Managing Resources

    Many applications require multiple resources to be created, such as a Deployment and a Service. Management of multiple resources can be simplified by grouping them together in the same file (separated by in YAML). For example:

    Multiple resources can be created the same way as a single resource:

    1. kubectl apply -f https://k8s.io/examples/application/nginx-app.yaml
    1. service/my-nginx-svc created
    2. deployment.apps/my-nginx created

    The resources will be created in the order they appear in the file. Therefore, it’s best to specify the service first, since that will ensure the scheduler can spread the pods associated with the service as they are created by the controller(s), such as Deployment.

    kubectl apply also accepts multiple -f arguments:

    1. kubectl apply -f https://k8s.io/examples/application/nginx/nginx-svc.yaml \
    2. -f https://k8s.io/examples/application/nginx/nginx-deployment.yaml

    It is a recommended practice to put resources related to the same microservice or application tier into the same file, and to group all of the files associated with your application in the same directory. If the tiers of your application bind to each other using DNS, you can deploy all of the components of your stack together.

    A URL can also be specified as a configuration source, which is handy for deploying directly from configuration files checked into GitHub:

    1. kubectl apply -f https://k8s.io/examples/application/nginx/nginx-deployment.yaml
    1. deployment.apps/my-nginx created

    Bulk operations in kubectl

    Resource creation isn’t the only operation that kubectl can perform in bulk. It can also extract resource names from configuration files in order to perform other operations, in particular to delete the same resources you created:

    1. kubectl delete -f https://k8s.io/examples/application/nginx-app.yaml
    1. deployment.apps "my-nginx" deleted
    2. service "my-nginx-svc" deleted

    In the case of two resources, you can specify both resources on the command line using the resource/name syntax:

    1. kubectl delete deployments/my-nginx services/my-nginx-svc

    For larger numbers of resources, you’ll find it easier to specify the selector (label query) specified using -l or --selector, to filter resources by their labels:

    1. kubectl delete deployment,services -l app=nginx
    1. deployment.apps "my-nginx" deleted
    2. service "my-nginx-svc" deleted

    Because kubectl outputs resource names in the same syntax it accepts, you can chain operations using $() or xargs:

    1. kubectl get $(kubectl create -f docs/concepts/cluster-administration/nginx/ -o name | grep service)
    2. kubectl create -f docs/concepts/cluster-administration/nginx/ -o name | grep service | xargs -i kubectl get {}
    1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    2. my-nginx-svc LoadBalancer 10.0.0.208 <pending> 80/TCP 0s

    With the above commands, we first create resources under examples/application/nginx/ and print the resources created with -o name output format (print each resource as resource/name). Then we grep only the “service”, and then print it with kubectl get.

    If you happen to organize your resources across several subdirectories within a particular directory, you can recursively perform the operations on the subdirectories also, by specifying --recursive or -R alongside the --filename,-f flag.

    For instance, assume there is a directory project/k8s/development that holds all of the needed for the development environment, organized by resource type:

    1. project/k8s/development
    2. ├── configmap
    3. └── my-configmap.yaml
    4. ├── deployment
    5. └── my-deployment.yaml
    6. └── pvc
    7. └── my-pvc.yaml

    By default, performing a bulk operation on project/k8s/development will stop at the first level of the directory, not processing any subdirectories. If we had tried to create the resources in this directory using the following command, we would have encountered an error:

    1. kubectl apply -f project/k8s/development
    1. error: you must provide one or more resources by argument or filename (.json|.yaml|.yml|stdin)

    Instead, specify the --recursive or -R flag with the --filename,-f flag as such:

    1. kubectl apply -f project/k8s/development --recursive

    The --recursive flag works with any operation that accepts the --filename,-f flag such as: kubectl {create,get,delete,describe,rollout} etc.

    The --recursive flag also works when multiple -f arguments are provided:

    1. kubectl apply -f project/k8s/namespaces -f project/k8s/development --recursive
    1. namespace/development created
    2. namespace/staging created
    3. deployment.apps/my-deployment created
    4. persistentvolumeclaim/my-pvc created

    If you’re interested in learning more about , go ahead and read Command line tool (kubectl).

