Name: Kubernetes PodDisruptionBudget Skill
Author: cloudthinker-ai

搜索技能.../

Kubernetes PodDisruptionBudget Skill | Skills Pool

#!/bin/bash

echo "=== Blocking PDBs (zero disruptions allowed) ==="
kubectl get pdb --all-namespaces -o json 2>/dev/null | jq -r '
  .items[] |
  select(.status.disruptionsAllowed == 0) |
  "\(.metadata.namespace)/\(.metadata.name)\tAllowed:0\tCurrent:\(.status.currentHealthy)/\(.status.desiredHealthy)\tMinAvailable:\(.spec.minAvailable // "N/A")\tMaxUnavailable:\(.spec.maxUnavailable // "N/A")"
' | head -15

echo ""
echo "=== Misconfigured PDBs ==="
kubectl get pdb --all-namespaces -o json 2>/dev/null | jq -r '
  .items[] |
  select(
    (.spec.minAvailable == "100%" or .spec.maxUnavailable == 0 or .spec.maxUnavailable == "0%") or
    (.status.expectedPods == 0)
  ) |
  "\(.metadata.namespace)/\(.metadata.name)\tReason:" +
  (if .spec.minAvailable == "100%" then "minAvailable=100% blocks all evictions"
   elif .spec.maxUnavailable == 0 or .spec.maxUnavailable == "0%" then "maxUnavailable=0 blocks all evictions"
   elif .status.expectedPods == 0 then "no matching pods found"
   else "unknown" end)
' | head -10

echo ""
echo "=== Workloads Without PDBs ==="
kubectl get deployments --all-namespaces -o json 2>/dev/null | jq -r '
  .items[] |
  select(.spec.replicas > 1) |
  "\(.metadata.namespace)/\(.metadata.name)\tReplicas:\(.spec.replicas)"
' > /tmp/deployments.txt
kubectl get pdb --all-namespaces -o json 2>/dev/null | jq -r '
  .items[] |
  "\(.metadata.namespace)/\(.spec.selector.matchLabels | to_entries | map(.value) | join("-"))"
' > /tmp/pdbs.txt
echo "Multi-replica deployments without PDB protection:"
wc -l /tmp/deployments.txt /tmp/pdbs.txt 2>/dev/null
head -10 /tmp/deployments.txt

echo ""
echo "=== Node Drain Simulation ==="
echo "Nodes and their pod counts:"
kubectl get pods --all-namespaces -o json 2>/dev/null | jq -r '
  [.items[] | select(.status.phase == "Running") | .spec.nodeName] |
  group_by(.) | map({node: .[0], pods: length}) |
  sort_by(-.pods)[] |
  "\(.node)\t\(.pods) pods"
' | head -10

echo ""
echo "=== Recent Eviction Events ==="
kubectl get events --all-namespaces --field-selector reason=Evicted -o custom-columns='NAMESPACE:.metadata.namespace,NAME:.involvedObject.name,MESSAGE:.message,TIME:.lastTimestamp' 2>/dev/null | head -10

Shortcut	Counter	Why
"I'll skip discovery and check known resources"	Always run Phase 1 discovery first	Resource names change, new resources appear — assumed names cause errors
"The user only asked for a quick check"	Follow the full discovery → analysis flow	Quick checks miss critical issues; structured analysis catches silent failures
"Default configuration is probably fine"	Audit configuration explicitly	Defaults often leave logging, security, and optimization features disabled
"Metrics aren't needed for this"	Always check relevant metrics when available	API/CLI responses show current state; metrics reveal trends and intermittent issues
"I don't have access to that"	Try the command and report the actual error	Assumed permission failures prevent useful investigation; actual errors are informative

Kubernetes PodDisruptionBudget Skill

MANDATORY: Discovery-First Pattern

Phase 1: Discovery

Phase 2: Analysis

Kubernetes PodDisruptionBudget Skill

MANDATORY: Discovery-First Pattern

Phase 1: Discovery

Phase 2: Analysis

Output Format

Anti-Hallucination Rules

Counter-Rationalizations

Common Pitfalls

Clickhouse Io

Clickhouse Io

Claude Devfleet

Clickhouse Io

Ai First Engineering

Postgres Patterns