How to whitelist nodeselector for pods
Issue
- With the current means of node-selector (not taking into account the upcoming taints and tolerations feature, we could envisage to implement this with a namespace defined white-list of allowed values for a specific label.
-
I would like the following options to exist on a project/namespace:
an optional "required" node selector openshift.io/node-selector
an optional "default" per label NodeSelector
an optional "fallback" NodeSelector
a label blacklist (existing feature)
a label-value whitelist
If a pod is scheduled,
1) Its pod level and "required" node selectors are merged. If there is a conflict, the pod is rejected --> Selector S1
2) S1 is merged with all labels from the "default" node selector which have not yet been declared in S1. --> Selector S2
3) If S2 is empty, use the "fallback" node selector --> Selector S3
3) S3 is checked against the label blacklist and label-value whitelist.
So I can effectively manage which projects have access to and by default use a particular set of nodes.
Environment
- Openshift Enterprise
- 3.2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