    Using labels effectively

    For instance, different applications would use different values for the app label, but a multi-tier application, such as the guestbook example, would additionally need to distinguish each tier. The frontend could carry the following labels:

    1. labels:
    2. app: guestbook
    3. tier: frontend

    while the Redis master and slave would have different tier labels, and perhaps even an additional role label:

    1. labels:
    2. app: guestbook
    3. tier: backend
    4. role: master

    and

    1. labels:
    2. app: guestbook
    3. tier: backend
    4. role: slave

    The labels allow us to slice and dice our resources along any dimension specified by a label:

    1. kubectl apply -f examples/guestbook/all-in-one/guestbook-all-in-one.yaml
    2. kubectl get pods -Lapp -Ltier -Lrole
    1. NAME READY STATUS RESTARTS AGE APP TIER ROLE
    2. guestbook-fe-4nlpb 1/1 Running 0 1m guestbook frontend <none>
    3. guestbook-fe-ght6d 1/1 Running 0 1m guestbook frontend <none>
    4. guestbook-fe-jpy62 1/1 Running 0 1m guestbook frontend <none>
    5. guestbook-redis-master-5pg3b 1/1 Running 0 1m guestbook backend master
    6. guestbook-redis-slave-2q2yf 1/1 Running 0 1m guestbook backend slave
    7. guestbook-redis-slave-qgazl 1/1 Running 0 1m guestbook backend slave
    8. my-nginx-divi2 1/1 Running 0 29m nginx <none> <none>
    9. my-nginx-o0ef1 1/1 Running 0 29m nginx <none> <none>
    1. kubectl get pods -lapp=guestbook,role=slave
    1. NAME READY STATUS RESTARTS AGE
    2. guestbook-redis-slave-2q2yf 1/1 Running 0 3m
    3. guestbook-redis-slave-qgazl 1/1 Running 0 3m

    Another scenario where multiple labels are needed is to distinguish deployments of different releases or configurations of the same component. It is common practice to deploy a canary of a new application release (specified via image tag in the pod template) side by side with the previous release so that the new release can receive live production traffic before fully rolling it out.

    For instance, you can use a track label to differentiate different releases.

    The primary, stable release would have a track label with value as stable:

    1. name: frontend
    2. replicas: 3
    3. ...
    4. labels:
    5. app: guestbook
    6. tier: frontend
    7. track: stable
    8. ...
    9. image: gb-frontend:v3

    and then you can create a new release of the guestbook frontend that carries the track label with different value (i.e. canary), so that two sets of pods would not overlap:

    1. name: frontend-canary
    2. replicas: 1
    3. ...
    4. labels:
    5. app: guestbook
    6. tier: frontend
    7. track: canary
    8. ...

    The frontend service would span both sets of replicas by selecting the common subset of their labels (i.e. omitting the track label), so that the traffic will be redirected to both applications:

    1. selector:
    2. app: guestbook
    3. tier: frontend

    You can tweak the number of replicas of the stable and canary releases to determine the ratio of each release that will receive live production traffic (in this case, 3:1). Once you’re confident, you can update the stable track to the new application release and remove the canary one.

    For a more concrete example, check the tutorial of deploying Ghost.

    Updating labels

    Sometimes existing pods and other resources need to be relabeled before creating new resources. This can be done with kubectl label. For example, if you want to label all your nginx pods as frontend tier, run:

    1. kubectl label pods -l app=nginx tier=fe
    1. pod/my-nginx-2035384211-j5fhi labeled
    2. pod/my-nginx-2035384211-u3t6x labeled

    This first filters all pods with the label “app=nginx”, and then labels them with the “tier=fe”. To see the pods you labeled, run:

    1. kubectl get pods -l app=nginx -L tier
    1. NAME READY STATUS RESTARTS AGE TIER
    2. my-nginx-2035384211-j5fhi 1/1 Running 0 23m fe
    3. my-nginx-2035384211-u2c7e 1/1 Running 0 23m fe
    4. my-nginx-2035384211-u3t6x 1/1 Running 0 23m fe

    This outputs all “app=nginx” pods, with an additional label column of pods’ tier (specified with -L or --label-columns).

    For more information, please see labels and .

    Updating annotations

    Sometimes you would want to attach annotations to resources. Annotations are arbitrary non-identifying metadata for retrieval by API clients such as tools, libraries, etc. This can be done with kubectl annotate. For example:

    1. apiVersion: v1
    2. kind: pod
    3. metadata:
    4. annotations:
    5. description: my frontend running nginx
    6. ...

