Skip to main content

Quick Start

Create your first PDBPolicy and watch it protect workloads with PodDisruptionBudgets.

1. Deploy sample workloads

Create a namespace with sample deployments:

Create demo workloads
kubectl create namespace demo
kubectl create deployment api-server --image=nginx:latest -n demo --replicas=3
kubectl create deployment auth-service --image=nginx:latest -n demo --replicas=2
kubectl label deployment api-server tier=core -n demo
kubectl label deployment auth-service tier=core -n demo
kubectl wait --for=condition=Available deployment --all -n demo --timeout=60s

2. Create a PDBPolicy

production-ha.yaml
apiVersion: availability.pdboperator.io/v1alpha1
kind: PDBPolicy
metadata:
  name: production-ha
  namespace: demo
spec:
  availabilityClass: high-availability
  enforcement: strict
  priority: 100
  workloadSelector:
    matchLabels:
      tier: core
    namespaces:
      - demo
  maintenanceWindows:
    - start: "02:00"
      end: "04:00"
      timezone: "UTC"
      daysOfWeek: [0, 6]  # Sunday, Saturday

Apply it:

kubectl apply -f production-ha.yaml

This ensures all tier: core deployments in the demo namespace get PDBs with 75% minimum availability, enforced strictly (annotations cannot override).

3. Verify PDBs were created

kubectl get pdbp production-ha -o wide
Policy status
NAME            CLASS               ENFORCEMENT   PRIORITY   WORKLOADS   AGE
production-ha   high-availability   strict        100        2           10s
kubectl get pdb -n demo -l pdboperator.io/managed-by=pdb-operator
Managed PDBs
NAME                  MIN AVAILABLE   MAX UNAVAILABLE   ALLOWED DISRUPTIONS   AGE
api-server-pdb        75%             N/A               1                     10s
auth-service-pdb      75%             N/A               0                     10s
Short name

The PDBPolicy resource supports the short name pdbp -- use it to save typing:

kubectl get pdbp -A

4. Check events

kubectl get events -n demo --field-selector reason=PDBCreated --sort-by=.lastTimestamp
Events emitted during reconciliation
LAST SEEN   TYPE     REASON       OBJECT                      MESSAGE
10s         Normal   PDBCreated   deployment/api-server        Created PDB api-server-pdb (high-availability, 75%)
10s         Normal   PDBCreated   deployment/auth-service      Created PDB auth-service-pdb (high-availability, 75%)

5. Annotate deployments (optional)

For advisory and flexible enforcement modes, deployments can override the policy via annotations:

Override availability class
apiVersion: apps/v1
kind: Deployment
metadata:
  name: payment-service
  annotations:
    pdboperator.io/availability-class: "mission-critical"
    pdboperator.io/workload-function: "security"
info

In strict mode (like our example), annotations are ignored. Switch to advisory or flexible to allow overrides. See Enforcement Modes.

6. Clean up

kubectl delete pdbpolicy production-ha -n demo
kubectl delete namespace demo

Next Steps

GuideDescription
Availability ClassesPredefined levels and security boosting
Enforcement ModesControl how annotations override policies
Maintenance WindowsSchedule disruption windows
Policy ExamplesReal-world policy configurations
API ReferenceFull spec and status documentation