Build a Kubernetes Operator For rolling updates
I have created a Kubernetes application (Say deployment D1, using docker image I1), that will run on client clusters.
Requirement 1 :
Now, I want to roll updates whenever I update my docker image I1, without any efforts from client side
(Somehow, client cluster should automatically pull the latest docker image)
Whenever, I update a particular configMap, the client cluster should automatically start using the new configMap
How should I achieve this ?
- Using Kubernetes Cronjobs ?
- Kubernetes Operators ?
- Or something else ?
I heard that k8s Operator can be useful
Solution – 1
You can build a Kubernetes operator to watch your particular configmap and trigger cluster restart. As for the rolling updates, you can configure the deployment according to your requirement. A Deployment’s rollout is triggered if and only if the Deployment’s Pod template (that is,
.spec.template) is changed, for example, if the labels or container images of the template are updated. Add the specifications for rolling update on your Kubernetes deployment
type: RollingUpdate rollingUpdate: maxSurge: 3 //the maximum number of pods to be created beyond the desired state during the upgrade maxUnavailable: 1 //the maximum number of unavailable pods during an update timeoutSeconds: 100 //the time (in seconds) that waits for the rolling event to timeout intervalSeconds: 5 //the time gap in seconds after an update updatePeriodSeconds: 5 //time to wait between individual pods migrations or updates
Solution – 2
Starting with the Requirement 2:
Whenever, I update a particular configMap, the client cluster should
automatically start using the new configMap
If configmap is mounted to the deployment it will get auto-updated however if getting injected as the Environment restart is only option unless you are using the sidecar solution or restarting the process.
For ref : Update configmap without restarting POD
How should I achieve this ?
- ImagePullpolicy is not a good option i am seeing however, in that case, manual intervention is required to restart deployment and it
pulls the latest image from the client side and it won’t be in a
Using Kubernetes Cronjobs ?
Cronjobs you will run which side ? If client-side it’s fine to do
that way also.
Else you can keep deployment with Exposed API which will run Job to
update the deployment with the latest tag when any image gets pushed
to your docker registry.
Kubernetes Operators ?
- An operator is a good native K8s option you can write in Go,
Python or your preferred language with/without Operator framework or Client Libraries.
Or something else?
If you just looking for updating the deployment, Go with running the API in the deployment or Job you can schedule in a controlled manner, no issue with the operator too would be a more native and a good approach if you can create, manage & deploy one.
If in the future you have a requirement to manage all clusters (deployment, service, firewall, network) of multiple clients from a single source of truth place you can explore the Anthos.