From bc34ba412b21a536da57952504558f5ca1629703 Mon Sep 17 00:00:00 2001 From: lobiyed mohammed karim Date: Wed, 25 Oct 2023 14:52:12 +0200 Subject: [PATCH] Add PodDisruptionBudget for CoreDNS deployment. Allows users to control disruption behavior and set maximum unavailable pods --- roles/kubernetes-apps/ansible/defaults/main.yml | 5 +++++ roles/kubernetes-apps/ansible/tasks/coredns.yml | 4 ++++ .../ansible/templates/coredns-poddisruptionbudget.yml.j2 | 9 +++++++++ 3 files changed, 18 insertions(+) create mode 100644 roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2 diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml index 52444b08703..0050ce05b75 100644 --- a/roles/kubernetes-apps/ansible/defaults/main.yml +++ b/roles/kubernetes-apps/ansible/defaults/main.yml @@ -18,6 +18,11 @@ coredns_default_zone_cache_block: | cache 30 coredns_host_network: false coredns_port: 53 + +coredns_pod_disruption_budget: false +# value for coredns pdb +coredns_pod_disruption_budget_max_unavailable: "30%" + # coredns_additional_configs adds any extra configuration to coredns # coredns_additional_configs: | # whoami diff --git a/roles/kubernetes-apps/ansible/tasks/coredns.yml b/roles/kubernetes-apps/ansible/tasks/coredns.yml index a5f7b198cae..5b767cf0744 100644 --- a/roles/kubernetes-apps/ansible/tasks/coredns.yml +++ b/roles/kubernetes-apps/ansible/tasks/coredns.yml @@ -14,6 +14,7 @@ - { name: dns-autoscaler, file: dns-autoscaler.yml, type: deployment } - { name: dns-autoscaler, file: dns-autoscaler-clusterrole.yml, type: clusterrole } - { name: dns-autoscaler, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding } + - { name: coredns, file: coredns-poddisruptionbudget.yml, type: poddisruptionbudget, condition: coredns_pod_disruption_budget } - { name: dns-autoscaler, file: dns-autoscaler-sa.yml, type: sa } register: coredns_manifests vars: @@ -22,6 +23,7 @@ - dns_mode in ['coredns', 'coredns_dual'] - inventory_hostname == groups['kube_control_plane'][0] - enable_dns_autoscaler or item.name != 'dns-autoscaler' + - item.condition | default(True) | bool tags: - coredns @@ -34,6 +36,7 @@ - { name: coredns, src: coredns-deployment.yml, file: coredns-deployment-secondary.yml, type: deployment } - { name: coredns, src: coredns-svc.yml, file: coredns-svc-secondary.yml, type: svc } - { name: dns-autoscaler, src: dns-autoscaler.yml, file: coredns-autoscaler-secondary.yml, type: deployment } + - { name: coredns, file: coredns-poddisruptionbudget.yml, type: poddisruptionbudget, condition: coredns_pod_disruption_budget } register: coredns_secondary_manifests vars: clusterIP: "{{ skydns_server_secondary }}" @@ -42,5 +45,6 @@ - dns_mode == 'coredns_dual' - inventory_hostname == groups['kube_control_plane'][0] - enable_dns_autoscaler or item.name != 'dns-autoscaler' + - item.condition | default(True) | bool tags: - coredns diff --git a/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2 new file mode 100644 index 00000000000..7df6b262186 --- /dev/null +++ b/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2 @@ -0,0 +1,9 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: coredns{{ coredns_ordinal_suffix }} +spec: + maxUnavailable: {{ coredns_pod_disruption_budget_max_unavailable }} + selector: + matchLabels: + k8s-app: kube-dns{{ coredns_ordinal_suffix }}