search

kyverno / policies

Kyverno policies for security and best practices
Apache License 2.0
333 stars 243 forks source link

Add Pod Anti-Affinity #1171

Closed gssjl2008 closed 1 month ago

gssjl2008 commented 1 month ago

I used the following command, but kyverno did not give affaninity to my home.

kubectl create deploy mydemo --image=10.29.0.41/docker.io/library/nginx:1.25.2-alpine --replicas=2

yaml output

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
  creationTimestamp: "2024-09-30T07:09:45Z"
  generation: 1
  labels:
    app: mydemo
  name: mydemo
  namespace: kyverno
  resourceVersion: "142937884"
  uid: bc89e55b-9fc0-469e-a5df-fcb592810897
spec:
  progressDeadlineSeconds: 600
  replicas: 2
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: mydemo
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: mydemo
    spec:
      containers:
      - image: 10.29.0.41/docker.io/library/nginx:1.25.2-alpine
        imagePullPolicy: IfNotPresent
        name: nginx
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30

Can someone help me ?

gssjl2008 commented 1 month ago

pod must not in namespace kyverno...