++++++++++++ .../api-tsp-sync-school-cronjob.yml.j2 | 23 +++++++++++++++++++ 11 files changed, 232 insertions(+) diff --git a/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 index 17384845b71..500a19c4ab5 100644 --- a/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 @@ -27,6 +27,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: amqp-files image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 index 317d37dcda9..754e168e913 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 @@ -15,7 +15,30 @@ spec: cronjob: delete-s3-files spec: template: + labels: + app: api + cronjob: delete-s3-files spec: + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: delete-s3-files-cronjob image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 index 7f5a5b7e50b..728113f6678 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 @@ -27,6 +27,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-files image: {{ SCHULCLOUD_SERVER_IMAGE }}:file-storage-{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 index c8d7e6f894c..851bb4ab16e 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 @@ -27,6 +27,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-fwu image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 index 0750bf91495..81166a3cd4c 100644 --- a/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 @@ -27,6 +27,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 b/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 index 9d99c672be8..c6b67e695ec 100644 --- a/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 @@ -26,6 +26,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 index 74cc37d75b6..1f4cc4503c3 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 @@ -12,7 +12,30 @@ spec: spec: activeDeadlineSeconds: {{ SERVER_LDAP_SYNC_FULL_CRONJOB_TIMEOUT|default("39600", true) }} template: + metadata: + labels: + app: api-ldapsync-cronjob spec: + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-ldapsync-cronjob image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 index 838009883d4..09d368297e5 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 @@ -27,6 +27,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-worker image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 index f5a3d0751f4..9dba5b25e47 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 @@ -8,12 +8,35 @@ metadata: spec: schedule: "{{ SERVER_TSP_SYNC_BASE_CRONJOB|default("9 3 * * *", true) }}" jobTemplate: + metadata: + labels: + app: api-tsp-sync-cronjob spec: template: metadata: labels: app: api-tsp-sync-cronjob spec: + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync-base-cronjob image: schulcloud/infra-tools:latest diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 index 54595985dd4..bd9e9b6e95f 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 @@ -27,6 +27,26 @@ spec: runAsGroup: 1000 fsGroup: 1000 runAsNonRoot: true + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 index a92bd92560e..aeb9f39d45a 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 @@ -8,12 +8,35 @@ metadata: spec: schedule: "{{ SERVER_TSP_SYNC_SCHOOL_CRONJOB|default("39 3 * * *", true) }}" jobTemplate: + metadata: + labels: + app: api-tsp-sync-cronjob spec: template: metadata: labels: app: api-tsp-sync-cronjob spec: + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - api + - api-files + - amqp-files + - api-fwu + - api-tsp-sync + - api-tsp-sync-cronjob + - api-worker + - api-ldapsync-cronjob + - management-deployment + topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync-school-cronjob image: schulcloud/infra-tools:latest From e0d76becc0d9e1ef21d4520d46807195f9a6aa5f Mon Sep 17 00:00:00 2001 From: mamutmk5 <3045922+mamutmk5@users.noreply.github.com> Date: Fri, 6 Oct 2023 11:22:30 +0200 Subject: [PATCH 2/4] BC-5423 - fix spacing --- .../templates/api-delete-s3-files-cronjob.yml.j2 | 4 ++-- .../templates/api-ldap-sync-full-cronjob.yml.j2 | 4 ++-- .../templates/api-tsp-sync-base-cronjob.yml.j2 | 4 ++-- .../templates/api-tsp-sync-school-cronjob.yml.j2 | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 index 754e168e913..da93af3a203 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 @@ -36,8 +36,8 @@ spec: - api-tsp-sync - api-tsp-sync-cronjob - api-worker - - api-ldapsync-cronjob - - management-deployment + - api-ldapsync-cronjob + - management-deployment topologyKey: "kubernetes.io/hostname" containers: - name: delete-s3-files-cronjob diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 index 1f4cc4503c3..4fc6c0a5b55 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 @@ -33,8 +33,8 @@ spec: - api-tsp-sync - api-tsp-sync-cronjob - api-worker - - api-ldapsync-cronjob - - management-deployment + - api-ldapsync-cronjob + - management-deployment topologyKey: "kubernetes.io/hostname" containers: - name: api-ldapsync-cronjob diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 index 9dba5b25e47..3f750b75f76 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 @@ -34,8 +34,8 @@ spec: - api-tsp-sync - api-tsp-sync-cronjob - api-worker - - api-ldapsync-cronjob - - management-deployment + - api-ldapsync-cronjob + - management-deployment topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync-base-cronjob diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 index aeb9f39d45a..ead7e34b803 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 @@ -34,8 +34,8 @@ spec: - api-tsp-sync - api-tsp-sync-cronjob - api-worker - - api-ldapsync-cronjob - - management-deployment + - api-ldapsync-cronjob + - management-deployment topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync-school-cronjob From 4c194bdd3adbb0ed53dc6a22832176e5f95c23d6 Mon Sep 