All Policies

Restrict Pod Count per Node

Sometimes Kubernetes Nodes may have a maximum number of Pods they can accommodate due to resources outside CPU and memory such as licensing, or in some development cases. This policy restricts Pod count on a Node named `minikube` to be no more than 10.

Policy Definition

/other/restrict-pod-count-per-node/restrict-pod-count-per-node.yaml

1apiVersion: kyverno.io/v1 2kind: ClusterPolicy 3metadata: 4 name: restrict-pod-count 5 annotations: 6 policies.kyverno.io/title: Restrict Pod Count per Node 7 policies.kyverno.io/category: Sample 8 policies.kyverno.io/severity: medium 9 policies.kyverno.io/subject: Pod 10 policies.kyverno.io/minversion: 1.6.0 11 policies.kyverno.io/description: >- 12 Sometimes Kubernetes Nodes may have a maximum number of Pods they can accommodate due to 13 resources outside CPU and memory such as licensing, or in some 14 development cases. This policy restricts Pod count on a Node named `minikube` to be no more than 10. 15 # pod-policies.kyverno.io/autogen-controllers: none 16spec: 17 validationFailureAction: Audit 18 background: false 19 rules: 20 - name: restrict-pod-count 21 match: 22 any: 23 - resources: 24 kinds: 25 - Pod 26 context: 27 - name: podcounts 28 apiCall: 29 urlPath: "/api/v1/pods" 30 jmesPath: "items[?spec.nodeName=='minikube'] | length(@)" 31 preconditions: 32 any: 33 - key: "{{ request.operation || 'BACKGROUND' }}" 34 operator: Equals 35 value: "CREATE" 36 validate: 37 message: "A maximum of 10 Pods are allowed on the Node `minikube`" 38 deny: 39 conditions: 40 any: 41 - key: "{{ podcounts }}" 42 operator: GreaterThan 43 value: 10
yaml