From 131b5cd87bb6b062c51b1f6fbe3f24ea84b2f28e Mon Sep 17 00:00:00 2001
From: Venkat <venkata@venkatamutyala.com>
Date: Thu, 23 May 2024 12:48:59 -0700
Subject: [PATCH] fix: daemonset taints and tolerations were too specific. I
 copied what kube prometheus stack uses instead and it appears to be working
 in antoniostacos (#302)

* fix: daemonset tains and tolerations to match what kube prometheus stack uses. This commit impacts: promtail, loki, and network exporter
* chore: bump patch to v0.43.1
---------

Co-authored-by: GlueOps <github@glueops.dev>
---
 Chart.yaml                                  |  2 +-
 README.md                                   | 25 ++++++++++++++++++++-
 templates/application-loki.yaml             |  2 +-
 templates/application-network-exporter.yaml |  4 ++--
 templates/application-promtail.yaml         |  2 +-
 values.yaml                                 | 24 ++++++++++++++++++++
 6 files changed, 53 insertions(+), 6 deletions(-)

diff --git a/Chart.yaml b/Chart.yaml
index 20d4a5af..376016d6 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -2,4 +2,4 @@ apiVersion: v2
 appVersion: v0.1.0
 description: This chart deploys the GlueOps Platform
 name: glueops-platform
-version: 0.43.0
+version: 0.43.1
diff --git a/README.md b/README.md
index 4a991c67..cb80f28f 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # glueops-platform
 
-![Version: 0.43.0](https://img.shields.io/badge/Version-0.43.0-informational?style=flat-square) ![AppVersion: v0.1.0](https://img.shields.io/badge/AppVersion-v0.1.0-informational?style=flat-square)
+![Version: 0.43.1](https://img.shields.io/badge/Version-0.43.1-informational?style=flat-square) ![AppVersion: v0.1.0](https://img.shields.io/badge/AppVersion-v0.1.0-informational?style=flat-square)
 
