Install PodDistruptionBudgets when replica greater than 1

templates/core/core-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.core.podDisruptionBudget.enabled (gt (int .Values.core.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.core" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.core.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.core.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.core.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.core.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: core
+{{- end }}

templates/exporter/exporter-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.exporter.podDisruptionBudget.enabled (gt (int .Values.exporter.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.exporter" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.exporter.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.exporter.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.exporter.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.exporter.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: exporter
+{{- end }}

templates/jobservice/jobservice-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.jobservice.podDisruptionBudget.enabled (gt (int .Values.jobservice.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.jobservice" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.jobservice.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.jobservice.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.jobservice.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.jobservice.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: jobservice
+{{- end }}

templates/nginx/nginx-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.nginx.podDisruptionBudget.enabled (gt (int .Values.nginx.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.nginx" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.nginx.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.nginx.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.nginx.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.nginx.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: nginx
+{{- end }}

templates/portal/portal-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.portal.podDisruptionBudget.enabled (gt (int .Values.portal.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.portal" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.portal.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.portal.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.portal.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.portal.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: portal
+{{- end }}

templates/registry/registry-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.registry.podDisruptionBudget.enabled (gt (int .Values.registry.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.registry" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.registry.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.registry.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.registry.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.registry.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: registry
+{{- end }}

templates/trivy/trivy-pdb.yaml

@@ -0,0 +1,19 @@
+{{- if and .Values.trivy.podDisruptionBudget.enabled (gt (int .Values.trivy.replicas) 1) }}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "harbor.trivy" . }}
+  labels:
+{{ include "harbor.labels" . | indent 4 }}
+spec:
+  {{- if .Values.trivy.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.trivy.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.trivy.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.trivy.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+{{ include "harbor.matchLabels" . | indent 6 }}
+      component: trivy
+{{- end }}

values.yaml

@@ -391,6 +391,10 @@ nginx:
   # mount the service account token
   automountServiceAccountToken: false
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   revisionHistoryLimit: 10
   # resources:
   #  requests:
@@ -422,6 +426,10 @@ portal:
   # mount the service account token
   automountServiceAccountToken: false
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   revisionHistoryLimit: 10
   # resources:
   #  requests:
@@ -455,6 +463,10 @@ core:
   # mount the service account token
   automountServiceAccountToken: false
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   revisionHistoryLimit: 10
   ## Startup probe values
   startupProbe:
@@ -530,6 +542,10 @@ jobservice:
     repository: goharbor/harbor-jobservice
     tag: dev
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   revisionHistoryLimit: 10
   # set the service account to be used, default if left empty
   serviceAccountName: ""
@@ -606,6 +622,10 @@ registry:
     #    cpu: 100m
     extraEnvVars: []
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   revisionHistoryLimit: 10
   nodeSelector: {}
   tolerations: []
@@ -676,6 +696,10 @@ trivy:
   automountServiceAccountToken: false
   # replicas the number of Pod replicas
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   # debugMode the flag to enable Trivy debug mode with more verbose scanning log
   debugMode: false
   # vulnType a comma-separated list of vulnerability types. Possible values are `os` and `library`.
@@ -878,6 +902,10 @@ redis:
 
 exporter:
   replicas: 1
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    # maxUnavailable: 1
   revisionHistoryLimit: 10
   # resources:
   #  requests: