Since a deployment manages the ReplicaSet, which is, in turn, managing the Pods, the deployment manifest is very similar to the ReplicaSet manifest. The only difference is that the deployment manifest has deployment-specific fields and objects, for example, the strategy
object.
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kyma
spec:
replicas: 3
selector:
matchLabels:
app: hello-kyma
template: # Pod template
metadata:
labels:
app: hello-kyma
spec:
containers:
- name: hello-kyma
image: ghcr.io/sap-samples/kyma-runtime-learning-journey/hello-kyma:1.0.0
ports:
- containerPort: 8080
Copy codeThis example shows a deployment manifest with the name hello-kyma
.
The deployment has three replicas and the pod template has the labelapp: hello-kyma
. The pod template has a container with the namehello-kyma
and the image hello-kyma:1.0.0
from the GitHub Container Registry (ghcr.io). The container exposes the port: 8080
Let's have a look at the deployment manifest spec
section in detail:.
The deployment spec section in detail
Field | Description | Required | Possible values |
---|
replicas | The number of replicas of the application | Yes | Integer |
selector | The selector to identify the pods managed by the deployment | Yes | At least a subset of the labels defined in the pod template |
template | The template used to create the pods managed by the deployment | Yes | Labels and pod manifest |
If you want to pull the image from a private registry, you can do so by providing the credentials in the deployment manifest to spec.template.spec
:
...
spec:
...
template:
...
spec:
imagePullSecrets:
- name: myregistrykey
containers:
- name: hello-kyma
image: ghcr.io/sap-samples/kyma-runtime-learning-journey/hello-kyma:1.0.0
ports:
- containerPort: 8080
Copy codeWe cover secrets later in this course.
Concerning the containers
object in the manifest, the following attributes are recommended:
Recommended attributes in the containers object
Field | Description | Required | Possible values |
---|
name | The name of the container | Yes | String |
image | The image of the container | Yes | String |
resources | The resources of the container | No | Resource requirements |
ImagePullPolicy | The image pull policy | No | Always , IfNotPresent , Never |
ports | The ports of the container | No | Container ports |
The ImagePullPolicy
is set to IfNotPresent
by default. This means that the image is pulled only if it is not present locally on the cluster node. If you want to pull the image always, you can set the ImagePullPolicy
to Always
.
NoteIf you specify an image with the latest
tag and you or the system creates a new pod, Kubernetes always downloads the most recent latest
version. This can lead to unexpected behavior, since other pods can still use the old image. Therefore, it is recommended to use a specific version of the image, for example, 'hello-kyma:1.0.0'.
So, a good manifest might look like this:
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kyma
labels:
app.kubernetes.io/name: hello-kyma
spec:
replicas: 3
selector:
matchLabels:
app: hello-kyma
template:
metadata:
labels:
app: hello-kyma
spec:
imagePullSecrets: [ ] # optional
containers:
- name: hello-kyma
image: 'ghcr.io/sap-samples/kyma-runtime-learning-journey/hello-kyma:1.0.0'
resources:
requests:
memory: 64Mi # 64MiB (2^26 bytes)
cpu: 50m # 50 millicores (1/20th of a core), 500m = 0.5 cores
limits:
memory: 128Mi
cpu: 100m # 100 millicores (1/10th of a core), 1000m = 1 core
ports:
- containerPort: 8080
Copy codeFor all other fields, please refer to the official documentation.