Add pod disruption budget for ingress controller (#3248)

coolbry95 · web-flow · commit fdeff343afbc · 2023-02-08T17:30:12.000-08:00
diff --git a/deployments/helm-chart/README.md b/deployments/helm-chart/README.md
@@ -256,6 +256,10 @@ Parameter | Description | Default
 `controller.autoscaling.maxReplicas` | Maximum number of replicas for the HPA. | 3
 `controller.autoscaling.targetCPUUtilizationPercentage` | The target CPU utilization percentage. | 50
 `controller.autoscaling.targetMemoryUtilizationPercentage` | The target memory utilization percentage. | 50
+`controller.podDisruptionBudget.enabled` | Enables PodDisruptionBudget. | false
+`controller.podDisruptionBudget.annotations` | The annotations of the Ingress Controller pod disruption budget | {}
+`controller.podDisruptionBudget.minAvailable` | The number of Ingress Controller pods that should be available. This is a mutually exclusive setting with "maxUnavailable". | 0
+`controller.podDisruptionBudget.maxUnavailable` | The number of Ingress Controller pods that can be unavailable. This is a mutually exclusive setting with "minAvailable". | 0
 `controller.strategy` | Specifies the strategy used to replace old Pods with new ones. Docs for [Deployment update strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) and [Daemonset update strategy](https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy) | {}
 `controller.disableIPV6` | Disable IPV6 listeners explicitly for nodes that do not support the IPV6 stack. | false
 `rbac.create` | Configures RBAC. | true
diff --git a/deployments/helm-chart/templates/controller-pdb.yaml b/deployments/helm-chart/templates/controller-pdb.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.controller.podDisruptionBudget -}}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "nginx-ingress.serviceName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "nginx-ingress.labels" . | nindent 4 }}
+{{- if .Values.controller.podDisruptionBudget.annotations }}
+  annotations:
+{{ toYaml .Values.controller.podDisruptionBudget.annotations | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      app:  {{ include "nginx-ingress.appName" . }}
+{{- if .Values.controller.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.controller.podDisruptionBudget.minAvailable }}
+{{- end }}
+{{- if .Values.controller.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.controller.podDisruptionBudget.maxUnavailable }}
+{{- end }}
+{{- end }}
diff --git a/deployments/helm-chart/values.schema.json b/deployments/helm-chart/values.schema.json
@@ -1176,6 +1176,41 @@
           "title": "The priorityClassName",
           "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.25.4/_definitions.json#/definitions/io.k8s.api.core.v1.PodSpec/properties/priorityClassName"
         },
+        "podDisruptionBudget": {
+          "type": "object",
+          "default": {},
+          "title": "The podDisruptionBudget Schema",
+          "required": [
+            "enabled"
+          ],
+          "properties": {
+            "enabled": {
+              "type": "boolean"
+            },
+            "annotations": {
+              "type": "object",
+              "default": {},
+              "title": "The annotations Schema",
+              "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.25.4/_definitions.json#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta/properties/annotations"
+            },
+            "minAvailable": {
+              "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.25.4/_definitions.json#/definitions/io.k8s.api.policy.v1.PodDisruptionBudgetSpec/properties/minAvailable"
+            },
+            "maxUnavailable": {
+              "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.25.4/_definitions.json#/definitions/io.k8s.api.policy.v1.PodDisruptionBudgetSpec/properties/maxUnavailable"
+            }
+          },
+          "examples": [
+            {
+              "enable": true,
+              "minAvailable": 1
+            },
+            {
+              "enable": true,
+              "maxUnavailable": 1
+            }
+          ]
+        },
         "readyStatus": {
           "type": "object",
           "default": {},
@@ -1646,6 +1681,12 @@
           "name": "",
           "imagePullSecretName": ""
         },
+        "podDisruptionBudget": {
+          "enabled": false,
+          "annotations": {},
+          "minAvailable": 0,
+          "minUnavailable": 0
+        },
         "serviceMonitor": {
           "create": false,
           "name": "",
diff --git a/deployments/helm-chart/values.yaml b/deployments/helm-chart/values.yaml
@@ -179,6 +179,17 @@ controller:
   ## The minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available.
   minReadySeconds: 0
 
+  ## Pod disruption budget for the Ingress Controller pods.
+  podDisruptionBudget:
+    ## Enables PodDisruptionBudget.
+    enabled: false
+    ## The annotations of the Ingress Controller pod disruption budget.
+    annotations: {}
+    ## The number of Ingress Controller pods that should be available. This is a mutually exclusive setting with "maxUnavailable".
+    # minAvailable: 1
+    ## The number of Ingress Controller pods that can be unavailable. This is a mutually exclusive setting with "minAvailable".
+    # maxUnavailable: 1
+
     ## Strategy used to replace old Pods by new ones. .spec.strategy.type can be "Recreate" or "RollingUpdate" for Deployments, and "OnDelete" or "RollingUpdate" for Daemonsets. "RollingUpdate" is the default value.
   strategy: {}
 
diff --git a/docs/content/installation/installation-with-helm.md b/docs/content/installation/installation-with-helm.md
@@ -244,6 +244,10 @@ The following tables lists the configurable parameters of the NGINX Ingress Cont
 |``controller.autoscaling.maxReplicas`` | Maximum number of replicas for the HPA. | 3 |
 |``controller.autoscaling.targetCPUUtilizationPercentage`` | The target CPU utilization percentage. | 50 |
 |``controller.autoscaling.targetMemoryUtilizationPercentage`` | The target memory utilization percentage. | 50 |
+|``controller.podDisruptionBudget.enabled`` | Enables PodDisruptionBudget. | false |
+|``controller.podDisruptionBudget.annotations`` | The annotations of the Ingress Controller pod disruption budget | {} |
+|``controller.podDisruptionBudget.minAvailable`` | The number of Ingress Controller pods that should be available. | 0 |
+|``controller.podDisruptionBudget.maxUnavailable`` | The number of Ingress Controller pods that can be unavailable. | 0 |
 |``controller.strategy`` | Specifies the strategy used to replace old Pods with new ones. Docs for [Deployment update strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) and [Daemonset update strategy](https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/#daemonset-update-strategy). | {} |
 | `controller.disableIPV6` | Disable IPV6 listeners explicitly for nodes that do not support the IPV6 stack. | false |
 |``rbac.create`` | Configures RBAC. | true |
