Introduction
In this post I will show how to easily restart pods in Kubernetes using CronJobs. We will use CronJob, not to run our pods, but to schedule a Kubernetes API command that will restart our deployment once day with kubectl rollout restart
, if something goes wrong, the old pods will not be down or removed. Rollout will be create new ReplicaSets, and will wait for them to be up, before killing off old pods, and rerouting the traffic. Service will continue uninterrupted. To fully do this we will have to setup RBAC, so that the Kubernetes client running from inside the cluster has permissions to do needed calls to the Kubernetes API.
Let’s Start
Create Service Account
kind: ServiceAccount
apiVersion: v1
metadata:
name: restart-deploy
namespace: testns
Create Role
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: restart-deployment
namespace: testns
rules:
- apiGroups: ["apps", "extensions"]
resources: ["deployments"]
resourceNames: ["test-pod"]
verbs: ["get", "patch", "list", "watch"]
Create RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: restart-deployment
namespace: prod
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: restart-deployment
subjects:
- kind: ServiceAccount
name: restart-deployment
namespace: testns
Create CronJob
apiVersion: batch/v1
kind: CronJob
metadata:
name: restart-deployment
namespace: testns
spec:
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 2
concurrencyPolicy: Forbid
schedule: '0 * * * *'
jobTemplate:
spec:
backoffLimit: 2
activeDeadlineSeconds: 600
template:
spec:
serviceAccountName: restart-deployment
restartPolicy: Never
containers:
- name: kubectl
image: bitnami/kubectl
command:
- 'kubectl'
- 'rollout'
- 'restart'
- 'deployment/test'
If we want the cronjob to wait for the deployment to roll out, we must change change the command of cronjob:
apiVersion: batch/v1
kind: CronJob
metadata:
name: restart-deployment
namespace: testns
spec:
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 2
concurrencyPolicy: Forbid
schedule: '0 * * * *'
jobTemplate:
spec:
backoffLimit: 2
activeDeadlineSeconds: 600
template:
spec:
serviceAccountName: restart-deployment
restartPolicy: Never
containers:
- name: kubectl
image: bitnami/kubectl
command:
- bash
- -c
- >-
kubectl rollout restart deployment/test &&
kubectl rollout status deployment/test
You can download full file from this link.