diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/kubernetes.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/kubernetes.tf
index f3b0eb427f..6cc494b619 100644
--- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/kubernetes.tf	
+++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/kubernetes.tf	
@@ -421,6 +421,7 @@ module "forwardauth" {
   namespace    = var.environment
   external-url = var.endpoint
 
+  node-group = local.node_groups.general
   jh-client-id      = local.forwardauth-keycloak-client-id
   jh-client-secret  = random_password.forwardauth-jhsecret.result
   callback-url-path = local.forwardauth-callback-url-path
diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/main.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/main.tf
index 06ad449ea4..32dbd7ed1f 100644
--- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/main.tf	
+++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/main.tf	
@@ -44,7 +44,21 @@ resource "kubernetes_deployment" "forwardauth-deployment" {
       }
 
       spec {
-
+        affinity {
+          node_affinity {
+            required_during_scheduling_ignored_during_execution {
+              node_selector_term {
+                match_expressions {
+                  key      = var.node-group.key
+                  operator = "In"
+                  values = [
+                    var.node-group.value
+                  ]
+                }
+              }
+            }
+          }
+        }
         container {
           # image = "thomseddon/traefik-forward-auth:2.2.0"
           # Use PR #159 https://github.com/thomseddon/traefik-forward-auth/pull/159
diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/variables.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/variables.tf
index b720600206..58ad82264b 100644
--- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/variables.tf	
+++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/forwardauth/variables.tf	
@@ -21,4 +21,12 @@ variable "jh-client-secret" {
 variable "callback-url-path" {
   description = "Path of Callback URL"
   type        = string
-}
\ No newline at end of file
+}
+
+variable "node-group" {
+  description = "Node key value pair for bound general resources"
+  type = object({
+    key   = string
+    value = string
+  })
+}
diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/chart/values.yaml b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/chart/values.yaml
index 35ba5901be..d980954e93 100644
--- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/chart/values.yaml	
+++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/chart/values.yaml	
@@ -226,6 +226,8 @@ redis: # configuration from https://github.com/bitnami/charts/blob/master/bitnam
   master:
     name: "{{ .Release.Name }}-redis-master"
     port: 6379
+    nodeSelector:
+      app: "clearml"
     persistence:
       enabled: true
       accessModes:
@@ -240,6 +242,8 @@ mongodb: # configuration from https://github.com/bitnami/charts/blob/master/bitn
     registry: docker.io
     repository: bitnami/mongodb
     tag: 3.6.21-debian-9-r71
+  nodeSelector:
+    app: "clearml"
   architecture: standalone
   auth:
     enabled: false
diff --git a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/main.tf b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/main.tf
index 1c6da98405..3d89ad0243 100755
--- a/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/main.tf	
+++ b/qhub/template/{{ cookiecutter.repo_directory }}/infrastructure/modules/kubernetes/services/clearml/main.tf	
@@ -53,4 +53,20 @@ resource "helm_release" "clearml" {
     }
   }
 
+  dynamic "set" {
+    for_each = var.node_selector
+    content {
+      name  = "mongodb.nodeSelector.${set.key}"
+      value = set.value
+    }
+  }
+
+  dynamic "set" {
+    for_each = var.node_selector
+    content {
+      name  = "redis.master.nodeSelector.${set.key}"
+      value = set.value
+    }
+  }
+
 }