From 314953fb7479a233c17a400acfa26d18ca12edd4 Mon Sep 17 00:00:00 2001 From: Avri Chen-Roth Date: Fri, 3 Jul 2026 23:04:11 +0300 Subject: [PATCH] Add configurable nodeSelector to substrate workloads Add a global `nodeSelector` value plus per-component overrides (ateApiServer, ateController, atenetRouter, dns, rustfs, atelet) so the substrate workloads can be pinned to specific nodes. Each component resolves its effective nodeSelector as `or .Values..nodeSelector .Values.nodeSelector`, so a non-empty component-level map wins and otherwise the global default applies. All defaults are empty, so rendered output is unchanged (render-manifests --check passes). valkey is intentionally excluded. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../substrate/templates/ate-api-server.yaml | 4 +++ .../substrate/templates/ate-controller.yaml | 4 +++ charts/substrate/templates/atelet.yaml | 4 +++ charts/substrate/templates/atenet-dns.yaml | 4 +++ charts/substrate/templates/atenet-router.yaml | 4 +++ charts/substrate/templates/rustfs.yaml | 4 +++ charts/substrate/values.yaml | 25 +++++++++++++++++++ 7 files changed, 49 insertions(+) diff --git a/charts/substrate/templates/ate-api-server.yaml b/charts/substrate/templates/ate-api-server.yaml index 691279430..ded60b4c7 100644 --- a/charts/substrate/templates/ate-api-server.yaml +++ b/charts/substrate/templates/ate-api-server.yaml @@ -69,6 +69,10 @@ spec: prometheus.io/port: "9090" spec: serviceAccountName: {{ include "substrate.fullname" (list "ate-api-server" .) }} + {{- with (or .Values.ateApiServer.nodeSelector .Values.nodeSelector) }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} {{- if eq .Values.auth.mode "jwt" }} initContainers: - name: assemble-cred-bundle diff --git a/charts/substrate/templates/ate-controller.yaml b/charts/substrate/templates/ate-controller.yaml index d144ad4de..04347d75d 100644 --- a/charts/substrate/templates/ate-controller.yaml +++ b/charts/substrate/templates/ate-controller.yaml @@ -67,6 +67,10 @@ spec: app: ate-controller spec: serviceAccountName: {{ include "substrate.fullname" (list "ate-controller" .) }} + {{- with (or .Values.ateController.nodeSelector .Values.nodeSelector) }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: ate-controller image: {{ include "substrate.componentImage" (list "atecontroller" .) }} diff --git a/charts/substrate/templates/atelet.yaml b/charts/substrate/templates/atelet.yaml index 10a13f505..d548b1185 100644 --- a/charts/substrate/templates/atelet.yaml +++ b/charts/substrate/templates/atelet.yaml @@ -63,6 +63,10 @@ spec: prometheus.io/port: "9090" spec: serviceAccountName: {{ include "substrate.fullname" (list "atelet" .) }} + {{- with (or .Values.atelet.nodeSelector .Values.nodeSelector) }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: atelet image: {{ include "substrate.componentImage" (list "atelet" .) }} diff --git a/charts/substrate/templates/atenet-dns.yaml b/charts/substrate/templates/atenet-dns.yaml index ace864570..bb581a3a0 100644 --- a/charts/substrate/templates/atenet-dns.yaml +++ b/charts/substrate/templates/atenet-dns.yaml @@ -92,6 +92,10 @@ spec: app: dns spec: serviceAccountName: {{ include "substrate.fullname" (list "atenet-dns" .) }} + {{- with (or .Values.dns.nodeSelector .Values.nodeSelector) }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} shareProcessNamespace: true initContainers: - name: init-dns diff --git a/charts/substrate/templates/atenet-router.yaml b/charts/substrate/templates/atenet-router.yaml index a70291fb1..bdee2e10d 100644 --- a/charts/substrate/templates/atenet-router.yaml +++ b/charts/substrate/templates/atenet-router.yaml @@ -136,6 +136,10 @@ spec: prometheus.io/port: "9090" spec: serviceAccountName: {{ include "substrate.fullname" (list "atenet-router" .) }} + {{- with (or .Values.atenetRouter.nodeSelector .Values.nodeSelector) }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: atenet-router image: {{ include "substrate.componentImage" (list "atenet" .) }} diff --git a/charts/substrate/templates/rustfs.yaml b/charts/substrate/templates/rustfs.yaml index edaad3cfa..6e71c16d5 100644 --- a/charts/substrate/templates/rustfs.yaml +++ b/charts/substrate/templates/rustfs.yaml @@ -59,6 +59,10 @@ spec: labels: app: rustfs spec: + {{- with (or .Values.rustfs.nodeSelector .Values.nodeSelector) }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} securityContext: runAsUser: 10001 runAsGroup: 10001 diff --git a/charts/substrate/values.yaml b/charts/substrate/values.yaml index 7d6ed8bd8..cc844605e 100644 --- a/charts/substrate/values.yaml +++ b/charts/substrate/values.yaml @@ -71,6 +71,12 @@ auth: # manifests/ate-install/ install path (kubectl apply). createNamespace: false +# Global nodeSelector applied to the substrate workloads (ate-api-server, +# ate-controller, atenet-router, dns, rustfs, and the atelet DaemonSet). Each +# of those components also exposes its own `nodeSelector`; when set to a +# non-empty map it overrides this global default for that component. +nodeSelector: {} + valkey: enabled: true replicas: 6 @@ -82,6 +88,8 @@ rustfs: bucket: ate-snapshots accessKey: rustfsadmin secretKey: rustfsadmin + # Overrides the global .Values.nodeSelector for the rustfs deployment. + nodeSelector: {} # atelet daemonset overrides. Defaults use the in-cluster RustFS deployment for # snapshots. Set rustfs.enabled=false and override these fields when using @@ -93,6 +101,23 @@ atelet: storageBackend: s3 extraArgs: [] extraEnv: [] + # Overrides the global .Values.nodeSelector for the atelet DaemonSet. + nodeSelector: {} + +# Per-component overrides for the control-plane deployments. Each nodeSelector, +# when set to a non-empty map, overrides the global .Values.nodeSelector for +# that component only. +ateApiServer: + nodeSelector: {} + +ateController: + nodeSelector: {} + +atenetRouter: + nodeSelector: {} + +dns: + nodeSelector: {} redis: # Override the cluster address. Empty -> derived from valkey.enabled