diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
index 29b0f4f83..7d926dda1 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md
@@ -67,7 +67,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` |
| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.3.0` |
| `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` |
-| `linux.tolerations` | Tolerations for the daemonset on linux nodes | `{}` |
+| `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` |
| `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` |
| `linux.podLabels` | Additional pod labels | `{}` |
| `linux.podAnnotations` | Additional pod annotations | `{}` |
diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
index b5e7316b5..811fe728e 100644
--- a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
+++ b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
@@ -20,7 +20,10 @@ linux:
tag: v1.3.0
pullPolicy: IfNotPresent
nodeSelector: {}
- tolerations: []
+ # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
+ # An empty key with operator Exists matches all keys, values and effects which means this will tolerate everything.
+ tolerations:
+ - operator: Exists
enabled: true
resources:
requests:
@@ -63,7 +66,10 @@ windows:
tag: v1.3.0
pullPolicy: IfNotPresent
nodeSelector: {}
- tolerations: []
+ # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
+ # An empty key with operator Exists matches all keys, values and effects which means this will tolerate everything.
+ tolerations:
+ - operator: Exists
enabled: false
resources:
requests:
@@ -153,7 +159,7 @@ secrets-store-csi-driver:
rotationPollInterval: 2m
# Refer to https://secrets-store-csi-driver.sigs.k8s.io/load-tests.html for more details on actions to take before enabling this feature
filteredWatchSecret: true
-
+
syncSecret:
enabled: false
diff --git a/manifest_staging/deployment/provider-azure-installer-windows.yaml b/manifest_staging/deployment/provider-azure-installer-windows.yaml
index ab6dc0628..430743534 100644
--- a/manifest_staging/deployment/provider-azure-installer-windows.yaml
+++ b/manifest_staging/deployment/provider-azure-installer-windows.yaml
@@ -63,5 +63,7 @@ spec:
hostPath:
path: "C:\\k\\secrets-store-csi-providers"
type: DirectoryOrCreate
+ tolerations:
+ - operator: Exists
nodeSelector:
kubernetes.io/os: windows
diff --git a/manifest_staging/deployment/provider-azure-installer.yaml b/manifest_staging/deployment/provider-azure-installer.yaml
index 5bfd747d3..bd145ecfe 100644
--- a/manifest_staging/deployment/provider-azure-installer.yaml
+++ b/manifest_staging/deployment/provider-azure-installer.yaml
@@ -70,5 +70,7 @@ spec:
- name: providervol
hostPath:
path: "/var/run/secrets-store-csi-providers"
+ tolerations:
+ - operator: Exists
nodeSelector:
kubernetes.io/os: linux