On a Kubernetes deployment, is it possible to specify restrict the nodes that connector pods run on? e.g., connector pods for workspace X run only on nodes for workspace X?

We just added an env variable that you can use to control connector pods globally. However, it doesn’t allow you to do it on a per-workspace basis.

What’s the use case here? Is it performance related or security related?

Security. It is a nice-to-have for us, but not a requirement

Can you make an issue for this on Github? No guarantees that we’ll get to it soon (we also have some other security related changes in the pipes like storing configs in a secrets store that we’ll likely work on first).

For a start, there is

WORKER_POD_TOLERATIONS

https://github.com/airbytehq/airbyte/pull/5585, but that is not tied to a workspace. Not sure how easy/difficult it is to use it for for workspace isolation…

tolerations can prevent pods from being scheduled on certain nodes, but I think I need to specify node affinity for workers so that they can be forced to launch on certain nodes Edit: I was able to get our desired configuration by applying a taint to the nodegroup used for the Airbyte backend containers

I still think this should be affinity instead of toleration With toleration pods can still schedule on other nodes