Organizations can customize the taints and tolerances for their Kubernetes cluster running Wallaroo. Nodes in a Kubernetes cluster can have a taint applied to them. Any pod that does not have a toleration matching the taint can be rejected and will not be applied to that node.

This allows organizations to determine which pods can be accepted or rejected into specific nodes, reserving their Kubernetes resources for other services. Combined with the Install Wallaroo to Specific Nodes guide this ensures that Wallaroo pods are contained to specific cluster nodes, and prevents non-Wallaroo pods from being scheduled into the same nodes to reserve those resources for the Wallaroo instance.

In this example, the node Postgres has the taint wallaroo.ai/postgres=true:NoSchedule. The pod postgres has the tolerance wallaroo.ai/postgres:NoSchedule op=Exists, so it is scheduled into the node Postgres. The pod nginx has no tolerations, so it is not scheduled into the node Postgres.

See the Kubernetes Taints and Tolerations documentation for more information.

Setting Tolerations and Taints

The Wallaroo Enterprise Install Guides specify default taints applied to nodepools. These can be used to contain pod scheduling only to specific nodes where the pod tolerations match the nodes taints. By default, the following nodepools and their associated taints are created

After Wallaroo release September 2022 (Codename Cobra):

Before Wallaroo release September 2022 (Code name Mustang and before)

The nodepool mainpool is not assigned any taints to allow other Kubernetes services to run as part of the cluster.

The taint wallaroo.ai/reserved=true:NoSchedule can be applied to other nodepools. This allows additional Wallaroo resources to be scheduled in those nodes while rejecting other pods that do not have a matching toleration.

Default Tolerations

By default, the following tolerations are applied for Wallaroo pods. Organizations can add a corresponding Any pod that does not contain a taint to match these tolerances will have the condition effect:NoSchedule for the specified node.

• Toleration key for all Wallaroo pods
  • wallaroo.ai/reserved
• Engine toleration key
  • wallaroo.ai/engine
• Engine LB toleration key
  • wallaroo.ai/enginelb
• Postgres toleration key
  • wallaroo.ai/postgres

Note that these taint values are applied to the nodepools as part of the Wallaroo Enterprise Setup guides. They are not typically set up or required for Wallaroo Community instances.

Custom Tolerations

To customize the tolerations applied to Wallaroo nodes, the following prerequisites must be met:

• Access to the Kubernetes environment running the Wallaroo instances.
• Have kubectl and kots installed and connected to the Kubernetes environment.

For full details on installing Wallaroo and the prerequisite software, see the Wallaroo Prerequisites Guide.

1. Access the Wallaroo Administrative Dashboard.

   1. From a terminal with kubectl and kots installed and connected to the Kubernetes environment, run:

      kubectl kots admin-console --namespace wallaroo
      

      This will provide access to the Wallaroo Administrative Dashboard through http://localhost:8800:

        • Press Ctrl+C to exit
        • Go to http://localhost:8800 to access the Admin Console
      

   2. Launch a browser and connect to http://localhost:8800.

   3. Enter the password created during the Wallaroo Install process. The Wallaroo Administrative Dashboard will now be available.

2. From the Wallaroo Administrative Dashboard, select Config -> Taints and Tolerations.

3. Set the custom tolerations as required by your organization. The following nodes and tolerations can be changed:

   

• Toleration key for all Wallaroo pods
  • Default value: wallaroo.ai/reserved
• Engine toleration key
  • Default value: wallaroo.ai/engine
• Engine LB toleration key
  • Default value: wallaroo.ai/enginelb
• Postgres toleration key
• Default value: wallaroo.ai/postgres