kubernetes: kubectl create -f doesn't create services first, violating config best practice

Config best practices says:

Create a service before corresponding replication controllers so that the scheduler can spread the pods comprising the service. You can also create the replication controller without specifying replicas, create the service, then scale up the replication controller, which may work better in an example using progressive disclosure and may have benefits in real scenarios also, such as ensuring one replica works before creating lots of them)

It also says:

Use kubectl create -f <directory> where possible. This looks for config objects in all .yaml, .yml, and .json files in <directory> and passes them to create.

It looks like kubectl just creates things in sorted order:

zml@zml:~/kubernetes$ ls -1 examples/spark/*.yaml
examples/spark/spark-driver-controller.yaml
examples/spark/spark-master-controller.yaml
examples/spark/spark-master-service.yaml
examples/spark/spark-worker-controller.yaml
zml@zml:~/kubernetes$ kubectl create -f examples/spark
replicationcontrollers/spark-driver-controller
replicationcontrollers/spark-master-controller
services/spark-master
replicationcontrollers/spark-worker-controller

cc @gmarek @mikedanese

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Reactions: 17
  • Comments: 24 (13 by maintainers)

Most upvoted comments

The way I implemented my CD is using the kubectl apply. I then in order to guarantee the order I prefix the files with numbers. e.g: 0_namespace.yaml 1_secret.yaml 2_service.yaml 3_deployment.yaml 4_ingress.yaml

Works like a charm.

On Mon, Jan 14, 2019, 10:02 PM borg286 <notifications@github.com wrote:

I’d also like this feature. It seems that kubecfg has a hardcoded ordering of types of objects It does ThirdPartyResource and CustomResourceDefinition then global resources, then namespace, then things that don’t contain pods then lastly things that contain pods.

This seems rather simple to fetch the types and give them a priority, toss them into a priority queue, then finally empty the queue into a list. This will bring kubectl one step closer to kubecfg.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/kubernetes/kubernetes/issues/16448#issuecomment-454210502, or mute the thread https://github.com/notifications/unsubscribe-auth/ACQA91WhX2Ezi5b2i9pdoRTUQ5keFOPTks5vDRqVgaJpZM4GXkIK .

+35
renannprado on Jan 15, 2019

This might not be a solution to this exact issue, but kubectl’s new -k mode, based on kustomize, does reorder resources.

Even if you’re not interested in kustomize’s other features, as long as you can upgrade your kubectl, you should be able to work around this limitation in a relatively clean way (at least compared to 0-prefixing).

+3
costela on May 7, 2019

any news about this?

+3
renannprado on Mar 23, 2017

That doesn’t look like a proper solution 😉

+2
adampl on May 7, 2019

As some of the more recent comments allude to, the issue of resource creation ordering is a lot more complicated than just Services->Deployments. Even if we were to implement a dependency graph between all built-in kinds, which would be non-trivial, we would still encounter several stumbling blocks:

  1. Custom resources.
  2. A successful create is not always sufficient to provide behavioural startup ordering. To get that, you may need to wait for a status on the earlier resource. E.g. CRD has to be accepted, not merely created, before submitting a dependent CR.
  3. There isn’t really a universally desirable ordering even within core kinds. Many applications have more ad-hoc dependence relationships that automatic reordering could not detect, and would in fact interfere with.
  4. Related to the above, changing from a system where users effectively provide the correct ordering explicitly to one where we attempt to infer it would be a breaking change.

We discussed this at a SIG-CLI meeting today, and for all these reasons, we don’t think this is a change we should pursue in kubectl. The current behavior is effectively to have users fully control the dependency chain by providing the resources in the desired order. This is the right behavior for a tool at this level of abstraction. If more complex behavior is desired, there are many more opinionated, higher-level deploy orchestration tools available in the ecosystem.

/close

+1
KnVerey on Mar 31, 2021
Read more comments on GitHub
← kubernetes: kubectl cp with wildcards do not work
kubernetes: kubectl debug failed to add ephemeral container with kubernetes 1.25 →