Admission Controller

Azure Kubernetes Service introduces complexity when attempting to assign pod to Virtual Machines with SPOT configuration (Discounted VMs). AKS requires pods to have a toleration in their .yaml configuration to scheudle that pod into spot VMs. In this section we will understand how we can use Ocean admission controller to automatically inject the required toleration into any deployment you require. (Helm charts and other deployment is also supported)

Review the Micorosft documentation regarding the nessesary tolerations here.

How it works

  • Admission controller deployment running in your cluster and injects toleration to NEW PODS only.
  • Admission controller operates on namespace level, if a name space is labeled with spot.io/inject-aks-spot-toleration: "true" only then the admission controller will inject toleration into the pods
  • Admission controller will not work on already existing pods that were running in the cluster or if the namespace was not labeled.

Use Cases

  • New POC where the devops team doesn’t want/cannot invest resources to change the yaml configuration of their numerous deployments.
  • Deployments from Helm and other charts.
  • Production changes are locked or there is code freeze for the near future.