Execute command/script in selected Kubernetes pod. This is useful to define CronJobs to run something in existing container.
Standard way of working with CronJob implies running a new container instance and executing a command different from the one running in an existing pod. However, sometimes it isn't possible to share the resources between the two containers. For example, triggering a periodic database cleanup may not work if the persistent volume where the database is stored can't be created with ReadWriteMany AccessMode.
- Create CronJob manifest
scheduled-task.yaml
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: pods-list-exec
rules:
- apiGroups: [""]
resources: ["pods", "pods/log"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["get", "create"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: scheduled-task
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: scheduled-task-pods-list-exec
namespace: media
subjects:
- kind: ServiceAccount
name: scheduled-task
namespace: default
roleRef:
kind: ClusterRole
name: pods-list-exec
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: scheduled-task
namespace: media
spec:
schedule: "0 */6 * * *"
successfulJobsHistoryLimit: 3
failedJobsHistoryLimit: 1
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
containers:
- name: scheduled-task
image: buvis/kube-exec:latest
env:
- name: NAMESPACE
value: default
- name: LABEL
value: "app.kubernetes.io/name=example"
- name: COMMAND
value: "/some-script.sh"
serviceAccountName: scheduled-task
restartPolicy: OnFailure- Create kubernetes CronJob resource:
kubectl apply -f scheduled-task.yaml