From b5164d9d368e2f592c032ae8eb0ee145dd1e2efb Mon Sep 17 00:00:00 2001
From: JJGadgets <git@jjgadgets.tech>
Date: Sun, 22 Sep 2024 13:18:53 +0800
Subject: [PATCH] feat(flux): only tolerate no Cilium, other scheduling

---
 kube/bootstrap/flux/flux-install-localhost.yaml | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/kube/bootstrap/flux/flux-install-localhost.yaml b/kube/bootstrap/flux/flux-install-localhost.yaml
index 7804c97b..0d49f80b 100644
--- a/kube/bootstrap/flux/flux-install-localhost.yaml
+++ b/kube/bootstrap/flux/flux-install-localhost.yaml
@@ -100,7 +100,15 @@ spec:
                 - topologyKey: kubernetes.io/hostname
                   labelSelector:
                     matchLabels:
-                      flux: localhost
+                      flux: localhost # schedule all Flux pods on the same node
+            nodeAffinity:
+              requiredDuringSchedulingIgnoredDuringExecution:
+                nodeSelectorTerms:
+                  - matchExpressions:
+                      - key: node-role.kubernetes.io/control-plane # only schedule on control plane nodes
+                        operator: Exists
+                      - key: fuckoff.home.arpa/flux # don't schedule on this node
+                        operator: DoesNotExist
       target:
         kind: Deployment
     - patch: |
@@ -217,7 +225,8 @@ spec:
         - op: add
           path: /spec/template/spec/tolerations
           value:
-            - operator: Exists
+            - key: node.cilium.io/agent-not-ready
+              operator: Exists
         - op: replace
           path: /spec/strategy
           value: