From 1a0ad5b295e98f0ef8caaedbb7b32b7f5637decb Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 14 Jan 2022 02:45:12 +0100
Subject: [PATCH] fix(kyverno): Make kyverno useable when draining nodes

Currently kyverno gets stuck in 'terminating' state when draining a
node, this is due unavailability for the addmission webhook that it
provides itself.

This patch pushes the replica count up and adds a PDB, which should help
to make sure it doesn't happen again.

To (temporarily) fix the situation you can delete the the
validationwebhookconfigurations for kyverno until the pod is terminated
and rollout kyverno with a higher replica count again.
---
 bootstrap/kyverno/release.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/bootstrap/kyverno/release.yaml b/bootstrap/kyverno/release.yaml
index 5622e40da..2804ab41b 100644
--- a/bootstrap/kyverno/release.yaml
+++ b/bootstrap/kyverno/release.yaml
@@ -13,6 +13,13 @@ spec:
         name: kyverno
       version: v2.1.4
   interval: 5m
+  values:
+    replicaCount: 2
+    podDisruptionBudget:
+      enabled: true
+      minAvailable: 1
+    serviceMonitor:
+      enabled: true
   install:
     crds: CreateReplace
   upgrade:
-- 
GitLab