Policies & Rules
Configure optimization policies to control how DevZero rightsizes workloads and manages nodes.
Policies & Rules
Policies define the rules for how DevZero optimizes your cluster. They control which workloads are eligible, how aggressive the optimization should be, and whether changes require manual approval.
Creating a Workload Policy
A workload policy targets specific deployments, statefulsets, or daemonsets and defines optimization behavior for them.
Target Selectors
Policies use label selectors and namespace filters to target workloads:
| Selector | Example | Effect |
|---|---|---|
| Namespace | production | Only workloads in the production namespace |
| Label | app=api | Only workloads with the app=api label |
| Kind | Deployment | Only Deployments (not StatefulSets or DaemonSets) |
| Name pattern | api-* | Workloads matching the name pattern |
Resource Boundaries
Set minimum and maximum resource values that recommendations cannot exceed:
| Parameter | Description |
|---|---|
| Min CPU requests | Recommendations won't go below this value |
| Max CPU requests | Recommendations won't exceed this value |
| Min memory requests | Floor for memory recommendations |
| Max memory requests | Ceiling for memory recommendations |
Recommendation Mode
Choose the aggressiveness of recommendations:
- Conservative -- 1.2x max observed usage, limits unchanged
- Balanced -- max observed usage, 50% max reduction cap
- Aggressive -- P90 of usage, tighter limits
See Workload Optimization for detailed mode behavior.
Node Group Policies
Node group policies control how the Node Operator manages the node pool:
- Which instance types and families are allowed
- Spot vs. on-demand preference
- Maximum node count
- Consolidation aggressiveness
Policy Precedence
When multiple policies match a workload, the most specific policy wins:
- Policies targeting a specific workload by name
- Policies targeting by label selector
- Policies targeting by namespace
- Default policy (if configured)