In some case, we need to dedicate some worker nodes to a specific workload.
It can do easily by defining a node selector policy on the namespace and each pods deploy in this namespace will inherited of this policy.
But to work, it's necessary to enable PodNodeSelector admission controller plugin on the Kubernetes ApiServer which is disable on IBM Kubernetes Service.
The workaround is to set the Node Selector policy on each pod, but it is controlled by the application team and not the infrastructure team and it's repetitive. And it can be done through tainted node, but it's really more restrictive than Node Selector.
Please find the kubernetes documentation for the PodNodeSelector admission controller: https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#podnodeselector
Do not place IBM confidential, company confidential, or personal information into any field.