Kubernetes hot reload config Map with Spring boot watcher

Setup

Hot reload of ConfigMap can be done in spring boot application by using spring spring-cloud-starter-kubernetes-config module. We used version 1.1.7.RELEASE of config module. Include this in build as dependency.

The second component it requires is “Spring Cloud Kubernetes Configuration Watcher” (https://docs.spring.io/spring-cloud-kubernetes/docs/current/reference/html/index.html#spring-cloud-kubernetes-configuration-watcher) it should be available as container inside your pod. The role of this watcher is to listen the event which is published by the “spring-cloud-starter-kubernetes-config” module when the configMap changes. When event is received by the watcher component , it hit the Refresh endpoint of the service. The reload feature of Spring Cloud Kubernetes is able to trigger an application reload when a related ConfigMap or Secret changes. This app require some configuration regarding the application /refresh endpoint of the actuator.

Watcher container must have the environment variable of the actuator endpoints of the application which need to be refreshed.

env:
- name: spring.cloud.kubernetes.configuration.watcher.actuatorPort
value: "{{.Values.service.port}}"
- name: spring.cloud.kubernetes.configuration.watcher.actuatorPath
value: {{.Values.config.contextPath}}

Application setup

In Spring boot app, it requires bootstrap.yml to load the external configuration. We have to mention the configmaps which need to be watched with there namespaces.

bootsrap.yml

spring:
cloud:
kubernetes:
config:
# default namespace
namespace: ${RELEASE_NAMESPACE}
sources:
# list of configMaps to load
- name: ${CONFIG_NAME}
- name: ${CONFIG_NAME}
reload:
enabled: true
mode: event
strategy: refresh

In application.yml, it only need the spring actuator management endpoint refresh to be enabled.

management:
info:
defaults:
enabled: false
endpoints:
web:
base-path: '/'
exposure:
include: metrics,health,refresh,info
endpoint:
info.enabled: true
metrics.enabled: true
refresh.enabled: true
prometheus.enabled: true

ConfigMap

The configmap must have a label to watch spring.cloud.kubernetes.config: “true”. It enables the watcher to watch this configmap events and when this changes it published the event.

apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-config
namespace: {{ .Release.Namespace }}
labels:
spring.cloud.kubernetes.config: "true"
data:
schemelimit.val: "{{ .Values.external }}"

Role and Role binding

It require roles to be created and have permission to watch the configMap. Below is the code snippet which is required.

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: <reader_name>
namespace: <namespace>
rules:
- apiGroups: [""]
resources: ["configmaps", "pods", "services", "endpoints", "secrets"]
verbs: ["get", "list", "watch"]

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store