Skip to content

Commit 252ebf5

Browse files
authored
Set unhealthyPodEvictionPolicy=AlwaysAllow on traefik PDB (#76)
By default the PDB rejects evictions of unhealthy pods unless the budget is already met (IfHealthyBudget). With minAvailable=1 and a single not-Ready traefik pod, this blocks node drains on broken pods that aren't even serving traffic. AlwaysAllow lets the eviction API release pods that are not Ready regardless of the budget, which is the recommended default for ingress workloads.
1 parent 0a7c3bc commit 252ebf5

1 file changed

Lines changed: 2 additions & 0 deletions

File tree

pkg/traefik/deployer.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ import (
3535
"k8s.io/apimachinery/pkg/runtime/serializer"
3636
"k8s.io/apimachinery/pkg/util/intstr"
3737
"k8s.io/apimachinery/pkg/util/yaml"
38+
"k8s.io/utils/ptr"
3839
"sigs.k8s.io/controller-runtime/pkg/client"
3940

4041
"github.com/gardener/gardener-extension-shoot-traefik/pkg/apis/config"
@@ -882,6 +883,7 @@ func (d *Deployer) podDisruptionBudget() *policyv1.PodDisruptionBudget {
882883
LabelInstance: DeploymentName,
883884
},
884885
},
886+
UnhealthyPodEvictionPolicy: ptr.To(policyv1.AlwaysAllow),
885887
},
886888
}
887889
}

0 commit comments

Comments
 (0)