From 2a6ededbf54a9f8ac036ad0ebfc673934f93fde9 Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Wed, 16 Apr 2025 12:25:32 +0200
Subject: syz-cluster: enforce pod to node assignment

On GKE, we use a separate node pool that supports nested virtualization.
Taints and tolerations (that were used before) only make sure that no
other pods are scheduled there, but are not enough to make sure that the
pods that do need nested virtualization will end up there.

Use nodeSelector to force the affinity.
---
 syz-cluster/overlays/gke/kustomization.yaml | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/syz-cluster/overlays/gke/kustomization.yaml b/syz-cluster/overlays/gke/kustomization.yaml
index bdf53c431..ed2846a29 100644
--- a/syz-cluster/overlays/gke/kustomization.yaml
+++ b/syz-cluster/overlays/gke/kustomization.yaml
@@ -13,7 +13,7 @@ resources:
 patches:
   - target:
       kind: WorkflowTemplate
-      name: boot-step-template
+      name: (boot|fuzz)-step-template
     patch: |-
       - op: replace
         path: /spec/templates/0/tolerations
@@ -24,12 +24,9 @@ patches:
               effect: "NoSchedule"
   - target:
       kind: WorkflowTemplate
-      name: fuzz-step-template
+      name: (boot|fuzz)-step-template
     patch: |-
       - op: replace
-        path: /spec/templates/0/tolerations
+        path: /spec/templates/0/nodeSelector
         value:
-            - key: "workload"
-              operator: "Equal"
-              value: "nested-vm"
-              effect: "NoSchedule"
+          cloud.google.com/gke-nodepool: nested-vm-pool
-- 
cgit mrf-deployment