Using to reload configmap in kubernetes cluster
We would like to watch if some change happens in ConfigMap and/or Secret; then perform a rolling upgrade on relevant DeploymentConfig, Deployment, Daemonset and Statefulset
Reloader can watch changes in ConfigMap and Secret and do rolling upgrades on Pods with their associated DeploymentConfigs, Deployments, Daemonsets and Statefulsets.
Reloader is compatible with kubernetes >= 1.9
For a Deployment called foo have a ConfigMap called foo-configmap or Secret called foo-secret or both. Then add your annotation to main metadata of your Deployment
kind: Deployment
metadata:
annotations:
reloader.stakater.com/auto: "true"
spec:
template: metadata:This will discover deployments/daemonsets/statefulset automatically where foo-configmap or foo-secret is being used either via environment variable or from volume mount. And it will perform rolling upgrade on related pods when foo-configmap or foo-secretare updated.
We can also specify a specific configmap or secret which would trigger rolling upgrade only upon change in our specified configmap or secret, this way, it will not trigger rolling upgrade upon changes in all configmaps or secrets used in a deployment, daemonset or statefulset.
To do this either set the auto annotation to "false" (reloader.stakater.com/auto: "false") or remove it altogether, and use annotations mentioned here or here
To perform rolling upgrade when change happens only on specific configmaps use below annotation.
For a Deployment called foo have a ConfigMap called foo-configmap. Then add this annotation to main metadata of your Deployment
kind: Deployment
metadata:
annotations:
configmap.reloader.stakater.com/reload: "foo-configmap"
spec:
template: metadata:Use comma separated list to define multiple configmaps.
kind: Deployment
metadata:
annotations:
configmap.reloader.stakater.com/reload: "foo-configmap,bar-configmap,baz-configmap"
spec:
template: metadata:To perform rolling upgrade when change happens only on specific secrets use below annotation.
For a Deployment called foo have a Secret called foo-secret. Then add this annotation to main metadata of your Deployment
kind: Deployment
metadata:
annotations:
secret.reloader.stakater.com/reload: "foo-secret"
spec:
template: metadata:Use comma separated list to define multiple secrets.
kind: Deployment
metadata:
annotations:
secret.reloader.stakater.com/reload: "foo-secret,bar-secret,baz-secret"
spec:
template: metadata:- Reloader also supports sealed-secrets. Here are the steps to use sealed-secrets with reloader.
reloader.stakater.com/auto: "true"will only reload the pod, if the configmap or secret is used (as a volume mount or as an env) inDeploymentConfigs/Deployment/Daemonsets/Statefulsetssecret.reloader.stakater.com/reloadorconfigmap.reloader.stakater.com/reloadannotation will reload the pod upon changes in specified configmap or secret, irrespective of the usage of configmap or secret.- you may override the auto annotation with the
--auto-annotationflag - you may override the configmap annotation with the
--configmap-annotationflag - you may override the secret annotation with the
--secret-annotationflag - you may want to prevent watching certain namespaces with the
--namespaces-to-ignoreflag - you may want to prevent watching certain resources with the
--resources-to-ignoreflag - you can configure logging in JSON format with the
--log-format=jsonoption
You can deploy Reloader by following methods:
kubectl apply -f reload-configmap.yamlBy default Reloader gets deployed in default namespace and watches changes secrets and configmaps in all namespaces.
Reloader can be configured to ignore the resources secrets and configmaps by passing the following args (spec.template.spec.containers.args) to its container :
| Args | Description |
|---|---|
| --resources-to-ignore=configMaps | To ignore configMaps |
| --resources-to-ignore=secrets | To ignore secrets |
Note: At one time only one of these resource can be ignored, trying to do it will cause error in Reloader. Workaround for ignoring both resources is by scaling down the reloader pods to 0.