From 0a6086eb2a7dd3721ea5fc6b451b7b1cce87bba9 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Thu, 21 Nov 2024 22:50:07 -0600 Subject: [PATCH] longhorn: Run on dedicated nodes I've created new worker nodes that are dedicated to running Longhorn replicas. These nodes are tainted with the `node-role.kubernetes.io/longhorn` taint, so no regular pods will be scheduled there by default. Longhorn pods thus needs to be configured to tolerate that taint, and to be scheduled on nodes with the similarly-named label. --- storage/longhorn-settings.yaml | 2 +- storage/longhorn.yaml | 37 ++++++++++++++++++++++++++++++++-- 2 files changed, 36 insertions(+), 3 deletions(-) diff --git a/storage/longhorn-settings.yaml b/storage/longhorn-settings.yaml index a8e91d7..51cb66e 100644 --- a/storage/longhorn-settings.yaml +++ b/storage/longhorn-settings.yaml @@ -3,4 +3,4 @@ kind: Setting metadata: name: taint-toleration namespace: longhorn-system -value: du5t1n.me/machine=raspberrypi:NoExecute +value: du5t1n.me/machine=raspberrypi:NoExecute;node-role.kubernetes.io/longhorn:NoSchedule diff --git a/storage/longhorn.yaml b/storage/longhorn.yaml index 3732e65..cabb0f1 100644 --- a/storage/longhorn.yaml +++ b/storage/longhorn.yaml @@ -63,7 +63,7 @@ data: reclaimPolicy: "Delete" volumeBindingMode: Immediate parameters: - numberOfReplicas: "3" + numberOfReplicas: "2" staleReplicaTimeout: "30" fromBackup: "" fsType: "ext4" @@ -3877,6 +3877,9 @@ spec: - key: du5t1n.me/machine operator: Exists effect: NoExecute + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule initContainers: - name: wait-longhorn-admission-webhook image: longhornio/longhorn-manager:v1.4.1 @@ -4017,9 +4020,15 @@ spec: value: "longhornio/csi-snapshotter:v5.0.1" - name: CSI_LIVENESS_PROBE_IMAGE value: "longhornio/livenessprobe:v2.8.0" + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account securityContext: runAsUser: 0 + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/deployment-recovery-backend.yaml apiVersion: apps/v1 @@ -4085,7 +4094,13 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/deployment-ui.yaml apiVersion: apps/v1 @@ -4099,7 +4114,7 @@ metadata: name: longhorn-ui namespace: longhorn-system spec: - replicas: 1 + replicas: 2 selector: matchLabels: app: longhorn-ui @@ -4142,6 +4157,12 @@ spec: value: "http://longhorn-backend:9500" - name: LONGHORN_UI_PORT value: "8000" + nodeSelector: + node-role.kubernetes.io/longhorn: '' + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule volumes: - emptyDir: {} name: nginx-cache @@ -4208,7 +4229,13 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/deployment-webhook.yaml apiVersion: apps/v1 @@ -4279,7 +4306,13 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + nodeSelector: + node-role.kubernetes.io/longhorn: '' serviceAccountName: longhorn-service-account + tolerations: + - key: node-role.kubernetes.io/longhorn + operator: Exists + effect: NoSchedule --- # Source: longhorn/templates/validate-psp-install.yaml #