Add PodDisruptionBudget configuration to values.yaml

Gabriel Virgarequested to merge
asic4/gitlab-runner:main into main

What does this MR do?

Gitlab issue gitlab-org/gitlab-runner#38678

This MR adds an optional PodDisruptionBudget (PDB) feature to the GitLab Runner Helm chart that helps protect runner pods from voluntary evictions during cluster maintenance, node updates, or other Kubernetes disruptions.

Key changes:

  • Adds a new templates/poddisruptionbudget.yaml template that creates a PDB resource when enabled
  • Extends values.yaml with comprehensive PDB configuration options
  • Includes comprehensive test coverage in tests/poddisruptionbudget_test.yaml

Why was this MR needed?

GitLab Runner pods executing long-running CI/CD jobs can be unexpectedly terminated when Kubernetes performs voluntary evictions during:

  • Cluster autoscaling operations
  • Node maintenance and updates
  • Resource rebalancing
  • Cluster upgrades

This causes:

  • Job failures and pipeline interruptions
  • Wasted compute resources and time
  • Poor user experience for developers
  • Potential data loss for jobs that don't handle interruptions gracefully

Solution: PodDisruptionBudget provides a declarative way to limit the number of pods that can be voluntarily evicted, ensuring job stability while still allowing necessary cluster operations.

What's the best way to test this MR?

1. Unit Tests 

# Run the Helm unit tests to verify template rendering
helm unittest tests/poddisruptionbudget_test.yaml

2. Template Validation 

# Test default behavior (PDB should not be created)
helm template . | grep -i poddisruptionbudget
# Should return no results

# Test enabled PDB with default settings
helm template . --set podDisruptionBudget.enabled=true | grep -A 10 "kind: PodDisruptionBudget"
# Should show PDB with maxUnavailable: 0

# Test with custom maxAvailable
helm template . --set podDisruptionBudget.enabled=true --set podDisruptionBudget.maxAvailable=1 | grep -A 10 "kind: PodDisruptionBudget"
# Should show PDB with maxAvailable: 1

3. Integration Testing 

# Deploy with PDB enabled
helm install test-runner . --set podDisruptionBudget.enabled=true --set gitlabUrl=https://gitlab.example.com --set runnerToken=test-token

# Verify PDB was created
kubectl get pdb
kubectl describe pdb test-runner-gitlab-runner

# Test eviction protection
kubectl drain <node-name> --ignore-daemonsets --delete-emptydir-data
# Runner pods should be protected from eviction

4. Backward Compatibility 

# Ensure existing deployments are unaffected
helm template . 
# Should not include any PDB resources

# Test upgrade scenario
helm upgrade existing-runner . 
# Should not create PDB unless explicitly enabled

What are the relevant issue numbers?

This MR addresses the need for eviction protection in GitLab Runner deployments. While there may not be a specific issue number, this feature relates to:

  • Job Stability: Prevents unexpected job terminations during cluster operations
  • Production Readiness: Makes GitLab Runner more suitable for production environments with frequent maintenance
  • Resource Efficiency: Reduces wasted compute cycles from interrupted jobs
  • User Experience: Improves reliability for development teams relying on CI/CD pipelines

Related Documentation:

Configuration Examples:

# Basic protection (single replica)
podDisruptionBudget:
  enabled: true
  # maxUnavailable: 0 (default - prevents any evictions)

Merge request reports