You may encounter a situation where changes to a Secret/Configmap in Kubernetes are not automatically reflected to the associated Pods, addressing this issue typically requires manual pod restart, which is error-prone and time-consuming. Reloader, an automation tool, is used to streamline this process and reduce the need for manual steps.

Changes in ConfigMap and Secret are monitored by Reloader, which automatically triggers rolling upgrades for linked Pods managed by Deployment, StatefulSet, DaemonSet, and DeploymentConfig controllers. This simplifies configuration modifications while also ensuring application availability.

This tool not only improves efficiency but also ensures that our Kubernetes environment maintains the desired consistency. Changes to the configuration are immediately propagated to the appropriate Pods or Deployments, ensuring that our applications are always up-to-date and reliable. This eliminates the need for manual intervention and minimizes the likelihood of configuration conflicts, resulting in a more reliable and efficient Kubernetes system.

In this tutorial, we'll explore Reloader, its installation in a Civo Kubernetes cluster via Civo Marketplace, and how you can access it, along with its benefits.

Prerequisite

Before we begin, there are some prerequisites you’ll need to have in place:

Installing Reloader through Civo Marketplace

There are two ways to install the Reloader through Civo Marketplace, through the UI or the CLI. This section will explore how you can install Reloader using both of these methods.

Civo Marketplace UI

After successfully creating the Kubernetes cluster, log in to the Civo dashboard and go to "Kubernetes" > "Kubernetes Cluster" > "Marketplace" as shown in the screenshot below: Reloader in Civo Marketplace

In the Marketplace section, select the “Architecture” tab, and click “Reloader”. Click “Install Apps” from here to install the Reloader application inside the cluster.

Civo CLI

To install Reloader through Civo CLI, please use the following command to install it:

civo kubernetes applications add reloader --cluster <CLUSTER-NAME>

For CLUSTER-NAME put the actual name of the cluster.

The above command will deploy the Reloader Marketplace application to your cluster.

If no errors occur during installation, it means the Reloader application has been successfully installed into your cluster. Now you can use the Reloader application.

Overview of Reloader

As previously indicated, we can install Reloader through Civo Marketplace. Reloader is an open-source tool that performs rolling updates on relevant DeploymentConfig, Deployment, Daemonset, Statefulset, and Rollout when there have been changes in the Secrets/Configmaps.

Let's explore how we can use Reloader.

To get started, you'll need to create a Secret and ConfigMap, which can be done by creating a YAML file, test-config-secret.yaml. This will hold the configuration data that your pods will rely on. The YAML file is given below:

test-config-secret.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: color-config
data:
  color: "Red"
---
apiVersion: v1
data:
  password: Y2l2b3Bhc3N3b3JkMTIzQA==
kind: Secret
metadata:
  name: test-sec-pass

Next, you'll create a deployment using another YAML file, deploy.yaml. To enable automatic rolling updates in the related pod, if there are any changes in Secrets or ConfigMaps, add the annotation reloader.stakater.com/auto to the main metadata section of your Deployment.

deploy.yaml 

apiVersion: apps/v1
kind: Deployment
metadata:
  name: color-check
  labels:
    app: nginx
  annotations:
    reloader.stakater.com/auto: "true"
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        env:
        - name: TESTCONFIGMAPCOLOR
          valueFrom:
            configMapKeyRef:
              name: color-config
              key: color
        - name: TESTSECRETPASSWORD
          valueFrom:
            secretKeyRef:
              name: test-sec-pass
              key: password

We will be applying our configuration YAML files to our cluster through the use of kubectl, by using the command kubectl apply -f <file-name.yaml>. For file-name, use the actual file name.

$ kubectl apply -f test-config-secret.yaml
configmap/color-config created
secret/test-sec-pass created

$ kubectl apply -f deploy.yaml
deployment.apps/color-check created

You can confirm that your deployment is created successfully by running the kubectl get deploy command. This will show you whether the deployment is created successfully or not.

