k8s-pause

Suspend and resume entire kubernetes namespaces! This controller makes this missing feature possible.

Example Usage

Suspend:

kubectl annotate ns/my-namespace k8s-pause/suspend=true --overwrite

Resume:

kubectl annotate ns/my-namespace k8s-pause/suspend=false --overwrite

Details

The suspend flag on namespace level will affect only but any pods. It will not touch any resources besides pods. However it guarantees that no pod will be scheduled if the namespace is suspended no matter from where and how the pod is created. Once the namespace is resumed it will schedule all suspended pods.

There is no reason to downscale deployments, statefulsets or any other kind of workloads, k8s-pause will handle any workloads within a namespace.

Installation

Requirements

Currently it is required to have certmanager deployed on the cluster with either kustomize or helm deployment.

Bypass namespace

The controller will intercept all pod write communication. The namespace which hosts k8s-pause needs to be bypassed otherwise you won’t be able to create pods anymore! By default you can label the namespace using:

kubectl label ns/my-namespace control-plane=controller-manager

Both kustomize and helm deployments will have this exception by default. You can configure a different rule in each way of deployment. Note: It is also good practice to have other namespaces bypassed which should not support k8s-pause. For instance kube-system is a good example.

Helm

Please see chart/k8s-pause for the helm chart docs.

Manifests/kustomize

Alternatively you may get the bundled manifests in each release to deploy it using kustomize or use them directly.

Configure the controller

You may change base settings for the controller using env variables (or alternatively command line arguments). It is possible to set defaults (fallback values) for the vault address and also all TLS settings.

Available env variables:

GitHub

View Github