Open NielsMoorenAH opened 1 month ago
@NielsMoorenAH The system node pool shouldn't be updated with custom taints. May I know how you added the taints to your nodepool?
Hi, as you can see in the picture I only added the CriticalAddonsOnly=true:NoSchedule taint to the system node pool, as suggested by the documentation. This is to stop user apps to deploy on the system nodes, isolating critical system pods from our application pods.
Describe the bug When running AKS VPA with one system node pool the overlay-vpa-webhook-generation jobs will stay unscheduled as there is no ability to add tolerations if you taint your system node pool.
To Reproduce Steps to reproduce the behavior:
Expected behavior It should be possible to add a toleration to such jobs to make sure they run on a tainted cluster.
Screenshots
Environment (please complete the following information):