Add PodDisruptionBudget for CoreDNS deployment. Allows users to contr…

…ol disruption behavior and set maximum unavailable pods (kubernetes-sigs#10557)
pedro-peter · May 8, 2024 · 1d6d4e8 · 1d6d4e8
1 parent 1180b39
commit 1d6d4e8
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 0 deletions.
diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -18,6 +18,11 @@ coredns_default_zone_cache_block: |
   cache 30
 coredns_host_network: false
 coredns_port: 53
+
+coredns_pod_disruption_budget: false
+# value for coredns pdb
+coredns_pod_disruption_budget_max_unavailable: "30%"
+
 # coredns_additional_configs adds any extra configuration to coredns
 # coredns_additional_configs: |
 #   whoami

diff --git a/roles/kubernetes-apps/ansible/tasks/coredns.yml b/roles/kubernetes-apps/ansible/tasks/coredns.yml
@@ -14,6 +14,7 @@
     - { name: dns-autoscaler, file: dns-autoscaler.yml, type: deployment }
     - { name: dns-autoscaler, file: dns-autoscaler-clusterrole.yml, type: clusterrole }
     - { name: dns-autoscaler, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding }
+    - { name: coredns, file: coredns-poddisruptionbudget.yml, type: poddisruptionbudget, condition: coredns_pod_disruption_budget }
     - { name: dns-autoscaler, file: dns-autoscaler-sa.yml, type: sa }
   register: coredns_manifests
   vars:
@@ -22,6 +23,7 @@
     - dns_mode in ['coredns', 'coredns_dual']
     - inventory_hostname == groups['kube_control_plane'][0]
     - enable_dns_autoscaler or item.name != 'dns-autoscaler'
+    - item.condition | default(True)
   tags:
     - coredns
 
@@ -34,6 +36,7 @@
     - { name: coredns, src: coredns-deployment.yml, file: coredns-deployment-secondary.yml, type: deployment }
     - { name: coredns, src: coredns-svc.yml, file: coredns-svc-secondary.yml, type: svc }
     - { name: dns-autoscaler, src: dns-autoscaler.yml, file: coredns-autoscaler-secondary.yml, type: deployment }
+    - { name: coredns, file: coredns-poddisruptionbudget.yml, type: poddisruptionbudget, condition: coredns_pod_disruption_budget }
   register: coredns_secondary_manifests
   vars:
     clusterIP: "{{ skydns_server_secondary }}"
@@ -42,5 +45,6 @@
     - dns_mode == 'coredns_dual'
     - inventory_hostname == groups['kube_control_plane'][0]
     - enable_dns_autoscaler or item.name != 'dns-autoscaler'
+    - item.condition | default(True)
   tags:
     - coredns
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-poddisruptionbudget.yml.j2
@@ -0,0 +1,9 @@
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: coredns{{ coredns_ordinal_suffix }}
+spec:
+  maxUnavailable: {{ coredns_pod_disruption_budget_max_unavailable }}
+  selector:
+    matchLabels:
+      k8s-app: kube-dns{{ coredns_ordinal_suffix }}