OpenShift - Resolve "Cannot evict pod as it would violate the pod's disruption budget"
by
Jeremy Canfield |
Updated: June 01 2023
| OpenShift articles
Let's say you are using the oc adm drain command to evict pods from a node.
oc adm drain node my-node-worker-lk5vm
And something like this is being returned.
Cannot evict pod as it would violate the pod's disruption budget
The oc get PodDisruptionBudgets --all-namespaces command can be used to list the Pod Distribution Budgets.
~]$ oc get PodDisruptionBudgets --all-namespaces
NAMESPACE NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
openshift-apiserver openshift-apiserver-pdb N/A 1 1 300d
openshift-cluster-storage-operator csi-snapshot-controller-pdb N/A 1 1 300d
openshift-cluster-storage-operator csi-snapshot-webhook-pdb N/A 1 1 300d
openshift-etcd etcd-quorum-guard N/A 1 1 300d
openshift-image-registry image-registry 1 N/A 2 300d
openshift-ingress router-default N/A 50% 2 2y229d
openshift-ingress router-external-router N/A 50% 1 2y228d
openshift-ingress router-internal-router N/A 50% 1 2y228d
openshift-kube-apiserver kube-apiserver-guard-pdb 2 N/A 1 224d
openshift-kube-controller-manager kube-controller-manager-guard-pdb 2 N/A 1 224d
openshift-kube-scheduler openshift-kube-scheduler-guard-pdb 2 N/A 1 224d
openshift-monitoring alertmanager-main N/A 1 1 224d
openshift-monitoring prometheus-adapter 1 N/A 1 300d
openshift-monitoring prometheus-k8s 1 N/A 1 224d
openshift-monitoring thanos-querier-pdb 1 N/A 1 300d
openshift-oauth-apiserver oauth-apiserver-pdb N/A 1 1 300d
openshift-operator-lifecycle-manager packageserver-pdb N/A 1 1 224d
Probably the most reasonable solution is to scale up the pods replicas.
oc scale pod/router-default --replicas 2
One option is to use the --disable-eviction flag, but this should be used with caution.
oc adm drain node my-node-worker-lk5vm --disable-eviction <true|false>
Did you find this article helpful?
If so, consider buying me a coffee over at 