spring-bootkubernetesminikubeconfigmapspring-cloud-kubernetes

Spring Cloud Kubernetes ConfigMap reload not working


I was playing with Kubernetes in Minikube. I could able to deploy spring boot sample application into Kubernetes.

I am exploring Kubernetes configMap. I could successfully run a spring boot application with a spring cloud starter and picking the property keys from config map. Till here I am successful.

The issue I am facing currently is configmap reload.

Here is my config map :

ConfigMap.yaml

 apiVersion: v1
kind: ConfigMap
metadata:
  name: minikube-sample
  namespace: default
data:
  app.data.name: name
  application.yml: |-
    app:
      data:
        test: test

bootstrap.yaml

management:
    endpoint:
        health:
            enabled: true
        info:
            enabled: true
        restart:
            enabled: true
spring:
    application:
        name: minikube-sample
    cloud:
        kubernetes:
            config:
                enabled: true
                name: ${spring.application.name}
                namespace: default
            reload:
                enabled: true

HomeController:

package com.minikube.sample.rest.controller;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.minikube.sample.properties.PropertiesConfig;
import lombok.Getter;
import lombok.Setter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Lookup;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author Gorantla, Eresh
 * @created 06-12-2018
 */
@RestController
@RequestMapping("/home")
public class HomeResource {

    @Autowired
    PropertiesConfig config;

    @GetMapping("/data")
    public ResponseEntity<ResponseData> getData() {
        ResponseData responseData = new ResponseData();
        responseData.setId(1);
        responseData.setName(config.getName());
        responseData.setPlace("Hyderabad");
        responseData.setValue(config.getTest());
        return new ResponseEntity<>(responseData, HttpStatus.OK);
    }

    @Getter
    @Setter
    public class ResponseData {
        private String name;
        private Integer id;
        private String place;
        private String value;
    }
}

deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: minikube-sample
  namespace: default
spec:
  selector:
      matchLabels:
        app: minikube-sample

  replicas: 1
  template:
    metadata:
      labels:
        app: minikube-sample
    spec:
      containers:
        - name: minikube-sample
          image: minikube-sample:latest
          imagePullPolicy: Never
          ports:
            - containerPort: 8080
          env:
            - name: env.namespace
              value: default
          volumeMounts:
            - name: config
              mountPath: /config
      volumes:
        - name: config
          configMap:
            name: minikube-sample

I used @ConfigurationProperties to reload properties.

Dependencies

 <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-kubernetes</artifactId>
            <version>1.1.0.RELEASE</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-kubernetes-config</artifactId>
            <version>1.1.0.RELEASE</version>
        </dependency>

What I did ? I have gone through spring cloud documentation. "The view role on the service account is required in order to listen for config map changes." Then I created cluster view role through below command

C:\Users\eresh.gorantla\apps\minikube-sample\src\main\fabric8 (master -> origin)
λ kubectl create clusterrolebinding minikube-sample --clusterrole=view --serviceaccount=default:minikube --namespace=default
clusterrolebinding.rbac.authorization.k8s.io/minikube-sample created

But when I update the configmap in kubernetes, the properties are not reloaded on the fly. I suspect something wrong in clusterrolebinding. Please provide your thoughts. Any help is appreciated.


Solution

  • The Deployment doesn't have serviceAccountName configured so it uses the default service account. The command in the question, however - kubectl create clusterrolebinding ... --serviceaccount=default:minikube... - is for an account named minikube in the default namespace.

    Moreover, creating clusterrolebinding may be "too much" when rolebinding for the namespace would work.

    With the Deployment being for the default namespace (metadata.namespace: default), this should create a proper rolebinding to grant read-only permission to the default account:

    kubectl create rolebinding default-sa-view \
      --clusterrole=view \
      --serviceaccount=default:default \
      --namespace=default
    

    For reference, see Using RBAC Authorization.