Description
Is this a request for help?:
No
Is this a BUG REPORT or FEATURE REQUEST? (choose one):
BUG REPORT
Version of Helm and Kubernetes:
Helm 3.7.1
Kubernetes EKS 1.20.11
Which chart:
jfrog-platform (having artifactory and xray enabled, everything else disabled)
What happened:
When setting the artifactory.artifactory.podAntiAffinity parameter, the chart uses a label selector that also matches the nginx pods, preventing Artifactory pods to schedule on the same nodes as the nginx pods. On our three node / three availability zone setup it meant that some Artifactory replicas could not schedule at all.
What you expected to happen:
Artifactory pods are spread across AWS availability zones (our defined topologyKey) and scheduled successfully. Pods from Artifactory StatefulSet can coexist on the same nodes as the nginx pods.
How to reproduce it (as minimally and precisely as possible):
- Create a 2 node cluster with enough capacity to run the jfrog platform stack
- Deploy jfrog-platform chart with these values
artifactory:
artifactory:
podAntiAffinity:
topologyKey: "kubernetes.io/hostname" # we use "topology.kubernetes.io/zone" but hostname can be used without aws
type: "hard"
replicaCount: 2
nginx:
replicaCount: 2
- Some of the pods fail to schedule
Anything else we need to know:
The Artifactory chart allows overriding the whole affinity block which makes it possible to circumvent the issue, by adding the component label in the label selector
artifactory:
artifactory:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app: artifactory
release: jfrog-platform
component: artifactory
topologyKey: topology.kubernetes.io/zone
But the issue is that this will stop working if Jfrog decides to rename the pod labels. It would be preferred if the chart could be fixed instead.