ossm-config-control-plane-infrastructure-node-console.adoc

Configuring all control plane components to run on infrastructure nodes using the web console

Perform this task if all of the components deployed by the {SMProductShortName} control plane, including Istiod, Ingress Gateway, and Egress Gateway, along with optional elements, such as Prometheus, Grafana, and Distributed Tracing, will run on infrastructure nodes.

If the control plane will run on a worker node, skip this task.

Prerequisites

• The {SMProductName} Operator must be installed.

• An account with the cluster-admin role. If you use {product-dedicated}, you must have an account with the dedicated-admin role.

Procedure

1. Log in to the {product-title} web console.

2. Navigate to Operators → Installed Operators.

3. Click the {SMProductName} Operator, then click Istio Service Mesh Control Plane.

4. Click the name of the control plane resource. For example, basic.

5. Click YAML.

6. Modify the YAML code to run all of the {SMProductShortName} components deployed by the ServiceMeshControlPlane on infrastructure nodes. Add the nodeSelector and tolerations fields to the spec.runtime.defaults.pod spec in the ServiceMeshControlPlane resource:

   spec:
     runtime:
       defaults:
         pod:
           nodeSelector: (1)
             node-role.kubernetes.io/infra: ""
           tolerations: (2)
           - effect: NoSchedule
             key: node-role.kubernetes.io/infra
             value: reserved
           - effect: NoExecute
             key: node-role.kubernetes.io/infra
             value: reserved

   1. Ensures that the SMCP pods are only scheduled on an infrastructure node.

   2. Ensures that the pods are accepted by the infrastructure node.

7. Click Save.

8. Click Reload.