Spring Cloud Kubernetes ConfigMap reload not working

The Deployment doesn't have serviceAccountName configured so it uses the default service account. The command in the question, however - kubectl create clusterrolebinding ... --serviceaccount=default:minikube... - is for an account named minikube in the default namespace.

Moreover, creating clusterrolebinding may be "too much" when rolebinding for the namespace would work.

With the Deployment being for the default namespace (metadata.namespace: default), this should create a proper rolebinding to grant read-only permission to the default account:

kubectl create rolebinding default-sa-view \  --clusterrole=view \  --serviceaccount=default:default \  --namespace=default

For reference, see Using RBAC Authorization.

Thanks gears for your answer. rolebinding is enough with role view in the namespace for the configmap to be available in container.

I solved the problem with updating dependencies. The Spring boot version with 2.1.8.Release and version of spring could kubernetes 1.1.0.Release didn't work out for me. I suspect to many dependencies added. I cleaned up pom file and that worked well.

Pom.xml

<?xml version="1.0" encoding="UTF-8"?><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">    <modelVersion>4.0.0</modelVersion>    <parent>        <groupId>org.springframework.boot</groupId>        <artifactId>spring-boot-starter-parent</artifactId>        <version>2.2.1.RELEASE</version>        <relativePath/> <!-- lookup parent from repository -->    </parent>    <groupId>com.minikube.sample</groupId>    <artifactId>kubernetes-configmap-reload</artifactId>    <version>0.0.1-SNAPSHOT</version>    <packaging>jar</packaging>    <name>minikube-sample</name>    <description>Demo project for Spring Cloud Kubernetes</description>    <properties>        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>        <java.version>1.8</java.version>    </properties>    <dependencies>        <dependency>            <groupId>org.springframework.boot</groupId>            <artifactId>spring-boot-starter-web</artifactId>        </dependency>        <dependency>            <groupId>org.springframework.boot</groupId>            <artifactId>spring-boot-starter-actuator</artifactId>        </dependency>        <dependency>            <groupId>org.springframework.cloud</groupId>            <artifactId>spring-cloud-starter-kubernetes-config</artifactId>            <version>1.1.0.RELEASE</version>        </dependency>        <dependency>            <groupId>org.projectlombok</groupId>            <artifactId>lombok</artifactId>            <version>1.18.4</version>            <scope>provided</scope>        </dependency>        <dependency>            <groupId>org.springframework.boot</groupId>            <artifactId>spring-boot-starter-test</artifactId>            <scope>test</scope>        </dependency>        <dependency>            <groupId>org.springframework.security</groupId>            <artifactId>spring-security-test</artifactId>            <scope>test</scope>        </dependency>    </dependencies>    <build>        <plugins>            <plugin>                <groupId>org.springframework.boot</groupId>                <artifactId>spring-boot-maven-plugin</artifactId>            </plugin>        </plugins>    </build></project>

You can find repository link here -- https://github.com/ereshzealous/kubernetes-configmap-reload

ThanksEresh

To access ConfigMaps and get Refresh events:

1. see annotations on config properties class@Configuration(proxyBeanMethods = false)see also @RefreshScope on config properties class.

   @Configuration(proxyBeanMethods = false)@ConfigurationProperties(prefix = "bean")@RefreshScopepublic class ClientConfig { private String message = "Default Message from java code - to be overwritten from config"; public String getMessage() {... public void setMessage(String message) {...}

2 Add permissions to access ConfigMaps

kubectl create -f perm.yaml -n <NAMESPACE>

where perm.yaml is:

  kind: Role  apiVersion: rbac.authorization.k8s.io/v1  metadata:    namespace: yldbg    name: namespace-reader  rules:    - apiGroups: ["", "extensions", "apps"]      resources: ["configmaps", "pods", "services", "endpoints", "secrets"]      verbs: ["get", "list", "watch"]  ---  kind: RoleBinding  apiVersion: rbac.authorization.k8s.io/v1  metadata:    name: namespace-reader-binding    namespace: yldbg  subjects:  - kind: ServiceAccount    name: default    apiGroup: ""  roleRef:    kind: Role    name: namespace-reader    apiGroup: ""

• After creating permissions, deploy pods and services.

• when modifying the config map, you will see a refresh event in pod logs

  EventBasedConfigurationChangeDetector - Detected change in config mapsEventBasedConfigurationChangeDetector - Reloading using strategy: REFRESHPropertySourceBootstrapConfiguration - Located property source: [BootstrapPropertySource {name='bootstrapProperties-configmap.client-svc.myns'}]SpringApplication - The following profiles are active: kubernetes

by yl