Using the rollout restart command in cronjob, in GKE

1
votes

I want to periodically restart the deployment using k8s cronjob.

Please check what is the problem with the yaml file.

When I execute the command from the local command line, the deployment restarts normally, but it seems that the restart is not possible with cronjob. e.g $ kubectl rollout restart deployment my-ingress -n my-app

my cronjob yaml file

apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: deployment-restart
  namespace: my-app
spec:
  schedule: '0 8 */60 * *' 
  jobTemplate:
    spec:
      backoffLimit: 2 
      activeDeadlineSeconds: 600 
      template:
        spec:
          serviceAccountName: deployment-restart 
          restartPolicy: Never
          containers:
            - name: kubectl
              image: bitnami/kubectl:latest 
              command:
                - 'kubectl'
                - 'rollout'
                - 'restart'
                - 'deployment/my-ingress -n my-app'
1
kuberneteskubernetes-cronjob
share your RBAC permission and service account YAML config so get iead might be issue of permission.Harsh Manvar
You probably mean the very last line to be three separate words, and they should be on three separate lines. (You'd get the same error if you run 'kubectl' 'rollout' 'restart' 'deployment/my-ingress -n my-app' in your local shell.)David Maze
Need to agree with previous comment. Could you please add the logs from the CronJob (Pod) that are showing what exact error are you getting?Dawid Kruk

1 Answers

3
votes

as David suggested run cron of kubectl is like by executing the command

apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: hello
spec:
  schedule: "*/5 * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          serviceAccountName: sa-jp-runner
          containers:
          - name: hello
            image: bitnami/kubectl:latest
            command:
            - /bin/sh
            - -c
            - kubectl rollout restart deployment my-ingress -n my-app
          restartPolicy: OnFailure

i would also suggest you to check the role and service account permissions

example for ref :

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: default
  name: kubectl-cron
rules:
- apiGroups:
  - extensions
  - apps
  resources:
  - deployments
  verbs:
  - 'patch'

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: kubectl-cron
  namespace: default
subjects:
- kind: ServiceAccount
  name: sa-kubectl-cron
  namespace: default
roleRef:
  kind: Role
  name: kubectl-cron
  apiGroup: ""

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: sa-kubectl-cron
  namespace: default

---