diff --git a/charts/mok/Chart.yaml b/charts/mok/Chart.yaml
index b99393d000269d13eeea08fee661d2fb3d3795c4..8b745a43d66ae8a608bf431b2aacbac14ef93d50 100644
--- a/charts/mok/Chart.yaml
+++ b/charts/mok/Chart.yaml
@@ -3,7 +3,7 @@ name: mok
description: |
Mail on Kubernetes (MoK) is a project to deploy a functional mailserver that runs without a database server on Kubernetes, taking advantage of configmaps and secret.
type: application
-version: 0.3.1
+version: 0.4.0
sources:
- https://de.postfix.org/ftpmirror/index.html
- https://github.com/dovecot/core
diff --git a/charts/mok/README.md b/charts/mok/README.md
index d73dab6a0dbde9fc3a847d0d45c35254171e3f05..9c1daa1303edbbf89fed618e9a779087af0ba32e 100644
--- a/charts/mok/README.md
+++ b/charts/mok/README.md
@@ -1,6 +1,6 @@
# mok
- 
+ 
Mail on Kubernetes (MoK) is a project to deploy a functional mailserver that runs without a database server on Kubernetes, taking advantage of configmaps and secret.
@@ -59,6 +59,7 @@ Mail on Kubernetes (MoK) is a project to deploy a functional mailserver that run
| postfix.imagePullSecrets | list | `[]` | |
| postfix.nodeSelector | object | `{}` | |
| postfix.podAnnotations | object | `{}` | |
+| postfix.podDisruptionBudget.enabled | bool | `true` | Enable PodDisruptionBudget if replicaCount is set to > 2 |
| postfix.podSecurityContext | object | `{}` | |
| postfix.postscreen.cidr | string | `"127.0.0.1/32"` | CIDR that is allowed to use Proxy protocol on port 10025 |
| postfix.postscreen.enabled | bool | `false` | Enable proxy protocol support |
diff --git a/charts/mok/templates/postfix.yaml b/charts/mok/templates/postfix.yaml
index d9607a9816caa25bebdedd141ee3f172a3837759..6a3e32405d98a6ab9aff4bb9cbb901fef0c70335 100644
--- a/charts/mok/templates/postfix.yaml
+++ b/charts/mok/templates/postfix.yaml
@@ -164,3 +164,19 @@ spec:
secretName: {{ required "TLS secret for postfix is required" .Values.postfix.tls.secretName }}
- name: cache
emptyDir: {}
+{{- if and .Values.postfix.podDisruptionBudget.enabled (gt .Values.postfix.replicaCount 1.0) }}
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "mok.fullname" . }}-postfix
+ labels:
+ {{- include "mok.labels" . | nindent 4 }}
+ app.kubernetes.io/component: postfix
+spec:
+ minAvailable: 1
+ selector:
+ matchLabels:
+ {{- include "mok.selectorLabels" . | nindent 6 }}
+ app.kubernetes.io/component: postfix
+{{- end}}
diff --git a/charts/mok/tests/postfix_test.yaml b/charts/mok/tests/postfix_test.yaml
index 851d32d1e232c591d19211f0d26e8d17ea8d2e28..ffc244931598a829f2b64526c33658a5bf1b0dc6 100644
--- a/charts/mok/tests/postfix_test.yaml
+++ b/charts/mok/tests/postfix_test.yaml
@@ -103,3 +103,30 @@ tests:
value: 9215abccdd6c1f21fd329db0133f6f8e892c50aab3dcde3259ea797e8ad2a959
documentIndex: 1
template: postfix.yaml
+ - it: has a PDB by default if the replica count is > 1
+ release:
+ name: "test-suite"
+ set:
+ postfix:
+ replicaCount: 2
+ tls:
+ secretName: example-tls
+ asserts:
+ - equal:
+ path: spec.minAvailable
+ value: 1
+ documentIndex: 2
+ template: postfix.yaml
+ - equal:
+ path: spec.selector.matchLabels
+ value:
+ app.kubernetes.io/component: postfix
+ app.kubernetes.io/instance: test-suite
+ app.kubernetes.io/name: mok
+ documentIndex: 2
+ template: postfix.yaml
+ - containsDocument:
+ kind: PodDisruptionBudget
+ apiVersion: policy/v1
+ name: test-suite-mok-postfix
+ template: postfix.yaml
diff --git a/charts/mok/values.yaml b/charts/mok/values.yaml
index cb6d14dc65a5950707cf43ba758b23ca52307d34..cc570ae3a9be8d48cd8b32874fbd8d8150d36eb5 100644
--- a/charts/mok/values.yaml
+++ b/charts/mok/values.yaml
@@ -49,6 +49,9 @@ postfix:
imagePullSecrets: []
podAnnotations: {}
+ podDisruptionBudget:
+ # -- Enable PodDisruptionBudget if replicaCount is set to > 2
+ enabled: true
podSecurityContext: {}