17 00:00:00 2001 From: mamutmk5 <3045922+mamutmk5@users.noreply.github.com> Date: Fri, 6 Oct 2023 12:46:50 +0200 Subject: [PATCH 3/4] BC-5423 - add app.kubernetes.io/part-of: schulcloud-verbund for testing --- .../templates/amqp-files-deployment.yml.j2 | 14 ++++---------- .../templates/api-delete-s3-files-cronjob.yml.j2 | 15 +++++---------- .../templates/api-files-deployment.yml.j2 | 14 ++++---------- .../templates/api-fwu-deployment.yml.j2 | 14 ++++---------- .../templates/deployment.yml.j2 | 14 ++++---------- .../templates/management-deployment.yml.j2 | 14 ++++---------- .../templates/api-ldap-sync-full-cronjob.yml.j2 | 14 ++++---------- .../templates/api-ldap-worker-deployment.yml.j2 | 14 ++++---------- .../templates/api-tsp-sync-base-cronjob.yml.j2 | 15 +++++---------- .../templates/api-tsp-sync-deployment.yml.j2 | 14 ++++---------- .../templates/api-tsp-sync-school-cronjob.yml.j2 | 15 +++++---------- 11 files changed, 47 insertions(+), 110 deletions(-) diff --git a/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 index 500a19c4ab5..9390ed0f532 100644 --- a/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: amqp-files + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ AMQP_FILE_STORAGE_REPLICAS|default("1", true) }} strategy: @@ -21,6 +22,7 @@ spec: metadata: labels: app: amqp-files + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -34,18 +36,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: amqp-files diff --git a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 index da93af3a203..0aec759f8d0 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 @@ -5,6 +5,7 @@ metadata: labels: app: api cronjob: delete-s3-files + app.kubernetes.io/part-of: schulcloud-verbund name: api-delete-s3-files-cronjob spec: concurrencyPolicy: Forbid @@ -13,11 +14,13 @@ spec: labels: app: api cronjob: delete-s3-files + app.kubernetes.io/part-of: schulcloud-verbund spec: template: labels: app: api cronjob: delete-s3-files + app.kubernetes.io/part-of: schulcloud-verbund spec: affinity: podAffinity: @@ -26,18 +29,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: delete-s3-files-cronjob diff --git a/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 index 728113f6678..b8ac2cead6c 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-files + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ API_FILE_STORAGE_REPLICAS|default("1", true) }} strategy: @@ -21,6 +22,7 @@ spec: metadata: labels: app: api-files + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -34,18 +36,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-files diff --git a/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 index 851bb4ab16e..bc6d09dcd56 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-fwu + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ API_FWU_LEARNING_CONTENTS_REPLICAS|default("1", true) }} strategy: @@ -21,6 +22,7 @@ spec: metadata: labels: app: api-fwu + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -34,18 +36,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-fwu diff --git a/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 index 81166a3cd4c..05d8f8c461f 100644 --- a/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ API_REPLICAS|default("1", true) }} strategy: @@ -21,6 +22,7 @@ spec: metadata: labels: app: api + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -34,18 +36,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api diff --git a/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 b/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 index c6b67e695ec..e43c6b70551 100644 --- a/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: management-deployment + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ API_MANAGEMENT_REPLICAS|default("1", true) }} strategy: @@ -20,6 +21,7 @@ spec: metadata: labels: app: management-deployment + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -33,18 +35,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 index 4fc6c0a5b55..0a2e39e3b15 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 @@ -4,6 +4,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-ldapsync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund name: api-ldapsync-full-cronjob spec: schedule: "{{ SERVER_LDAP_SYNC_FULL_CRONJOB|default("0 3 * * 3,6", true) }}" @@ -15,6 +16,7 @@ spec: metadata: labels: app: api-ldapsync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund spec: affinity: podAffinity: @@ -23,18 +25,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-ldapsync-cronjob diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 index 09d368297e5..4776e9c368c 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-worker + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ API_WORKER_REPLICAS|default("2", true) }} strategy: @@ -21,6 +22,7 @@ spec: metadata: labels: app: api-worker + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -34,18 +36,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-worker diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 index 3f750b75f76..faec095c70b 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 @@ -4,6 +4,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-tsp-sync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund name: api-tsp-sync-base-cronjob spec: schedule: "{{ SERVER_TSP_SYNC_BASE_CRONJOB|default("9 3 * * *", true) }}" @@ -11,11 +12,13 @@ spec: metadata: labels: app: api-tsp-sync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund spec: template: metadata: labels: app: api-tsp-sync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund spec: affinity: podAffinity: @@ -24,18 +27,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync-base-cronjob diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 index bd9e9b6e95f..eed1086ae57 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 @@ -5,6 +5,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-tsp-sync + app.kubernetes.io/part-of: schulcloud-verbund spec: replicas: {{ API_TSP_REPLICAS|default("1", true) }} strategy: @@ -21,6 +22,7 @@ spec: metadata: labels: app: api-tsp-sync + app.kubernetes.io/part-of: schulcloud-verbund spec: securityContext: runAsUser: 1000 @@ -34,18 +36,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 index ead7e34b803..7c3a1c5a8e1 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 @@ -4,6 +4,7 @@ metadata: namespace: {{ NAMESPACE }} labels: app: api-tsp-sync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund name: api-tsp-sync-school-cronjob spec: schedule: "{{ SERVER_TSP_SYNC_SCHOOL_CRONJOB|default("39 3 * * *", true) }}" @@ -11,11 +12,13 @@ spec: metadata: labels: app: api-tsp-sync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund spec: template: metadata: labels: app: api-tsp-sync-cronjob + app.kubernetes.io/part-of: schulcloud-verbund spec: affinity: podAffinity: @@ -24,18 +27,10 @@ spec: podAffinityTerm: labelSelector: matchExpressions: - - key: app + - key: app.kubernetes.io/part-of operator: In values: - - api - - api-files - - amqp-files - - api-fwu - - api-tsp-sync - - api-tsp-sync-cronjob - - api-worker - - api-ldapsync-cronjob - - management-deployment + - schulcloud-verbund topologyKey: "kubernetes.io/hostname" containers: - name: api-tsp-sync-school-cronjob From 5acd0a840e8cc0c2e1a1e9f4c56805503074c7aa Mon Sep 17 00:00:00 2001 From: mamutmk5 <3045922+mamutmk5@users.noreply.github.com> Date: Fri, 6 Oct 2023 13:37:58 +0200 Subject: [PATCH 4/4] BC-5423 - add an empty namespaceSelector to the affinity rules --- .../templates/amqp-files-deployment.yml.j2 | 1 + .../templates/api-delete-s3-files-cronjob.yml.j2 | 1 + .../schulcloud-server-core/templates/api-files-deployment.yml.j2 | 1 + .../schulcloud-server-core/templates/api-fwu-deployment.yml.j2 | 1 + ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 | 1 + .../templates/management-deployment.yml.j2 | 1 + .../templates/api-ldap-sync-full-cronjob.yml.j2 | 1 + .../templates/api-ldap-worker-deployment.yml.j2 | 1 + .../templates/api-tsp-sync-base-cronjob.yml.j2 | 1 + .../templates/api-tsp-sync-deployment.yml.j2 | 1 + .../templates/api-tsp-sync-school-cronjob.yml.j2 | 1 + 11 files changed, 11 insertions(+) diff --git a/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 index 9390ed0f532..da657c34740 100644 --- a/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/amqp-files-deployment.yml.j2 @@ -41,6 +41,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: amqp-files image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 index 0aec759f8d0..e5fec1edd69 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-delete-s3-files-cronjob.yml.j2 @@ -34,6 +34,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: delete-s3-files-cronjob image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 index b8ac2cead6c..7a09503f964 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-files-deployment.yml.j2 @@ -41,6 +41,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-files image: {{ SCHULCLOUD_SERVER_IMAGE }}:file-storage-{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 index bc6d09dcd56..8bd6f760535 100644 --- a/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/api-fwu-deployment.yml.j2 @@ -41,6 +41,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-fwu image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 b/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 index 05d8f8c461f..36f714c8b9f 100644 --- a/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-core/templates/deployment.yml.j2 @@ -41,6 +41,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 b/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 index e43c6b70551..038ee92f4b9 100644 --- a/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-init/templates/management-deployment.yml.j2 @@ -40,6 +40,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 index 0a2e39e3b15..55c802a8d68 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-sync-full-cronjob.yml.j2 @@ -30,6 +30,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-ldapsync-cronjob image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 index 4776e9c368c..90541dc5426 100644 --- a/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-ldapsync/templates/api-ldap-worker-deployment.yml.j2 @@ -41,6 +41,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-worker image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 index faec095c70b..72cf575e41a 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-base-cronjob.yml.j2 @@ -32,6 +32,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-tsp-sync-base-cronjob image: schulcloud/infra-tools:latest diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 index eed1086ae57..265aa6098b9 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-deployment.yml.j2 @@ -41,6 +41,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-tsp-sync image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} diff --git a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 index 7c3a1c5a8e1..9c18a73a18a 100644 --- a/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 +++ b/ansible/roles/schulcloud-server-tspsync/templates/api-tsp-sync-school-cronjob.yml.j2 @@ -32,6 +32,7 @@ spec: values: - schulcloud-verbund topologyKey: "kubernetes.io/hostname" + namespaceSelector: {} containers: - name: api-tsp-sync-school-cronjob image: schulcloud/infra-tools:latest