Pod Disruption Budget Controller
This is a simple Kubernetes controller for adding default Pod Disruption
Budgets (PDBs) for Deployments and StatefulSets in case none are defined. This
is inspired by the dicussion in
kubernetes/kubernetes#35318
and was created for lack of an alternative.
How it works
The controller simply gets all Pod Disruption Budgets for each namespace and
compares them to Deployments and StatefulSets. For any resource with more than
1 replica and no matching Pod Disruption Budget, a default PDB will be created:
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: my-app
namespace: kube-system
labels:
application: my-app
heritage: pdb-controller
version: v1.0.0
spec:
minAvailable: 1
selector:
matchLabels:
application: my-app
The selector and labels are based on those from the related Deployment or
StatefulSet. The special heritage=pdb-controller
label is set by the
controller and is used to find owned PDBs. Owned PDBs are removed in case
replicas of the related resource is scaled to 1 or less. This
is done to prevent deadlocking for clients depending on the PDBs e.g. cluster
upgrade tools.
Additionally you can run the controller with the flag --non-ready-ttl=15m
which means it will remove owned PDBs in case the pods of a targeted deployment
or statefulset are non-ready for more than the specified ttl. This is another
way to ensure broken deployments doesn't block cluster operations.
This global value can also be overriden by specifying the annotation
pdb-controller.zalando.org/non-ready-ttl
on a deployment or statefulset.
Building
This project uses Go modules as
introduced in Go 1.11 therefore you need Go >=1.11 installed in order to build.
If using Go 1.11 you also need to activate Module
support.
Assuming Go has been setup with module support it can be built simply by running:
export GO111MODULE=on # needed if the project is checked out in your $GOPATH.
$ make
Setup
The pdb-controller
can be run as a deployment in the cluster. See
deployment.yaml for an example.
Deploy it by running:
$ kubectl apply -f docs/deployment.yaml
TODO
- Instead of long polling, add a Watch feature.
LICENSE
See LICENSE file.