Sometimes Kubernetes Nodes may have a maximum number of Pods they can accommodate due to resources outside CPU and memory such as licensing, or in some development cases. This policy restricts Pod count on a Node named `minikube` to be no more than 10.
apiVersion: kyverno.io/v1kind: ClusterPolicymetadata:name: restrict-pod-countannotations:policies.kyverno.io/title: Restrict Pod Count per Nodepolicies.kyverno.io/category: Samplepolicies.kyverno.io/severity: mediumpolicies.kyverno.io/subject: Podpolicies.kyverno.io/minversion: 1.6.0policies.kyverno.io/description: Sometimes Kubernetes Nodes may have a maximum number of Pods they can accommodate due to resources outside CPU and memory such as licensing, or in some development cases. This policy restricts Pod count on a Node named `minikube` to be no more than 10.spec:validationFailureAction: Auditbackground: falserules:- name: restrict-pod-countmatch:any:- resources:kinds:- Podcontext:- name: podcountsapiCall:urlPath: /api/v1/podsjmesPath: items[?spec.nodeName=='minikube'] | length(@)preconditions:any:- key: "{{ request.operation || 'BACKGROUND' }}"operator: Equalsvalue: CREATEvalidate:message: A maximum of 10 Pods are allowed on the Node `minikube`deny:conditions:any:- key: "{{ podcounts }}"operator: GreaterThanvalue: 10
This policy prevents the use of the default project in an Application.
This policy prevents updates to the project field after an Application is created.
This policy ensures that the name of the ApplicationSet is the same value provided in the project.