Published in kubernetes

Tutorial: Automatically restart Kubernetes containers without cron

Let's say you have a Kubernetes application that fetches data from an external source on startup. How do force that application to restart on a schedule to keep that data up to date?

Neither Kubernetes nor Red Hat OpenShift make that particularly easy. You could try creating a cron job using kubectl to restart the container, but that involves permissions many users lack.

You might see an error like this...

Error from server (Forbidden): deployments.apps "example-app" is forbidden: User "example-user" cannot get resource "deployments" in API group "apps" in the namespace "example-namespace"

...attempting to restart a container with a cron job like this:

apiVersion: batch/v1
kind: CronJob
metadata:
  name: patch-deployment-cronjob
  namespace: <your-namespace>
spec:
  schedule: "0 0 * * *"  # Every day at midnight
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: kubectl-container
            image: bitnami/kubectl:latest
            command:
            - /bin/sh
            - -c
            - >
              kubectl patch deployment <your-deployment-name> -n <your-namespace> -p '{"spec":{"template":{"metadata":{"annotations":{"date":"'$(date +%Y%m%d%H%M%S)'"}}}}}'
          restartPolicy: OnFailure

To solve the problem without asking for additional permissions, consider adding a livenessProbe to your deployment.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-app-container
        image: my-app-image
    livenessProbe:
        exec:
          command:
        - /bin/sh
        - '-c'
        - |
          if [ "$(date +%H:%M)" == "04:00" ]; then exit 1; else exit 0; fi
        initialDelaySeconds: 10
        timeoutSeconds: 10
        periodSeconds: 60
        successThreshold: 1
        failureThreshold: 1

The livenessProbe above checks if the time is 4 a.m. If so, it exits with a 1 code, indicating an error, which restarts the container. If not, it exits with a 0 code, indicating no error. periodSeconds is set to 60, indicating the check runs once every minute. successThreshold and failureThreshold are both set to 1, which indicates the check only needs to run once to indicate a success or failure.

livenessProbes are an easy way to automatically restart containers without additional cron jobs or permission requests.

Learn more about liveness probes from Kubernetes and Red Hat.

Related post

Comments

Featured Posts

Recommended Topics