Adding taints to worker nodes on ARO clusters

Solution Verified - Updated -

Environment

  • Azure Red Hat OpenShift [ARO]
    • 4.x

Issue

  • Is it possible to add taints to worker nodes in order to separate application pods and OpenShift components?
  • If customers add taints to worker nodes, does it violate the ARO Support Policy?

Resolution

  • Generally, OpenShift components start with the following strings:

    ^kube
^openshift
^redhat

  • In regards to Node Taints, customers are allowed to do that, unless it does not violate the following recommendations:

    1. Do not apply taints which could block elements like the Azure Logging components;
    2. Allow one node per Availability Zone where we can have OpenShift components scheduled on them;
    3. Make sure the taints do not impact on the OpenShift Ingress components;
    4. OpenShift works with daemonsets which run on every node. Please refer to the Taints and Tolerations on the document provided.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments