eks-prow-build: schedule controllers on stable nodes

xmudrii · xmudrii · commit 698d0096d94d · 2025-07-30T15:14:30.000+02:00
Signed-off-by: Marko Mudrinić &lt;mudrinic.mare@gmail.com&gt;
diff --git a/infra/aws/terraform/prow-build-cluster/.terraform.lock.hcl b/infra/aws/terraform/prow-build-cluster/.terraform.lock.hcl
diff --git a/infra/aws/terraform/prow-build-cluster/eks.tf b/infra/aws/terraform/prow-build-cluster/eks.tf
@@ -53,6 +53,27 @@ module "eks" {
   cluster_addons = {
     coredns = {
       most_recent = true
+      configuration_values = jsonencode({
+        "nodeSelector" : {
+          "node-group" : "stable"
+        },
+        "tolerations" : [
+          {
+            "key" : "CriticalAddonsOnly",
+            "operator" : "Exists"
+          },
+          {
+            "effect" : "NoSchedule",
+            "key" : "node-role.kubernetes.io/control-plane"
+          },
+          {
+            "effect" : "NoSchedule",
+            "key" : "node-group",
+            "operator" : "Equal",
+            "value" : "stable"
+          }
+        ]
+      })
     }
     kube-proxy = {
       most_recent = true
@@ -64,6 +85,26 @@ module "eks" {
     aws-ebs-csi-driver = {
       most_recent              = true
       service_account_role_arn = module.ebs_csi_irsa.iam_role_arn
+      configuration_values = jsonencode({
+        "controller" : {
+          "nodeSelector" : {
+            "node-group" : "stable"
+          },
+          "tolerations" : [
+            {
+              "effect" : "NoExecute",
+              "operator" : "Exists",
+              "tolerationSeconds" : 300
+            },
+            {
+              "effect" : "NoSchedule",
+              "key" : "node-group",
+              "operator" : "Equal",
+              "value" : "stable"
+            }
+          ]
+        }
+      })
     }
     eks-pod-identity-agent = {
       most_recent = true
diff --git a/infra/aws/terraform/prow-build-cluster/providers.tf b/infra/aws/terraform/prow-build-cluster/providers.tf
@@ -22,7 +22,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.59"
+      version = "~> 5.100"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"
diff --git a/infra/aws/terraform/prow-build-cluster/resources/monitoring/prometheus-operator/deployment.yaml b/infra/aws/terraform/prow-build-cluster/resources/monitoring/prometheus-operator/deployment.yaml
@@ -46,7 +46,12 @@ spec:
                 - ALL
             readOnlyRootFilesystem: true
       nodeSelector:
-        kubernetes.io/os: linux
+        node-group: stable
+      tolerations:
+      - key: node-group
+        operator: Equal
+        value: stable
+        effect: NoSchedule
       securityContext:
         runAsNonRoot: true
         runAsUser: 65534

Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,7 @@ terraform {`
`22`	`22`	`required_providers {`
`23`	`23`	`aws = {`
`24`	`24`	`source = "hashicorp/aws"`
`25`		`- version = "~> 5.59"`
	`25`	`+ version = "~> 5.100"`
`26`	`26`	`}`
`27`	`27`	`kubernetes = {`
`28`	`28`	`source = "hashicorp/kubernetes"`