I'm working with an OpenShift cluster that has shared projects, and I'm trying to figure out a way to stop a pod from running on certain nodes. The catch is that I can't use taints or node affinity because the pod YAMLs are generated automatically by a software, and I can't modify them directly. Initially, I told the customer that it seems impossible, but I thought I'd ask here to see if anyone has found a solution.
3 Answers
One option could be to modify the scheduler you’re using. If you can't change the workloads directly, maybe someone with the right privileges can help set up a mutating webhook or a tool like Kyverno to patch the pods as they're created.
Have you thought about using a mutating webhook to add affinities to your pods? It could help manage where they can run based on the conditions you set.
Instead of using the default scheduler, consider deploying a custom scheduler that uses labels to make scheduling decisions. Also, you could implement a mutating admission controller that adds the necessary affinities when the YAML is submitted, making this a simpler fix.
Yeah, that sounds like a worthwhile approach! Custom schedulers can really help tailor the deployment process.