Distributing Pod Disruption Budgets Across Multiple Clusters

The presentation discusses the importance of policies in protecting against disruption and cluster maintenance in a NoSQL database deployment in a single cluster and across multiple clusters.

• Policies are important in protecting against disruption and cluster maintenance in a NoSQL database deployment
• Without policies, evicting or draining nodes during maintenance can result in lost parts and production outrage
• Creating policies per replica ring can help protect against disruptions
• Distributed policies can provide protection for complex NoSQL database deployments
• Multi-cluster mode requires separate service accounts, service, and RBAC to extract tokens to allow controllers to talk to other clusters
• Building a fully compatible controller to the built-in type is a formidable challenge
• Democratizing extensibility for building types is desirable

The presenter demonstrated the impact of disrupting a replica ring in a NoSQL database deployment and how policies can protect against such disruptions. They also showed how multi-cluster mode requires separate configurations and tokens to allow controllers to talk to other clusters. The presenter emphasized the importance of policies in protecting against production outrage and the challenges of building a fully compatible controller to the built-in type.

Over the last few years, Kubernetes made incredible strives to offer a computing platform for deploying and operating highly available applications. The platform combines the need for infrastructure administrators to perform automated cluster actions of upgrading and autoscaling clusters with the application owner's workload protection against workload disruptions in the form of PodDisruptionBudget(PDB) policies. To further advance service availability, it is increasingly common for organizations to operate and deploy workloads that transcend Kubernetes Cluster boundaries addressing the requirement for a failure domain that spawns across multiple regions. The Kubernetes PDB policy protection is limited to a single namespace scope and cannot protect workloads distributed across multiple namespaces or clusters. In this talk, we will review the intricacies of Kubernetes PDB and Eviction API. We will also introduce and demo a Distributed PodDisruptionBudget - a decentralized and fully compatible Kubernetes PDB alternative with multi-cluster support.