Patching Resources in Kubernetes

Introduction

Kubernetes is a container orchestration platform designed to host and run containers of different applications in a stable and efficient matter. It is self-healing and runs on any Linux system irrespective of CPU architecture like amd64, ARM, etc.

Pre-Requisites

• Kubernetes Cluster
• kubectl

Patching Resources

Patch is a kubectl sub-command that can be used to change the attributes of a deployed resource in a Kubernetes cluster in real-time without deleting and deploying the resource.

When applying configs with the patch command, different types of patch operations can be performed. kubectl by default, uses the strategic merge type. The other available types are listed below:

• json: This type of patch allows us to provide an operation or operations to carry out on the object.
• json merge: This type of patch allows us to natively override keys in an object. It follows the algorithm specified in RFC 7386.
• strategic: This type of patch will replace or merge values based on the object's patchStrategy as defined in the Kubernetes source code. This is the default patch type.

Implementation

Let's practice patching by increasing the size of a Persistent Volume Claim(PVC) using the strategic patch operation. But first, we'll learn a little about Volumes and PVCs first.

Volumes are a kind of directory in Kubernetes used by containers to store files persistently, even during restarts. The concept of volumes is abstracted with the use of Persistent Volumes and Persistent Volume Claim. Persistent Volumes are the actual directory where files can be stored persistently and Persistent Volume Claims provide the actual size of the volume.

For this example, we'll deploy the following components in the cluster.

• Storage Class (SC)
• Persistent Volume (PV)
• Persistent Volume Claim (PVC)

All the above three components are provided in the YAML manifest below. You can use it to deploy them into the cluster.

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: patch-sc
provisioner: kubernetes.io/no-provisioner
reclaimPolicy: Retain
volumeBindingMode: Immediate
allowVolumeExpansion: true
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-patch
spec:
  accessModes:
  - ReadWriteOnce
  capacity:
    storage: 1000Mi
  local:
    path: /tmp/vol1
  storageClassName: patch-sc
  volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-patch
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 50Mi
  storageClassName: patch-sc
  volumeMode: Filesystem

We can now check the status of these resources by running the following commands.

kubectl get sc

NAME                 PROVISIONER                    RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
patch-sc              kubernetes.io/no-provisioner   Retain          WaitForFirstConsumer   true                   83s
standard (default)   k8s.io/minikube-hostpath   Delete          Immediate           false                  167m

kubectl get pv

NAME         CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM   STORAGECLASS   REASON   AGE
pv-patch   1000Mi      RWO            Retain           Available           dynamic                 12s

kubectl get pvc

kubectl get pvc
NAME          STATUS   VOLUME       CAPACITY   ACCESS MODES   STORAGECLASS   AGE
pvc-patch   Bound    pv-patch   50Mi      RWO            patch-sc        3m25s

Let's create a simple httpd pod that references the created PVC now.

apiVersion: v1
kind: Pod
metadata:
  labels:
    run: httpd
  name: httpd
spec:
  containers:
  - image: httpd
    name: httpd
    resources: {}
    volumeMounts:
    - name: data
      mountPath: /var/www/html
  volumes:
  - name: data
    persistentVolumeClaim:
      claimName: pvc-patch
  dnsPolicy: ClusterFirst
  restartPolicy: Always

Lets Patch

To patch resources in Kubernetes, we need to provide it with the JSON path of the attribute we want to patch.

Let's look at the PVC in JSON format by running the following command:

kubectl get po httpd -o json

The output will consist of many values, so I've taken up a shortened form consisting of only the attribute we want to patch.

    "spec": {
        "accessModes": [
            "ReadWriteOnce"
        ],
        "resources": {
            "requests": {
                "storage": "50Mi"
            }
        },
        "storageClassName": "patch-sc",
        "volumeMode": "Filesystem",
        "volumeName": "pv-patch"
    }

This is the portion we need to patch to increase the PVC size.

    "spec": {
        "resources": {
            "requests": {
                "storage": "50Mi"
            }
        },
    },

Let's increase the storage size to 1000Mi by modifying the JSON we extracted above. We must also remove the new lines and combine them into a single line.

'{"spec":{"resources":{"requests":{"storage":"1000Mi"}}}}'

Now, run the command below to patch the PVC and increase available storage to 1000Mi

kubectl patch pvc pvc-patch -p '{"spec":{"resources":{"requests":{"storage":"1000Mi"}}}}'

Output:

persistentvolumeclaim/pvc-patch patched

Now, if we run a kubectl describe on the PVC, we can see that the PVC size has increased to the size specified in the patch.

kubectl describe pvc pvc-patch
Name:          pvc-patch
Namespace:     default
StorageClass:  patch-sc
Status:        Bound
Volume:        pv-patch
Labels:        <none>
Annotations:   pv.kubernetes.io/bind-completed: yes
               pv.kubernetes.io/bound-by-controller: yes
Finalizers:    [kubernetes.io/pvc-protection]
Capacity:      1000Mi
Access Modes:  RWO
VolumeMode:    Filesystem
Mounted By:    httpd

This way, we can patch attributes of resources already deployed in a cluster without deleting and redeploying them.

Conclusion

In this article, we learned about Persistent Volumes and Persistent Volume Claims. We also learned to patch the attributes of resources deployed in a Kubernetes cluster.

Thank you for reading. Please comment down below if you have any queries! :)