Kubecost is able to modify container resource requests and limits dynamically based upon observed utilization patterns and recommendations. This provides an easy way to automatically improve allocation of cluster resources by increasing efficiency. This policy will annotate all Deployments which have the label `env=test` with `request.autoscaling.kubecost.com/enabled="true"` if the annotation is not already present. Other annotations may be added according to need and users should see the documentation for a complete list.
apiVersion: kyverno.io/v1kind: ClusterPolicymetadata:name: enable-kubecost-continuous-rightsizingannotations:policies.kyverno.io/title: Enable Kubecost Continuous Rightsizingpolicies.kyverno.io/category: Kubecostpolicies.kyverno.io/severity: mediumpolicies.kyverno.io/subject: Deployment, Annotationkyverno.io/kyverno-version: 1.10.0kyverno.io/kubernetes-version: "1.25"policies.kyverno.io/description: Kubecost is able to modify container resource requests and limits dynamically based upon observed utilization patterns and recommendations. This provides an easy way to automatically improve allocation of cluster resources by increasing efficiency. This policy will annotate all Deployments which have the label `env=test` with `request.autoscaling.kubecost.com/enabled="true"` if the annotation is not already present. Other annotations may be added according to need and users should see the documentation for a complete list.spec:rules:- name: enable-kubecost-autoscalingmatch:any:- resources:kinds:- Deploymentselector:matchLabels:env: testmutate:patchStrategicMerge:metadata:annotations:+(request.autoscaling.kubecost.com/enabled): "true"
The Kubernetes cluster autoscaler does not evict pods that use hostPath or emptyDir volumes. To allow eviction of these pods, the annotation cluster-autoscaler.kubernetes.io/safe-to-evict=true must be added to the pods.
The Kubernetes cluster autoscaler does not evict pods that use hostPath or emptyDir volumes. To allow eviction of these pods, the annotation cluster-autoscaler.kubernetes.io/safe-to-evict=true must be added to the pods.
CAST AI will not downscale a node that includes a pod with the autoscaling.cast.ai/removal-disabled="true" label on it, this protects sensitive workloads from being evicted and can be attributed to any pod to protect against unwanted downscaling. This policy will mutate jobs and cronjobs to add the removal-disabled label to protect against eviction.