Neumann-Nils
commented
4 years ago Thanks for your detailed issue and especially the suggestions to fix this problem. Could you give feedback on #253?
Closed rfranzke closed 4 years ago
Neumann-Nils
commented
4 years ago Thanks for your detailed issue and especially the suggestions to fix this problem. Could you give feedback on #253?
Description
The Karydia Helm chart hard-codes
1replica. As it registers webhooks that trigger forpodsonCREATE/UPDATEoperations, once the single Karydia pod is deleted, the system can never recover itself automatically. Webhooks on CREATE/UPDATE for pods is dangerous in general if the server runs inside the cluster itself. So, what you should at least do is deploy the webhook server in high-availability mode (>= 3 replicas with pod anti-affinity) and with pod disruption budgets to ensure that at least one server is always reachable (to allow recreating the others).