$ kubectl get deploy
NAME          READY   UP-TO-DATE   AVAILABLE   AGE
color-check   3/3     3            3           2m29s

$ kubectl get pods
NAME                          READY   STATUS    RESTARTS   AGE
color-check-f5cc54b9c-jz9nr   1/1     Running   0          57s
color-check-f5cc54b9c-5kb8j   1/1     Running   0          55s
color-check-f5cc54b9c-nhzzt   1/1     Running   0          53s

At this point, the deployment should be successfully created. To ensure everything is functioning as expected, you can check the environmental variables within your pods.

Use the kubectl exec -it <Pod-name> -- bash command to access the shell of a specific pod. Replace Pod-name with the actual name of a pod associated with your deployment:

$ kubectl exec -it color-check-f5cc54b9c-jz9nr -- bash
root@color-check-f5cc54b9c-jz9nr:/# echo $TEST_CONFIGMAP_COLOR  
Red
root@color-check-f5cc54b9c-jz9nr:/# echo $TEST_PASSWORD
civopassword123@

As we can see, the value of $TESTCONFIGMAPCOLOR is Red and the value of $TESTSECRETPASSWORD is civopassword123@.

Finally, we will test the reloader by updating the configmap color-config value from Red to Green by using the following command: kubectl edit configmap color-config

Upon opening the file, alter the color value from Red to Green. To save and exit, press 'Esc' then ':wq'.

Reloader will detect this change and automatically trigger a rolling update to related pods, ensuring that your application adapts to the new configuration seamlessly. Let’s check whether the changes are reflected in the pods or not. 

$ kubectl get pods
NAME                          READY   STATUS    RESTARTS   AGE
color-check-9f49b5c75-8r494   1/1     Running   0          14m
color-check-9f49b5c75-v64l8   1/1     Running   0          14m
color-check-9f49b5c75-gz4dw   1/1     Running   0          14m

$ kubectl exec -it color-check-9f49b5c75-8r494 -- bash
root@color-check-9f49b5c75-8r494:/# echo $TEST_CONFIGMAP_COLOR
Green

The value of $TESTCONFIGMAPCOLOR should now be changed from Red to Green. You can do many more customization according to your needs. For this, you need to add the annotation, according to your need in metadata.

If the use case is when a specific configmap changes, then perform a rolling update, for this use this annotation: configmap.reloader.stakater.com/reload: <name-of-configmap>.

Let’s see how to use it for deployment:

kind: Deployment
metadata:
  annotations:
    configmap.reloader.stakater.com/reload: <name-of-configmap>
spec:
  template:
    metadata:

We can use multiple config maps separated by a comma.

If the use case is when there is a change in a specific secret, then a rolling update should be triggered for the associated pods, for this use this annotation: secret.reloader.stakater.com/reload: <name-of-secret>

Let’s see an example, how to use it:

kind: Deployment
metadata:
  annotations:
    secret.reloader.stakater.com/reload: <name-of-secret>
spec:
  template: 
    metadata:

Benefits of using Reloader

Feature Description
Reduced manual intervention Reloader eliminates the need for manually restarting pods when updating their configurations, which can help save time and reduce the possibility of mistakes.
Automatic Configuration Updates Reloader automates Kubernetes resource updates when ConfigMaps or Secrets change, minimizing the need for manual intervention in configuration management.
Time and Resource Savings It automates configuration updates and saves time and effort. This can be especially beneficial in large or complex deployments.
Enhanced Efficiency Reloader reduces manual configuration update tasks, saving time and minimizing the risk of human errors.
Enhanced Security Kubernetes Reloader enhances security by ensuring updated configurations, such as Secrets, are automatically reflected in pods without manual intervention. This reduces the risk of outdated or incorrect security credentials and helps maintain a more secure Kubernetes environment.

Summary

Reloader offers a streamlined solution for Kubernetes environments, ensuring that changes to ConfigMaps and Secrets are automatically propagated to associated Pods. By using Reloader, manual interventions, such as pod restarts, are eliminated, reducing the risk of configuration discrepancies and potential errors.

This tutorial provided a comprehensive guide on installing and using Reloader in a Civo Kubernetes cluster, emphasizing its benefits, such as reduced manual intervention, automatic configuration updates, time and resource savings, enhanced efficiency, and improved security. Adopting tools like Reloader can significantly enhance the reliability and efficiency of Kubernetes deployments.

Further Resources

If you want to know more about Reloader, look at these resources given here: