From a4a4d4b7447db8a449b71f3f7a03ffeb1b1b00f7 Mon Sep 17 00:00:00 2001
From: Damien Grisonnet <dgrisonn@redhat.com>
Date: Wed, 5 May 2021 15:53:29 +0200
Subject: [PATCH] jsonnet: add PDB to prometheus-adapter

Adding a PodDisruptionBudget to prometheus-adapter ensure that at least
one replica of the adapter is always available. This make sure that even
during disruption the aggregated API is available and thus does not
impact the availability of the apiserver.

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
---
 .../components/prometheus-adapter.libsonnet     | 16 ++++++++++++++++
 kustomization.yaml                              |  1 +
 .../prometheus-adapter-podDisruptionBudget.yaml | 17 +++++++++++++++++
 3 files changed, 34 insertions(+)
 create mode 100644 manifests/prometheus-adapter-podDisruptionBudget.yaml

diff --git a/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet b/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
index 341a2f5a..8312183c 100644
--- a/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
+++ b/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
@@ -300,4 +300,20 @@ function(params) {
       namespace: pa._config.namespace,
     }],
   },
+
+  [if (defaults + params).replicas > 1 then 'podDisruptionBudget']: {
+    apiVersion: 'policy/v1beta1',
+    kind: 'PodDisruptionBudget',
+    metadata: {
+      name: pa._config.name,
+      namespace: pa._config.namespace,
+      labels: pa._config.commonLabels,
+    },
+    spec: {
+      minAvailable: 1,
+      selector: {
+        matchLabels: pa._config.selectorLabels,
+      },
+    },
+  },
 }
diff --git a/kustomization.yaml b/kustomization.yaml
index e23e2e6a..2f5b872e 100644
--- a/kustomization.yaml
+++ b/kustomization.yaml
@@ -51,6 +51,7 @@ resources:
 - ./manifests/prometheus-adapter-clusterRoleServerResources.yaml
 - ./manifests/prometheus-adapter-configMap.yaml
 - ./manifests/prometheus-adapter-deployment.yaml
+- ./manifests/prometheus-adapter-podDisruptionBudget.yaml
 - ./manifests/prometheus-adapter-roleBindingAuthReader.yaml
 - ./manifests/prometheus-adapter-service.yaml
 - ./manifests/prometheus-adapter-serviceAccount.yaml
diff --git a/manifests/prometheus-adapter-podDisruptionBudget.yaml b/manifests/prometheus-adapter-podDisruptionBudget.yaml
new file mode 100644
index 00000000..cbb4a8a8
--- /dev/null
+++ b/manifests/prometheus-adapter-podDisruptionBudget.yaml
@@ -0,0 +1,17 @@
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+  labels:
+    app.kubernetes.io/component: metrics-adapter
+    app.kubernetes.io/name: prometheus-adapter
+    app.kubernetes.io/part-of: kube-prometheus
+    app.kubernetes.io/version: 0.8.4
+  name: prometheus-adapter
+  namespace: monitoring
+spec:
+  minAvailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: metrics-adapter
+      app.kubernetes.io/name: prometheus-adapter
+      app.kubernetes.io/part-of: kube-prometheus
-- 
GitLab