What would you like to be added:

The ability to set maxUnavailable=0 for LWS RollingUpdate. Currently, the value of maxUnavailable is passed to the underlying "leader StatefulSet"; and as StatefulSet requires maxUnavailable >= 1, setting it to 0 causes an error:

2026-03-11T17:41:30Z	ERROR	Reconciler error	{"controller": "leaderworkerset", "controllerGroup": "leaderworkerset.x-k8s.io", "controllerKind": "LeaderWorkerSet", "LeaderWorkerSet": {"name":"leaderworkerset-rollout","namespace":"default"}, "namespace": "default", "name": "leaderworkerset-rollout", "reconcileID": "24960973-5a89-4b80-8a35-bdd349e59f39", "error": "StatefulSet.apps \"leaderworkerset-rollout\" is invalid: spec.updateStrategy.rollingUpdate.maxUnavailable: Invalid value: 0: cannot be 0"}

(As an aside: setting maxUnavailable=0 causes the LWS pods to silently fail to be created; the above error is present in the logs, but not Events. If we continue to disallow 0, we should ideally fail fast by validating it upon LWS creation.)

Why is this needed:

Not necessarily needed, but would bring the LWS RollingUpdate API in line with Deployments and DaemonSets. Both of these support maxSurge, and allow for maxUnavailable=0. (By contrast, StatefulSets only support in-place update (no surge), so maxUnavailable=0 is not possible.)

It would also allow for zero-downtime updates for single-replica deployments, as in Issue #688.

Completion requirements:

This enhancement requires the following artifacts:

• Design doc
• API change
• Docs update

The artifacts should be linked in subsequent comments.