validate that image exist when updating kubernetes deployment

0
votes

when updating deployment with a none-exist image, Kubernetes first will start terminating the existing pod and will end up with a broken deployment. is it possible to tell kubectl to validate/pull the image before terminating existing pod?

3
kuberneteskubectlgoogle-kubernetes-engine
Run more than a single replica? So only one will get terminated.Chris Stryczynski
well, that's for sure, but still, I'll end up with fewer pods than I desireMaoz Zadok
I'm not sure I'm following. When you say "Kubernetes first will start terminating the existing pod" this suggests that you're using a Recreate strategy (kubernetes.io/docs/concepts/workloads/controllers/deployment/…)? Because the default is RollingUpdate and that means (along with the probes) that only if the new pods are alive and ready, the old pods are deleted. Can you clarify this please?Michael Hausenblas

3 Answers

2
votes

I had to change the strategy.rollingUpdate.maxUnavailable to 0

strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
    type: RollingUpdate

I think that the default of strategy.rollingUpdate.maxUnavailable is 1

Thanks Michael Hausenblas

0
votes

While I have not tested this I think in theory this should work:

You can use the admission controller AlwaysPullImages and a deployment strategy where at least one pod is up. The admission controller ensures that images are Always pulled before the pod is started.

To enable this admission controller you will have to enable flag at Kubernetes API server like from this link:

kube-apiserver --enable-admission-plugins=AlwaysPullImages,LimitRanger
0
votes

Implementing Liveness / Readiness will ensure that old pod gets terminated only if the new pod is healthy.