 This chart deploys the GlueOps Platform
 
@@ -74,6 +74,29 @@ This chart deploys the GlueOps Platform
 | container_images.app_vault_init_controller.vault_init_controller.image.registry | string | `"ghcr.io"` |  |
 | container_images.app_vault_init_controller.vault_init_controller.image.repository | string | `"glueops/vault-init-controller"` |  |
 | container_images.app_vault_init_controller.vault_init_controller.image.tag | string | `"v0.6.1@sha256:08bc8b4e981700fe2ce238efe088a2ed25650f36381010c08da9427bf0cd2adb"` |  |
+| daemonset_tolerations[0].effect | string | `"NoSchedule"` |  |
+| daemonset_tolerations[0].operator | string | `"Exists"` |  |
+| daemonset_tolerations[1].effect | string | `"NoExecute"` |  |
+| daemonset_tolerations[1].key | string | `"node.kubernetes.io/not-ready"` |  |
+| daemonset_tolerations[1].operator | string | `"Exists"` |  |
+| daemonset_tolerations[2].effect | string | `"NoExecute"` |  |
+| daemonset_tolerations[2].key | string | `"node.kubernetes.io/unreachable"` |  |
+| daemonset_tolerations[2].operator | string | `"Exists"` |  |
+| daemonset_tolerations[3].effect | string | `"NoSchedule"` |  |
+| daemonset_tolerations[3].key | string | `"node.kubernetes.io/disk-pressure"` |  |
+| daemonset_tolerations[3].operator | string | `"Exists"` |  |
+| daemonset_tolerations[4].effect | string | `"NoSchedule"` |  |
+| daemonset_tolerations[4].key | string | `"node.kubernetes.io/memory-pressure"` |  |
+| daemonset_tolerations[4].operator | string | `"Exists"` |  |
+| daemonset_tolerations[5].effect | string | `"NoSchedule"` |  |
+| daemonset_tolerations[5].key | string | `"node.kubernetes.io/pid-pressure"` |  |
+| daemonset_tolerations[5].operator | string | `"Exists"` |  |
+| daemonset_tolerations[6].effect | string | `"NoSchedule"` |  |
+| daemonset_tolerations[6].key | string | `"node.kubernetes.io/unschedulable"` |  |
+| daemonset_tolerations[6].operator | string | `"Exists"` |  |
+| daemonset_tolerations[7].effect | string | `"NoSchedule"` |  |
+| daemonset_tolerations[7].key | string | `"node.kubernetes.io/network-unavailable"` |  |
+| daemonset_tolerations[7].operator | string | `"Exists"` |  |
 | dex.argocd.client_secret | string | `"placeholder_dex_argocd_client_secret"` | Specify a unique password here. This will be used to connect argocd via OIDC to the Dex IDP. You can create one with in bash `openssl rand -base64 32` |
 | dex.github.client_id | string | `"placeholder_dex_github_client_id"` | To create a clientID please reference: https://github.com/GlueOps/github-oauth-apps/tree/v0.0.1 |
 | dex.github.client_secret | string | `"placeholder_dex_github_client_secret"` | To create a clientSecret please reference: https://github.com/GlueOps/github-oauth-apps/tree/v0.0.1 |
diff --git a/templates/application-loki.yaml b/templates/application-loki.yaml
index 85215294..793af091 100644
--- a/templates/application-loki.yaml
+++ b/templates/application-loki.yaml
@@ -81,7 +81,7 @@ spec:
               installOperator: false
           lokiCanary:
             tolerations:
-              {{- toYaml .Values.glueops_node_and_tolerations.tolerations | nindent 14 }}
+              {{- toYaml .Values.daemonset_tolerations | nindent 14 }}
         write:
           {{- toYaml .Values.glueops_node_and_tolerations | nindent 10 }}
         tableManager:
diff --git a/templates/application-network-exporter.yaml b/templates/application-network-exporter.yaml
index d869a164..815d22a3 100644
--- a/templates/application-network-exporter.yaml
+++ b/templates/application-network-exporter.yaml
@@ -97,7 +97,7 @@ spec:
                   securityContext: {}
                   terminationGracePeriodSeconds: 30
                   tolerations:
-                  {{- toYaml .Values.glueops_node_and_tolerations.tolerations | nindent 18 }}
+                  {{- toYaml .Values.daemonset_tolerations | nindent 18 }}
                   volumes:
                   - configMap:
                       defaultMode: 420
@@ -177,4 +177,4 @@ spec:
                 app.kubernetes.io/instance: glueops-network-exporter
                 app.kubernetes.io/name: glueops-network-exporter
               name: glueops-network-exporter
-              namespace: glueops-core-network-exporter
\ No newline at end of file
+              namespace: glueops-core-network-exporter
diff --git a/templates/application-promtail.yaml b/templates/application-promtail.yaml
index d48da136..59320fc4 100644
--- a/templates/application-promtail.yaml
+++ b/templates/application-promtail.yaml
@@ -37,7 +37,7 @@ spec:
           repository: {{ .Values.container_images.app_promtail.promtail.image.repository }}
           tag: {{ .Values.container_images.app_promtail.promtail.image.tag }}
         tolerations:
-          {{- toYaml .Values.glueops_node_and_tolerations.tolerations | nindent 10 }}
+          {{- toYaml .Values.daemonset_tolerations | nindent 10 }}
         config:
           snippets:
             extraScrapeConfigs: |
diff --git a/values.yaml b/values.yaml
index 18f9fcee..69b90ca3 100644
--- a/values.yaml
+++ b/values.yaml
@@ -185,6 +185,30 @@ glueops_node_and_tolerations:
       operator: "Equal"
       value: "glueops-platform"
       effect: "NoSchedule"
+daemonset_tolerations:
+  - effect: NoSchedule
+    operator: Exists
+  - effect: NoExecute
+    key: node.kubernetes.io/not-ready
+    operator: Exists
+  - effect: NoExecute
+    key: node.kubernetes.io/unreachable
+    operator: Exists
+  - effect: NoSchedule
+    key: node.kubernetes.io/disk-pressure
+    operator: Exists
+  - effect: NoSchedule
+    key: node.kubernetes.io/memory-pressure
+    operator: Exists
+  - effect: NoSchedule
+    key: node.kubernetes.io/pid-pressure
+    operator: Exists
+  - effect: NoSchedule
+    key: node.kubernetes.io/unschedulable
+    operator: Exists
+  - effect: NoSchedule
+    key: node.kubernetes.io/network-unavailable
+    operator: Exists
 
 
 vault_init_controller: