Skip to content

Instantly share code, notes, and snippets.

@dmc5179

dmc5179/openshift_block_bad_pdbs.yaml

Created May 17, 2024 22:32
Show Gist options
  • Save dmc5179/e32cf7a28191cf57f8153578a3031a8e to your computer and use it in GitHub Desktop.
Save dmc5179/e32cf7a28191cf57f8153578a3031a8e to your computer and use it in GitHub Desktop.
Download ZIP
Tool to block Pod Disruption Budges where maxUnavailable is 1
Raw
openshift_block_bad_pdbs.yaml
kind: ValidatingAdmissionPolicy
apiVersion: admissionregistration.k8s.io/v1alpha1
metadata:
name: pdb
spec:
matchConstraints:
resourceRules:
- operations:
- CREATE
apiGroups:
- policy
apiVersions:
- v1
resources:
- poddisruptionbudgets
scope: '*'
matchPolicy: Equivalent
validations:
- expression: object.spec.maxUnavailable > 1
failurePolicy: Fail
---
kind: ValidatingAdmissionPolicyBinding
apiVersion: admissionregistration.k8s.io/v1alpha1
metadata:
name: pdb-binding
spec:
policyName: pdb
validationActions:
- Deny
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment