control-service: add pod disruption budget (#2882)

# Why All for higher Control Service availability while permitting the cluster administrator to manage the clusters nodes. # What Add optional configuration for pod disruption budget.
vmware · Nov 7, 2023 · 68e3121 · 68e3121
1 parent 74cd3ab
commit 68e3121
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 11 deletions.
diff --git a/...service/projects/helm_charts/pipelines-control-service/templates/poddisruptionbudget.yaml b/...service/projects/helm_charts/pipelines-control-service/templates/poddisruptionbudget.yaml
@@ -0,0 +1,20 @@
+{{- /*
+  Copyright 2021-2023 VMware, Inc.
+  SPDX-License-Identifier: Apache-2.0
+ */}}
+
+{{- if .Values.poddisruptionbudget.enabled }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  labels: { { - include "pipelines-control-service.labels" . | nindent 4 } }
+    { { - range $key, $value := .Values.poddisruptionbudget.metadata.labels } }
+    { { $key } }: { { $value | quote } }
+  { { - end } }
+  name: {{ .Release.Name }}-pdb
+  namespace: {{ .Release.Namespace }}
+spec:
+  minAvailable: {{ .Values.poddisruptionbudget.minAvailable }}
+  selector:
+    matchLabels: { { - include "pipelines-control-service.selectorLabels" . | nindent 6 } }
+  {{- end }}
diff --git a/projects/control-service/projects/helm_charts/pipelines-control-service/values.yaml b/projects/control-service/projects/helm_charts/pipelines-control-service/values.yaml
@@ -556,6 +556,15 @@ resources:
       cpu: 500m
       memory: 500Mi
 
+# Specify Pod Disruption Budget  for the Control Service Deployment to allow for higher availability while permitting
+# the cluster administrator to manage the clusters nodes
+# see https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+poddisruptionbudget:
+  enabled: false
+  metadata:
+    labels: # additional labels if needed
+  minAvailable: 1
+
 ## [Required] Database configuration used by Control Plane
 ## Database is used to store Data Jobs metadata like name, team, description
 ## and some deploy specific configuration like execution schedule
@@ -1182,14 +1191,14 @@ alertmanager:
 # More information here: https://github.com/vmware/versatile-data-kit/tree/main/specs/vep-1493-vault-integration
 secrets:
     vault:
-        enabled: false
-        ## Name of the secret which holds Vault URI and Approle RoleId and SecretId. The chart will not attempt to
-        ## create this, but will use it as is.
-        ## The secret should contain keys: URI, ROLEID, SECRETID
-        externalSecretName: ""
-        ## Alternatively provide the uri and Approle Settings here. externalSecretName takes precedence if both are set.
-        uri: "http://localhost:8200"
-        approle:
-            roleid: foo
-            secretid: foo
-        sizeLimitBytes: "1048576"
+      enabled: false
+      ## Name of the secret which holds Vault URI and Approle RoleId and SecretId. The chart will not attempt to
+      ## create this, but will use it as is.
+      ## The secret should contain keys: URI, ROLEID, SECRETID
+      externalSecretName: ""
+      ## Alternatively provide the uri and Approle Settings here. externalSecretName takes precedence if both are set.
+      uri: "http://localhost:8200"
+      approle:
+          roleid: foo
+          secretid: foo
+      sizeLimitBytes: "1048576"