KA-R007: Missing pod anti-affinity

Info Reliability

Why This Matters

The workload does not define podAntiAffinity. Without anti-affinity rules, the Kubernetes scheduler may place all replicas on the same node, creating a single point of failure if that node goes down.

How to Fix

Add podAntiAffinity to spread pods across nodes

Before (incorrect)

spec:
  template:
    spec:
      containers:
        - name: app

After (correct)

spec:
  template:
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 100
              podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app: myapp
                topologyKey: kubernetes.io/hostname
      containers:
        - name: app

Rule Details

Rule Code: KA-R007
Severity: Info
Category: Reliability

Related Rules

KA-R011 Error

Selector/template label mismatch

KA-R001 Warning

Missing liveness probe

KA-R002 Warning

Missing readiness probe

KA-R003 Warning

Identical liveness and readiness probes

KA-R004 Warning

Single replica Deployment