Digital Business Automation Ideas


This is an IBM Automation portal for Digital Business Automation products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Please use the following category to raise ideas for these offerings for all environments (traditional on premises, containers, on cloud):

  • Cloud Pak for Business Automation - including Business Automation Studio and App Designer, Business Automation Insights

  • Business Automation Workflow (BAW) - including BAW, Business Process Manager, Workstream Services, Business Performance Center, Advanced Case Management

  • Content Services - FileNet Content Manager

  • Content Services - Content Manager OnDemand

  • Content Services - Daeja Virtual Viewer

  • Content Services - Navigator

  • Content Services - Content Collector for Email, Sharepoint, Files

  • Content Services - Content Collector for SAP

  • Content Services - Enterprise Records

  • Content Services - Content Manager (CM8)

  • Datacap

  • Automation Document Processing

  • Automation Decision Services (ADS)

  • Operational Decision Manager

  • Robotic Process Automation

  • Robotic Process Automation with Automation Anywhere

  • Blueworks Live

  • Business Automation Manager Open Edition

  • IBM Process Mining


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


Add a new idea Subscribe
Status Submitted
Workspace Cloud Pak for Business Automation
Created by Guest
Created on Apr 7, 2026

RELATED IDEAS

Remove hardcoded Operator-node affinity for temporary setup Pods to support standard OpenShift workload isolation

Summary of the Enhancement

Modify the CP4BA Operator so that it no longer hardcodes node affinity to its own host node when deploying temporary pods (used for PVC mounting and JDBC driver updates) into the operand namespace. The temporary pod should respect the scheduling constraints and node selectors of the target operand namespace.

Current Behavior & The Problem

In enterprise OpenShift environments, strict workload isolation is a standard practice. Infrastructure workloads (Operators) run on dedicated "infra" nodes, while Application workloads (Operands) run on dedicated application nodes (e.g., "cp4ba" nodes). This isolation is defined via the scheduler.alpha.kubernetes.io namespace annotations, which are then actively enforced by the OpenShift PodNodeSelector and PodTolerationRestriction mutating admission controllers.

Currently, the CP4BA Operator creates a temporary pod in the operand namespace to update JDBC drivers and mount PVCs. However, the Operator hardcodes the pod's node affinity to the exact node where the Operator is currently running (an "infra" node).

Because the target operand namespace enforces its own node selectors (forcing pods to "cp4ba" nodes), the OpenShift admission controller merges the namespace's constraints with the Operator's hardcoded constraints. This results in an unresolvable conflict (e.g., the pod requires a node that is labeled as both infra and cp4ba), leaving the temporary pod permanently stuck in a Pending state.

According to IBM Support, this hardcoded affinity was implemented to bypass image pull timeouts, as pulling the large operator image onto a new application node would cause the Operator's reconciliation loop to timeout and fail.


Business and Technical Impact

  • Violates Kubernetes Best Practices: Hardcoding workload affinity to bypass a timeout issue is an antipattern that directly conflicts with core Kubernetes workload isolation principles.

  • Deployment Blockers: This prevents CP4BA from being deployed in secure OpenShift environments that mandate namespace-level scheduling annotations.

  • Resource Risk: It forces application-level tasks onto infrastructure nodes, which are meant to be reserved for critical cluster operations.

Proposed Solution We request that the engineering team implement one or a combination of the following solutions:

  1. Remove Hardcoded Affinity: Stop forcing the temporary pod onto the Operator's node and allow the standard Kubernetes scheduler (and namespace admission controllers) to place the pod appropriately.

  2. Provide a Configuration Toggle: Add a parameter in the CP4BA Custom Resource to explicitly disable this "image pull optimization" so the temporary pod is allowed to schedule cleanly within the operand namespace's constraints.

Idea priority High

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.