Changing 'imagePullPolicy' of all containers in all deployments #1493
Comments
|
And I can't use AlwaysPullImages AdmissionController in GKE |
results in |
|
workaround: |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
Any thoughts on adding this to the default I am aware that this is not quite the ask of this issue... |
|
/remove-lifecycle stale |
k8s-ci-robot
removed
the
lifecycle/stale
@matti , what does your patch yaml file look like for setting the |
|
sorry I kinda stopped using kustomize - it is too hard or impossible to have things like this. |
|
@matti I feel you. I cannot seem to get |
|
You have to apply a patch like this one: It is less than ideal. There should be a way to change the imagePullPolicy with the |
|
@antoninbas do you need to have a specific patch file like that? What I mean by specific is like exact name mappings and so on? We basically take a compose file, convert with kompose, and then want to apply kustomize patches to that rendered yaml file. The compose files we are converting aren't necessarily stuff we own, so we won't know the names of services and so on. We ideally want something just like kind: Deployment
spec:
templates:
spec:
containers:
imagePullPolicy: AlwaysThat is then applied to all future |
|
I tried that a while back but it didn't work for me. I had to enumerate all containers by name. For your use case, it would be great if @matti's patch worked: but the wildcard It would be great if one of the kustomize developers could comment on this issue though, in case there is an alternative solution. |
|
@antoninbas man that was not the news I was hoping for lol. So as it sits currently, without the developers commenting, there currently is no way to patch through kustomize or potentially through the |
|
Not that I know of. But I have been using kustomize very lightly so I am definitely not an expert. |
|
You can deploy an admission controller webhook which mutates all the objects live on the cluster and ensures imagePullPolicy is what you need 😅 🌮 |
|
We are using self build docker images in Minikube, therefore the ImagePullPolicy should be Never for local development but Always for all other environments. I did not expect this to be so hard with Kustomize 😢 |
|
Made it working with mentioned patchesStrategicMerge... apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: base-cronjob
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: base-cronjob
image: "cronjob:latest"
imagePullPolicy: "Never"
args: ['python3 cronjob.py']My kustomization.yml (important is providing the containers name): apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- cronjob
patchesStrategicMerge:
- |-
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: base-cronjob
spec:
schedule: "*/2 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: base-cronjob
image: "cronjob:dev"
imagePullPolicy: "Always" |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
Hi @matti, might I ask which other tool you moved for this kind of templating? I'm trying similar templating like in this issue and feeling exactly the same, that either it's not possible or very diffcult. I think there should be another way. Thanks! |
|
helm. Helm is the clear winner of these tools.
… On 29. Jul 2020, at 17.03, agascon ***@***.***> wrote:
sorry I kinda stopped using kustomize - it is too hard or impossible to have things like this.
Hi @matti, might I ask which other tool you moved for this kind of templating?
I'm trying similar templating like in this issue and feeling exactly the same, that either it's not possible or very diffcult. I think there should be another way.
Thanks!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Helm is a great tool, but write and maintain a chart is really a pain! |
|
I know. That's why I tried kustomize (and kpt), but issues like these just wont work with declarative approach. Just give another try for helm, it also handles removal of resources nicely (have you tried what happens when you remove a kustomize resouce? you need to delete that manually) |
|
There is already an issue about resources removal, so I think that it will be fixed soon. I think that Kustomize offers lots of really important features and the community will add more and more within next months. Features that are completely compliant with declarative approach. @matti can you make an example of declarative approach when Kustomize does not work? |
|
This issue? And also this "closed" issue here: #168 (comment) |
k8s-ci-robot
added
the
lifecycle/stale
|
/remove-lifecycle stale
… On 22. Jul 2021, at 20.00, fejta-bot ***@***.***> wrote:
/remove-lifecycle stale.
|
k8s-ci-robot
removed
the
lifecycle/stale
|
Pretty surprised to find this limitation. It's explained by the fact that a json patch specifies paths as "JSON Pointers" http://jsonpatch.com/#json-pointer which are specific identifiers for a single document-element. It is not JSONPath, there are no wildcards and there is no pattern matching. I guess the correct answer is probably to write a custom kustomize transformer. I'm very surprised to see the need for that for a task that seems likely to be as commonplace and basic as this though. |
|
See also #720 |
|
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
|
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
k8s-ci-robot
added
lifecycle/rotten
|
/remove-lifecycle rotten Just got hit by this as well, not for images, but for removing a bunch of keys from a list in a single manifest. I was frantically trying to understand why the asterisk is not supported, until I stumbled across this thread. |
k8s-ci-robot
removed
the
lifecycle/rotten
|
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
|
just use sed and/or envsubst on kustomize yaml before apply this will never be fixed in kustomize, because kustomize is designed to be promising, but painful. |
|
I had the same need and solved it by creating a plugin: It's packaged as a Containerized KRM Function, which is an alpha feature at the time of this writing (see Plugin feature status). |
|
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
k8s-ci-robot
added
lifecycle/rotten
|
/remove-lifecycle rotten |
k8s-ci-robot
removed
the
lifecycle/rotten
|
/remove-lifecycle rotten @antoninbas feature would be amazing. I am sure it can be applied elsewhere too. |
|
This can sort of be done with raw Kustomize using replacements since it supports wildcard fieldPaths. The caveat is that your deployments/containers need to have the imagePullPolicy already specified. But once you have it you can change all containers imagePullPolicy to the other types of policies. There is a "create=true" option if the value is missing but you cannot use it when using wildcards to select all containers.
|
|
Instead of listing every target deployment in |
|
I think that should work, no? 🤔 |
|
@moatorres as stated in the description with respect to /0/
|
|
They fixed create=true for Wildcard replacements that I mentioned earlier so if anyone is still looking for this here is an example. Not sure which version it got added in. Im using latest Kustomize(5.1.1+) but it should be in some earlier versions. kustomization.yaml deployment.yaml |
and others
originally asked here #412 - but the question is still left unanswered:
following kustomization
and
changes/adds the imagePullPolicy to first container, but how to set it to all containers? using
*does not work.The text was updated successfully, but these errors were encountered: