Configure Node Label for TMM

During the installation of BIG-IP Next for Kubernetes, the data plane components will be installed on cluster nodes that carry the ‘f5-tmm’ label. To ensure the successful installation of data plane components on one or more NVIDIA BlueField-3 DPU cluster nodes, we need to identify the desired nodes and ensure that they have the ‘f5-tmm’ label applied.

Note: Execute all the instructions on the DPU node unless otherwise stated.
  1. To obtain the name of the DPU Node, run:

    kubectl get nodes
    

    Response

    NAME                    STATUS   ROLES           AGE   VERSION
    arm64-sm-2              Ready    control-plane   33d   v1.29.7
    localhost.localdomain   Ready    <none>          10d   v1.29.9
    
  2. To add the label app=f5-tmm to the DPU Node, run:

    kubectl label node localhost.localdomain app=f5-tmm
    

    Response

    node/localhost.localdomain labeled
    
  3. To verify that the label has been applied correctly, run:

    kubectl get node localhost.localdomain --show-labels
    

    Response

    NAME                    STATUS   ROLES    AGE   VERSION   LABELS
    
    localhost.localdomain   Ready    <none>   10d   v1.29.9   app=f5-tmm,beta.kubernetes.io/arch=arm64,beta.kubernetes.io/os=linux,kubernetes.io/arch=arm64,kubernetes.io/hostname=localhost.localdomain,kubernetes.io/os=linux
    

Apply a Taint on DPU Node(s)

A taint is a way to specify that a node should not accept certain pods unless they explicitly tolerate the taint. It is used to control pod placement and enforce constraints on where pods can run.

Add a taint to the DPU nodes to restrict the DPU to running only the TMM and prevent Control Plane workloads to be scheduled on the DPU nodes. This taint will still permit other system-level daemonsets, like Flannel, to be executed.


kubectl taint nodes localhost.localdomain dpu=true:NoSchedule
Note: Users must apply the taint on all DPU nodes.