gsweene2 · July 8, 2022 14:51
diff --git a/kyverno-solution-3.yaml b/kyverno-solution-3.yaml
 apiVersion: kyverno.io/v1
 kind: ClusterPolicy
 metadata:
  name: vpa-recommender
  annotations:
    policies.kyverno.io/title: VPA Recommender
    policies.kyverno.io/category: Cluster-Policy
    policies.kyverno.io/description: >-
      Creates a VerticalPodAutoscaler resource with MODE = Off for a Deployment
      in the namespace of the original resource. As the MODE is Off, this
      simply provides recommendations for MEM and CPU.
 spec:
  # Mutate and generate rules are not processed during background scans.
  # https://kyverno.io/docs/writing-policies/background/
  background: false
  rules:
    - name: create-kind-vpa-recommender
      match:
        any:
          - resources:
              kinds:
                - Deployment
      exclude:
        any:
          - resources:
              namespaces:
                - cluster-autoscaler
                - istio-system
                - kube-node-lease
                - kube-public
                - kube-system
                - monitoring
      generate:
        apiVersion: autoscaling.k8s.io/v1
        kind: VerticalPodAutoscaler
        name: "vpa-recommender-{{request.object.metadata.name}}"
        # Must Include NS: https://github.com/kyverno/kyverno/issues/2229
        namespace: "{{request.object.metadata.namespace}}"
        data:
          metadata:
            ownerReferences:
              - apiVersion: v1
                kind: Deployment
                name: "{{request.object.metadata.name}}"
                uid: "{{request.object.metadata.uid}}"
          spec:
            targetRef:
              apiVersion: "apps/v1"
              kind: "{{request.object.kind}}"
              name: "{{request.object.metadata.name}}"
            updatePolicy:
              # Change this to disable recommendation mode, and enable auto-tuning.
              updateMode: "Off"
	apiVersion: kyverno.io/v1
	kind: ClusterPolicy
	metadata:
	name: vpa-recommender
	annotations:
	policies.kyverno.io/title: VPA Recommender
	policies.kyverno.io/category: Cluster-Policy
	policies.kyverno.io/description: >-
	Creates a VerticalPodAutoscaler resource with MODE = Off for a Deployment
	in the namespace of the original resource. As the MODE is Off, this
	simply provides recommendations for MEM and CPU.
	spec:
	# Mutate and generate rules are not processed during background scans.
	# https://kyverno.io/docs/writing-policies/background/
	background: false
	rules:
	- name: create-kind-vpa-recommender
	match:
	any:
	- resources:
	kinds:
	- Deployment
	exclude:
	any:
	- resources:
	namespaces:
	- cluster-autoscaler
	- istio-system
	- kube-node-lease
	- kube-public
	- kube-system
	- monitoring
	generate:
	apiVersion: autoscaling.k8s.io/v1
	kind: VerticalPodAutoscaler
	name: "vpa-recommender-{{request.object.metadata.name}}"
	# Must Include NS: https://github.com/kyverno/kyverno/issues/2229
	namespace: "{{request.object.metadata.namespace}}"
	data:
	metadata:
	ownerReferences:
	- apiVersion: v1
	kind: Deployment
	name: "{{request.object.metadata.name}}"
	uid: "{{request.object.metadata.uid}}"
	spec:
	targetRef:
	apiVersion: "apps/v1"
	kind: "{{request.object.kind}}"
	name: "{{request.object.metadata.name}}"
	updatePolicy:
	# Change this to disable recommendation mode, and enable auto-tuning.
	updateMode: "Off"