PodUnavailableBudget

Kubernetes offers Pod Disruption Budget to help you run highly available applications even when you introduce frequent . PDB limits the number of Pods of a replicated application that are down simultaneously from voluntary disruptions. However, it can only constrain the voluntary disruption triggered by the Eviction API. For example, when you run kubectl drain, the tool tries to evict all of the Pods on the Node you’re taking out of service.

In the following voluntary disruption scenarios, there are still business disruption or SLA degradation situations:

1. The application owner update deployment’s pod template for general upgrading, while cluster administrator drain nodes to scale the cluster down(learn about ).
2. The application owner and middleware team release the same Pods at the same time based on OpenKruise cloneSet, sidecarSet in-place upgrades

A sample PodUnavailableBudget yaml looks like following:

This program customizes the PodUnavailableBudget (later referred to as PUB) CRD resource to describe the desired state of the application, and the working mechanism is shown below:

Kubernetes PodDisruptionBudget implements protection against Pod Eviction based on the EvictionREST interface, while PodUnavailableBudget intercepts all pod modification requests through the admission webhook validating mechanism (Many voluntary disruption scenarios can be summarized as modifications to Pod resources), and reject the request if the modification does not satisfy the desired state of the PUB.

Pub contains all the protection capabilities of kubernetes PDB, you can use both, or use pub independently to implement your application protection (Recommend).