Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ---
- kind: Role
- apiVersion: rbac.authorization.k8s.io/v1
- metadata:
- namespace: default
- name: restart-pods
- rules:
- - apiGroups:
- - extensions
- - apps
- resources:
- - deployments
- - replicasets
- verbs:
- - 'patch'
- - 'get'
- ---
- kind: RoleBinding
- apiVersion: rbac.authorization.k8s.io/v1beta1
- metadata:
- name: restart-pods
- namespace: default
- subjects:
- - kind: ServiceAccount
- name: restart-pods-sa
- namespace: default
- roleRef:
- kind: Role
- name: restart-pods
- apiGroup: ""
- ---
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: restart-pods-sa
- namespace: default
- ---
- apiVersion: batch/v1beta1
- kind: CronJob
- metadata:
- name: restart-pods
- namespace: default
- spec:
- # schedule: "0 */24 * * *"
- schedule: "*/1 * * * *"
- concurrencyPolicy: Replace
- jobTemplate:
- spec:
- template:
- spec:
- serviceAccountName: restart-pods-sa
- containers:
- - name: kubectl
- image: garland/kubectl:1.10.4
- command:
- - /bin/sh
- - -c
- - kubectl patch deployment api-gateway -p '{"spec":{"template":{"metadata":{"annotations":{"restarted-by":"'${POD_NAME}'", "restarted-at":"`date +'%s'`"}}}}}'
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- restartPolicy: OnFailure
- # In case of `forbidden` errors when setting authorization rules:
- # kubectl create clusterrolebinding cluster-admin-binding \
- # --clusterrole cluster-admin \
- # --user $(gcloud config get-value account)
Add Comment
Please, Sign In to add comment