    For more information, see and kubectl annotate document.

    When load on your application grows or shrinks, use kubectl to scale your application. For instance, to decrease the number of nginx replicas from 3 to 1, do:

    1. kubectl scale deployment/my-nginx --replicas=1
    1. deployment.apps/my-nginx scaled

    Now you only have one pod managed by the deployment.

    1. kubectl get pods -l app=nginx
    1. NAME READY STATUS RESTARTS AGE
    2. my-nginx-2035384211-j5fhi 1/1 Running 0 30m
    1. kubectl autoscale deployment/my-nginx --min=1 --max=3
    1. horizontalpodautoscaler.autoscaling/my-nginx autoscaled

    Now your nginx replicas will be scaled up and down as needed, automatically.

    For more information, please see kubectl scale, and horizontal pod autoscaler document.

    In-place updates of resources

    Sometimes it’s necessary to make narrow, non-disruptive updates to resources you’ve created.

    It is suggested to maintain a set of configuration files in source control (see ), so that they can be maintained and versioned along with the code for the resources they configure. Then, you can use kubectl apply to push your configuration changes to the cluster.

    This command will compare the version of the configuration that you’re pushing with the previous version and apply the changes you’ve made, without overwriting any automated changes to properties you haven’t specified.

    1. kubectl apply -f https://k8s.io/examples/application/nginx/nginx-deployment.yaml
    1. deployment.apps/my-nginx configured

    Note that kubectl apply attaches an annotation to the resource in order to determine the changes to the configuration since the previous invocation. When it’s invoked, kubectl apply does a three-way diff between the previous configuration, the provided input and the current configuration of the resource, in order to determine how to modify the resource.

    Currently, resources are created without this annotation, so the first invocation of kubectl apply will fall back to a two-way diff between the provided input and the current configuration of the resource. During this first invocation, it cannot detect the deletion of properties set when the resource was created. For this reason, it will not remove them.

    All subsequent calls to kubectl apply, and other commands that modify the configuration, such as kubectl replace and kubectl edit, will update the annotation, allowing subsequent calls to kubectl apply to detect and perform deletions using a three-way diff.

    Alternatively, you may also update resources with kubectl edit:

    1. kubectl edit deployment/my-nginx

    This is equivalent to first get the resource, edit it in text editor, and then apply the resource with the updated version:

    1. kubectl get deployment my-nginx -o yaml > /tmp/nginx.yaml
    2. vi /tmp/nginx.yaml
    3. # do some edit, and then save the file
    4. kubectl apply -f /tmp/nginx.yaml
    5. deployment.apps/my-nginx configured
    6. rm /tmp/nginx.yaml

    This allows you to do more significant changes more easily. Note that you can specify the editor with your EDITOR or KUBE_EDITOR environment variables.

    For more information, please see kubectl edit document.

    You can use kubectl patch to update API objects in place. This command supports JSON patch, JSON merge patch, and strategic merge patch. See Update API Objects in Place Using kubectl patch and .

    Disruptive updates

    In some cases, you may need to update resource fields that cannot be updated once initialized, or you may want to make a recursive change immediately, such as to fix broken pods created by a Deployment. To change such fields, use replace --force, which deletes and re-creates the resource. In this case, you can modify your original configuration file:

    1. kubectl replace -f https://k8s.io/examples/application/nginx/nginx-deployment.yaml --force
    1. deployment.apps/my-nginx deleted
    2. deployment.apps/my-nginx replaced

    At some point, you’ll eventually need to update your deployed application, typically by specifying a new image or image tag, as in the canary deployment scenario above. kubectl supports several update operations, each of which is applicable to different scenarios.

    We’ll guide you through how to create and update applications with Deployments.

    Let’s say you were running version 1.14.2 of nginx:

    1. kubectl create deployment my-nginx --image=nginx:1.14.2
    1. deployment.apps/my-nginx created

    with 3 replicas (so the old and new revisions can coexist):

    1. kubectl scale deployment my-nginx --current-replicas=1 --replicas=3

    To update to version 1.16.1, change .spec.template.spec.containers[0].image from nginx:1.14.2 to nginx:1.16.1 using the previous kubectl commands.

    1. kubectl edit deployment/my-nginx

    What’s next