Dead Simple: Kubernetes Single Pod with Rolling Updates

Sometimes you have k8s apps that only need a single replica. For example, a few dozen people only use a minor web service internally. However, when updating it, you still don’t want to have any downtime. K8s is weird about this, so there are plenty of StackOverflow questions.

TLDR — the k8s deployment YAML should have like this

spec:
  replicas: 1
  selector:
    matchLabels:
      app: fooapp
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
    type: RollingUpdate

• maxSurge: 1 — a second pod will be brought up
• maxUnavailable: 0 — the first pod will not be killed
• type: RolingUpdate — when the second pod is healthy, traffic will switch over, and the second pod will be killed off. If the second pod is never healthy, the first pod will remain up indefinitely.

For this to work, it is paramount your app has valid health checks. For a Spring app with a single http health check, this is a readiness probe:

  ports:
    - containerPort: 80
      name: http
  readinessProbe:
    successThreshold: 2
    failureThreshold: 2
    periodSeconds: 10
    timeoutSeconds: 5
    httpGet:
      path: /management/health
      port: http

However, I do recommend a startup and liveliness probes, as described here.

Full deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: company-fooapp
  labels:
    app: fooapp
  namespace: qa
spec:
  replicas: 1
  selector:
    matchLabels:
      app: fooapp
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: fooapp
      name: fooapp
    spec:
      containers:
        - env:
            - name: SPRING_PROFILES_ACTIVE
              value: qa
          image: path-to-docker-image
          imagePullPolicy: Always
          name: fooapp
          resources:
            limits:
              cpu: 1
              memory: 500M
          ports:
            - containerPort: 80
              name: http
          startupProbe:
            successThreshold: 1
            failureThreshold: 18
            periodSeconds: 10
            timeoutSeconds: 5
            httpGet:
              path: /management/health
              port: http
          readinessProbe:
            successThreshold: 2
            failureThreshold: 2
            periodSeconds: 10
            timeoutSeconds: 5
            httpGet:
              path: /management/health
              port: http
          livenessProbe:
            successThreshold: 1
            failureThreshold: 3
            periodSeconds: 30
            timeoutSeconds: 5
            httpGet:
              path: /management/health
              port: http