istio.io icon indicating copy to clipboard operation
istio.io copied to clipboard

Published 20 hours ago verified publisher icon istio

Untaint controller needs documentation

Open bleggett opened this issue 1 year ago • 7 comments

The untaint controller (designed to allow people to work around corner cases where new nodes are created and pods are scheduled on those nodes before our istio-cni node agent is scheduled on those nodes was added in https://github.com/istio/istio/pull/48818

However, we have no docs for it.

https://github.com/istio/istio/issues/50660

bleggett avatar Apr 30 '24 15:04 bleggett

I setup isitio in ambient mode

  source:
    repoURL: https://istio-release.storage.googleapis.com/charts
    chart: ambient
    helm:
      values: |
        istiod:
          defaults:
            pilot:
              taint:
                enabled: true
    targetRevision: '1.23.2'

pilot.taint.enabled:true helm value adds only

  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["patch"]

to istiod-clusterrole

but this configuration doesn't remove

startupTaints:
   - key: cni.istio.io/not-ready
   effect: NoExecute

from a node after the start. Can I ask right helm value config?

fatgit avatar Sep 24 '24 19:09 fatgit

/cc @yuval-k @ilrudie

craigbox avatar May 27 '25 02:05 craigbox