K
Q

Assign pod to workers without using deployment specific content like nodeSelector. Security constraints

5/29/2018

Is there any way to assign automatically pods to workers without relaying in the deployment configuration? May be using the "dedicated" taint and the deployment namespace?

https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

I'm looking for a secure way to do this. An option is to use labels, node selectors and other type of taints but an error on the deployment configuration could cause a pod to be executed in the wrong workers.

I'm thinking about using "dedicated" taint to assign namespaces to workers, but I couldn't find detailed documentation or examples. Is it possible to use this taint for this requirement? how?

Or is a custom "admission controller" the only way to do this?

https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/

Thank you.

-- Jxadro
kubernetes

Similar Questions

Does Kubernetes installation always needs Docker?
GKE network bound kubernetes nodes?
Run Kubernetes Job on network request (aka socket-based activation)
How to access SonarQube with Kubernetes Proxy?
Maintaining original source and destination headers for incoming UDP data in kubernetes cluster
Kubernetes service not creating endpoint despite selector
Nginx ingress controller setting unexpected X-Forwarded-* headers
How can I add external node to EKS cluster?
pass different configmap or env property to pod depending on which node it's running on
Private helm repository failed to download chart

0 Answers