This page shows how to update a running Deployment to a new version using a rolling update. A rolling update gradually replaces old Pods with new ones, so your application remains available throughout the process.
You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:
You need an existing Deployment. If you do not have one, create the nginx Deployment from Run a Stateless Application Using a Deployment:
kubectl apply -f https://k8s.io/examples/application/deployment.yaml
Verify the Deployment runs two Pods:
kubectl get deployment nginx-deployment
The output is similar to:
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 2/2 2 2 10s
Any change to the .spec.template field of a Deployment triggers a rolling
update. Kubernetes creates new Pods with the updated configuration and gradually
terminates old Pods.
kubectl applyYou can trigger a rolling update by editing the Deployment manifest and applying the change. This approach works well when you keep manifests in version control.
Export the current Deployment to a local file:
kubectl get deployment nginx-deployment -o yaml > /tmp/nginx-deployment.yaml
Edit /tmp/nginx-deployment.yaml and change .spec.template.spec.containers[0].image
from nginx:1.14.2 to nginx:1.16.1.
Before applying, compare your local changes against the cluster state:
kubectl diff -f /tmp/nginx-deployment.yaml
The output is similar to:
diff -u -N /tmp/LIVE/apps.v1.Deployment.default.nginx-deployment /tmp/MERGED/apps.v1.Deployment.default.nginx-deployment
--- /tmp/LIVE/apps.v1.Deployment...
+++ /tmp/MERGED/apps.v1.Deployment...
@@ -29,7 +29,7 @@
containers:
- - image: nginx:1.14.2
+ - image: nginx:1.16.1
name: nginx
Apply the updated manifest:
kubectl apply -f /tmp/nginx-deployment.yaml
To update the container image without editing a manifest file, use
kubectl set image:
kubectl set image deployment/nginx-deployment nginx=nginx:1.16.1
The output is similar to:
deployment.apps/nginx-deployment image updated
Verify the image was updated:
kubectl get deployment nginx-deployment -o jsonpath='{.spec.template.spec.containers[0].image}'
The output is similar to:
nginx:1.16.1
Use kubectl rollout status to watch the progress of a rolling update:
kubectl rollout status deployment/nginx-deployment
The output is similar to:
Waiting for deployment "nginx-deployment" rollout to finish: 1 out of 2 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 out of 2 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
deployment "nginx-deployment" successfully rolled out
After the rollout completes, verify the Deployment:
kubectl get deployment nginx-deployment
The output is similar to:
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 2/2 2 2 2m
You can pause a rollout to inspect a partial update or to batch multiple changes into a single rollout.
kubectl rollout pause deployment/nginx-deployment
The output is similar to:
deployment.apps/nginx-deployment paused
While the rollout is paused, you can make additional changes. These changes do not trigger a new rollout until you resume:
kubectl set image deployment/nginx-deployment nginx=nginx:1.17.0
kubectl rollout resume deployment/nginx-deployment
The output is similar to:
deployment.apps/nginx-deployment resumed
Verify the rollout completes:
kubectl rollout status deployment/nginx-deployment
Deployments support two update strategy types:
For the RollingUpdate strategy, these parameters control how Kubernetes performs the update:
| Parameter | Controls | Default | Example |
|---|---|---|---|
maxUnavailable | Maximum number of Pods that can be unavailable during the update | 25% | 1 or 25% |
maxSurge | Maximum number of extra Pods that can be created during the update | 25% | 1 or 25% |
maxUnavailable and maxSurge accept an absolute number or a percentage.
Kubernetes calculates percentages from the desired replica count, rounding down
for maxUnavailable and rounding up for maxSurge.To configure these parameters, use kubectl patch:
kubectl patch deployment nginx-deployment -p \
'{"spec":{"strategy":{"rollingUpdate":{"maxUnavailable":"25%","maxSurge":"25%"}}}}'
You can also set these fields in a Deployment manifest under
.spec.strategy.rollingUpdate. For detailed examples, see
max unavailable
and max surge
in the Deployment concepts documentation.
If a rollout does not make progress within the time specified by
.spec.progressDeadlineSeconds (default: 600 seconds), Kubernetes marks the Deployment condition Progressing as False. You can check for this condition by describing the Deployment:
kubectl describe deployment nginx-deployment
Look for the Progressing condition in the Conditions section of the output. A stalled rollout usually indicates that new Pods are failing to start. The Events section of the output can help diagnose the issue.
If a new version introduces issues, you can roll back to a previous revision.
kubectl rollout history deployment/nginx-deployment
The output is similar to:
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
2 <none>
CHANGE-CAUSE column shows the value of the kubernetes.io/change-cause
annotation at the time of each revision. This annotation is not set automatically,
but if you are using an automated solution to manage Deployments, the tool you use
may write some text into that annotation.kubectl rollout undo deployment/nginx-deployment
The output is similar to:
deployment.apps/nginx-deployment rolled back
kubectl rollout undo deployment/nginx-deployment --to-revision=1
Verify the rollback completes:
kubectl rollout status deployment/nginx-deployment
.spec.revisionHistoryLimit in the Deployment manifest. Setting it to 0 disables rollback entirely.Delete the Deployment:
kubectl delete deployment nginx-deployment