search

istio / istio.io

Source for the istio.io site
https://istio.io/
Apache License 2.0
760 stars 1.53k forks source link

Untaint controller needs documentation #15003

Open bleggett opened 5 months ago

bleggett commented 5 months ago

The untaint controller (designed to allow people to work around corner cases where new nodes are created and pods are scheduled on those nodes before our istio-cni node agent is scheduled on those nodes was added in https://github.com/istio/istio/pull/48818

However, we have no docs for it.

https://github.com/istio/istio/issues/50660

ayushrakesh commented 3 months ago

@bleggett I want to work on this issue. Please assign to me.

fatgit commented 1 week ago

I setup isitio in ambient mode

  source:
    repoURL: https://istio-release.storage.googleapis.com/charts
    chart: ambient
    helm:
      values: |
        istiod:
          defaults:
            pilot:
              taint:
                enabled: true
    targetRevision: '1.23.2'

pilot.taint.enabled:true helm value adds only

  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["patch"]

to istiod-clusterrole

but this configuration doesn't remove 

startupTaints:
   - key: cni.istio.io/not-ready
   effect: NoExecute

from a node after the start. Can I ask right helm value config?