Add pod disruption budget for keystone

This is the initial pod disruption budget that will serve as the template for all services in OpenStack-Helm. Partially-Implements: blueprint add-pod-disruption-budgets Change-Id: I67eeaa66257e793f77a089f3bc0dd4b700638c63
2017-05-16 15:28:20 +00:00 · 2017-05-16 15:28:20 +00:00 · 2cfabc43bf
commit 2cfabc43bf
parent 9e3486380f
4 changed files with 43 additions and 0 deletions
--- a/doc/source/devref/getting-started/upgrades.rst
+++ b/doc/source/devref/getting-started/upgrades.rst
@ -28,6 +28,11 @@ that those resources can be updated without deleting and redeploying the
 service and can be treated like any other upgrade, such as a container
 image change.

+Note: Rolling update values can conflict with values defined in each
+service's PodDisruptionBudget.  See
+`here <../../../html/operator/kubernetes.html#pod-disruption-budgets>`_
+for more information.
+
 This is accomplished with the following annotation:

 ::
--- a/doc/source/operator/kubernetes.rst
+++ b/doc/source/operator/kubernetes.rst
@ -7,3 +7,28 @@ Init-Containers

 Jobs
 ====
+
+Pod Disruption Budgets
+======================
+OpenStack-Helm leverages PodDistruptionBudgets to enforce quotas
+that ensure that a certain number of replicas of a pod are available
+at any given time.  This is particularly important in the case when a Kubernetes
+node needs to be drained.
+
+
+These quotas are configurable by modifying the ``minAvailable`` field
+within each PodDistruptionBudget manifest, which is conveniently mapped
+to a templated variable inside the ``values.yaml`` file.
+The ``min_available`` within each service's ``values.yaml`` file can be
+represented by either a whole number, such as ``1``, or a percentage,
+such as ``80%``.  For example, when deploying 5 replicas of a pod (such as
+keystone-api), using ``min_available: 3`` would enfore policy to ensure at
+least 3 replicas were running, whereas using ``min_available: 80%`` would ensure
+that 4 replicas of that pod are running.
+
+**Note:** The values defined in a PodDisruptionBudget may
+conflict with other values that have been provided if an operator chooses to
+leverage Rolling Updates for deployments.  In the case where an
+operator defines a ``maxUnavailable`` and ``maxSurge`` within an update strategy
+that is higher than a ``minAvailable`` within a pod disruption budget,
+a scenario may occur where pods fail to be evicted from a deployment.
--- a/keystone/templates/pdb.yaml
+++ b/keystone/templates/pdb.yaml
@ -0,0 +1,9 @@
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+  name: keystone-api
+spec:
+  minAvailable: {{ .Values.pod_disruption_budget.api.min_available }}
+  selector:
+    matchLabels:
+      app: keystone-api
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@ -37,6 +37,10 @@ upgrades:
    max_unavailable: 1
    max_surge: 3

+pod_disruption_budget:
+  api:
+    min_available: 1
+
 keystone:
  version: v3
  scheme: http