Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Scale Deployment to Zero Policy not working as expected #1219

Closed
VegardEikenes opened this issue Jan 15, 2025 · 0 comments
Closed

[BUG] Scale Deployment to Zero Policy not working as expected #1219

VegardEikenes opened this issue Jan 15, 2025 · 0 comments

Comments

@VegardEikenes
Copy link

VegardEikenes commented Jan 15, 2025
edited
Loading

Kyverno Version
1.13.1

Kubernetes Version
1.29

Kubernetes Platform
AKS

Description
I have tried to implement this policy:
https://kyverno.io/policies/other/scale-deployment-zero/scale-deployment-zero/

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: scale-deployment-zero
  annotations:
    policies.kyverno.io/title: Scale Deployment to Zero
spec:
  rules:
  - name: annotate-deployment-rule
    match:
      any:
      - resources:
          kinds:
          - v1/Pod.status
    preconditions:
      all:
      - key: "{{request.operation || 'BACKGROUND'}}"
        operator: Equals
        value: UPDATE
      - key: "{{ sum(request.object.status.containerStatuses[*].restartCount || [`0`]) }}"
        operator: GreaterThan
        value: 1
    context:
    - name: rsname
      variable:
        jmesPath: "request.object.metadata.ownerReferences[0].name"
        default: ''
    - name: deploymentname
      apiCall:
        urlPath: "/apis/apps/v1/namespaces/{{request.namespace}}/replicasets"
        jmesPath: "items[?metadata.name=='{{rsname}}'].metadata.ownerReferences[0].name | [0]"
    mutate:
      targets:
        - apiVersion: apps/v1
          kind: Deployment
          name: "{{deploymentname}}"
          namespace: "{{request.namespace}}"
      patchStrategicMerge:
        metadata:
          annotations:
            sre.corp.org/troubleshooting-needed: "true"
        spec:
          replicas: 0

It seems to work just fine when the restarting pod has 1 container. However, if the restarting pod has more than 1 container, i get this error:

ERR github.com/kyverno/kyverno/pkg/background/mutate/mutate.go:180 > error="failed to mutate existing resource, rule annotate-deployment-rule, response error: failed to evaluate preconditions: failed to substitute variables in condition key: failed to resolve sum(request.object.status.containerStatuses[*].restartCount || [0]) at path : JMESPath query failed: JMESPath function 'sum': invalid operand"

Expected behavior
The policy should scale the deployment to zero when pods go above the selected threshold for restarts, also when the pods have more than 1 container.
@VegardEikenes VegardEikenes changed the title Scale Deployment to Zero Policy issue [BUG] Scale Deployment to Zero Policy issue Feb 24, 2025
@VegardEikenes VegardEikenes changed the title [BUG] Scale Deployment to Zero Policy issue [BUG] Scale Deployment to Zero Policy not working as expected Feb 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@VegardEikenes