Comment by toredash
1 day ago
As it stands now, it doesn't. Unless you modify the Kyverno Policy to be of a background scanning.
I would create a similar policy where Kyverno at intervals would check the Deployment spec to see if the endpoint is changed, and alter the affinity rules. It would then be a traditional update of the Deployment spec to reflect the desire to run in another AZ, if that made sense?
No comments yet
Contribute on Hacker News ↗