[Bug]: Incorrect default pod antiaffinity for NodePools #11509
Description
Bug Description
The value of affinity.podantiaffinity default is generated as follows which does not match documentation which seems to be more correct. doc The incorrect version below will prevent two pods from the same cluster from running in the same zone
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
strimzi.io/cluster: kafka-dev-sci
strimzi.io/name: kafka-dev-sci-kafka
topologyKey: topology.kubernetes.io/zone
weight: 100Steps to reproduce
The following yaml demonstrats this was default
- apiVersion: kafka.strimzi.io/v1beta2
kind: KafkaNodePool
metadata:
annotations:
meta.helm.sh/release-name: kafka-dev
meta.helm.sh/release-namespace: kafka
strimzi.io/next-node-ids: '[100-999]'
creationTimestamp: "2025-06-07T02:21:10Z"
generation: 1
labels:
app.kubernetes.io/instance: kafka-dev
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: sci
app.kubernetes.io/version: 1.16.0
helm.sh/chart: strimzi-cluster-instance-0.0.1-20250606220625
helm.toolkit.fluxcd.io/name: kafka-dev
helm.toolkit.fluxcd.io/namespace: kafka
strimzi.io/cluster: kafka-dev-sci
name: kafka-dev-sci-controller
namespace: kafka
resourceVersion: "160521"
uid: a8a4ebcd-ac3c-4230-9a51-eb51278dfa7e
spec:
replicas: 3
resources:
requests:
cpu: "1"
memory: 2Gi
roles:
- controller
storage:
type: jbod
volumes:
- id: 0
kraftMetadata: shared
sizeLimit: 64Gi
type: ephemeralExpected behavior
Per doc
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: strimzi.io/name
operator: In
values:
- CLUSTER-NAME-kafka
topologyKey: "kubernetes.io/hostname"However the doc version is also problematic because this would prevent two pods from the same cluster which may from the same host. The most correct version should only have antiaffinity for the nodepool
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: strimzi.io/cluster
operator: In
values:
- CLUSTER-NAME
- key: strimzi.io/cluster
operator: In strimzi.io/pool-name
values:
- POOL_NAME
topologyKey: "kubernetes.io/hostname"Strimzi version
0.46.0
Kubernetes version
K8s 1.33
Installation method
yaml
Infrastructure
kind
Configuration files and logs
apiVersion: v1
items:
- apiVersion: kafka.strimzi.io/v1beta2
kind: Kafka
metadata:
annotations:
meta.helm.sh/release-name: kafka-dev
meta.helm.sh/release-namespace: kafka
strimzi.io/kraft: enabled
strimzi.io/node-pools: enabled
creationTimestamp: "2025-06-07T20:47:39Z"
generation: 1
labels:
app.kubernetes.io/instance: kafka-dev
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: sci
app.kubernetes.io/version: 1.16.0
helm.sh/chart: strimzi-cluster-instance-0.0.1-20250607181058
helm.toolkit.fluxcd.io/name: kafka-dev
helm.toolkit.fluxcd.io/namespace: kafka
name: kafka-dev-sci
namespace: kafka
resourceVersion: "45665"
uid: 8072deb2-5259-4d31-b065-f003504fe1f9
spec:
cruiseControl:
brokerCapacity:
inboundNetwork: 15728640KiB/s
outboundNetwork: 15728640KiB/s
resources:
requests:
cpu: "1"
memory: 1Gi
template:
pod: {}
entityOperator:
template:
pod: {}
topicOperator:
watchedNamespace: kafka
userOperator:
watchedNamespace: kafka
kafka:
config:
auto.create.topics.enable: true
default.replication.factor: 2
min.insync.replicas: 2
offsets.topic.replication.factor: 3
replica.selector.class: org.apache.kafka.common.replica.RackAwareReplicaSelector
socket.receive.buffer.bytes: -1
socket.send.buffer.bytes: -1
transaction.state.log.min.isr: 2
transaction.state.log.replication.factor: 3
listeners:
- name: int4plain
port: 9092
tls: false
type: internal
- name: int4tls
port: 9093
tls: true
type: internal
- configuration:
brokerCertChainAndKey:
certificate: tls.crt
key: tls.key
secretName: kafka-dev-sci-external
brokers:
- advertisedHost: broker-100.domain.local
advertisedPort: 9094
annotations:
external-dns.alpha.kubernetes.io/hostname: broker-100.domain.local
broker: 100
- advertisedHost: broker-101.domain.local
advertisedPort: 9094
annotations:
external-dns.alpha.kubernetes.io/hostname: broker-101.domain.local
broker: 101
- advertisedHost: broker-102.domain.local
advertisedPort: 9094
annotations:
external-dns.alpha.kubernetes.io/hostname: broker-102.domain.local
broker: 102
createBootstrapService: true
name: ext4tls
port: 9094
tls: true
type: cluster-ip
rack:
topologyKey: topology.kubernetes.io/zoneamlAdditional context
No response