datadog-operator icon indicating copy to clipboard operation
datadog-operator copied to clipboard

Published 20 hours ago verified publisher icon DataDog

Using the admission controller breaks topologySpreadConstraint

Open joshuabaird opened this issue 1 year ago • 2 comments

Describe what happened: I have a Deployment that looks like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/name: app
    tags.datadoghq.com/env: staging
    tags.datadoghq.com/service: app
    tags.datadoghq.com/version: latest    
  name: web
  namespace: app
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: app
   template:
    metadata:
      creationTimestamp: null
      labels:
        app.kubernetes.io/name: core-api
        admission.datadoghq.com/enabled: "true"
    spec:
      topologySpreadConstraints:
      - labelSelector:
          matchLabels:
            app.kubernetes.io/name: app
        maxSkew: 1
        minDomains: 3
        topologyKey: topology.kubernetes.io/zone
        whenUnsatisfiable: DoNotSchedule

The topologySpreadConstraint is targeting pods with the app.kubernetes.io/name=app label. With the admission controller enabled (via the label above), the topologySpreadConstraint does not work -- it seems as if the mutating web hook is mangling the other labels on the pods or something.

If I remove the admission.datadoghq.com/enabled=true label from the Deployment -- the topologySpreadConstraint works as expected/specified.

Describe what you expected: The topologySpreadConstraint should work.

Steps to reproduce the issue: Create a Deployment like the example above. Observe the topologySpreadConstraint not working correctly (eg, not selecting the proper pods as configured to do so).

Additional environment details (Operating System, Cloud provider, etc): AWS/EKS 1.27/Datadog Operator 1.0.7.

joshuabaird avatar Jul 31 '23 19:07 joshuabaird

@joshuabaird Apologies for the delay and thanks for reporting. We will investigate the issue.

celenechang avatar Oct 03 '23 14:10 celenechang

Sorry we weren't able to get to this issue so far. In order to investigate this further, can you please open a support ticket via Datadog Help, referencing this github issue?

Please provide below details, and one of our agents will dig in and get back to your shortly. Thanks!

  • Version of the Datadog Operator and chart used
  • DatadogAgent configuration file
  • Helm value overrides (if any)
  • K8s distribution, version.

levan-m avatar Mar 28 '24 20:03 levan-m