Add PodDisruptionBudget for CoreDNS deployment. Allows users to control disruption behavior and set maximum unavailable pods (#10557)

2024-01-16 10:04:47 +01:00 · 2024-01-16 10:04:47 +01:00 · 7b7c9f509e
parent beb2660aa8
commit 7b7c9f509e
3 changed files with 18 additions and 0 deletions
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@ -18,6 +18,11 @@ coredns_default_zone_cache_block: |
  cache 30
 coredns_host_network: false
 coredns_port: 53
+
+coredns_pod_disruption_budget: false
+# value for coredns pdb
+coredns_pod_disruption_budget_max_unavailable: "30%"
+
 # coredns_additional_configs adds any extra configuration to coredns
 # coredns_additional_configs: |
 #   whoami
--- a/roles/kubernetes-apps/ansible/tasks/coredns.yml
+++ b/roles/kubernetes-apps/ansible/tasks/coredns.yml
@ -14,6 +14,7 @@
    - { name: dns-autoscaler, file: dns-autoscaler.yml, type: deployment }
    - { name: dns-autoscaler, file: dns-autoscaler-clusterrole.yml, type: clusterrole }
    - { name: dns-autoscaler, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding }
+    - { name: coredns, file: coredns-poddisruptionbudget.yml, type: poddisruptionbudget, condition: coredns_pod_disruption_budget }
    - { name: dns-autoscaler, file: dns-autoscaler-sa.yml, type: sa }
  register: coredns_manifests
  vars:
@ -22,6 +23,7 @@
    - dns_mode in ['coredns', 'coredns_dual']
    - inventory_hostname == groups['kube_control_plane'][0]
    - enable_dns_autoscaler or item.name != 'dns-autoscaler'
+    - item.condition | default(True)
  tags:
    - coredns

@ -34,6 +36,7 @@
    - { name: coredns, src: coredns-deployment.yml, file: coredns-deployment-secondary.yml, type: deployment }
    - { name: coredns, src: coredns-svc.yml, file: coredns-svc-secondary.yml, type: svc }
    - { name: dns-autoscaler, src: dns-autoscaler.yml, file: coredns-autoscaler-secondary.yml, type: deployment }
+    - { name: coredns, file: coredns-poddisruptionbudget.yml, type: poddisruptionbudget, condition: coredns_pod_disruption_budget }
  register: coredns_secondary_manifests
  vars:
    clusterIP: "{{ skydns_server_secondary }}"
@ -42,5 +45,6 @@
    - dns_mode == 'coredns_dual'
    - inventory_hostname == groups['kube_control_plane'][0]
    - enable_dns_autoscaler or item.name != 'dns-autoscaler'
+    - item.condition | default(True)
  tags:
    - coredns
--- a/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2
@ -0,0 +1,9 @@
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: coredns{{ coredns_ordinal_suffix }}
+spec:
+  maxUnavailable: {{ coredns_pod_disruption_budget_max_unavailable }}
+  selector:
+    matchLabels:
+      k8s-app: kube-dns{{ coredns_ordinal_suffix }}