This article explores the kubectl apply command, its internal workings, and how it manages Kubernetes object configurations declaratively.
In this article, we explore how the kubectl apply command works and what happens internally during its execution. Using kubectl apply for declarative management of Kubernetes objects is common practice, and here we dive into details such as configuration comparisons and update processing.
When you run the kubectl apply command, it compares three sources:
The local configuration file (e.g., nginx.yaml).
The live object configuration stored on the Kubernetes cluster.
The last applied configuration stored as an annotation on the live object.
If the object does not exist, Kubernetes creates it based on your local configuration. During creation, Kubernetes internally adds additional fields to monitor the object’s status. Notice that the YAML configuration is converted to JSON and stored as the “last applied configuration” in an annotation. This information is used during subsequent updates to identify any differences.
When the local configuration is changed (for example, updating the image version), kubectl apply performs a three-way merge using the local file, live configuration, and the last applied configuration.
For instance, if you update the image version from 1.18 to 1.19 in your local file:
kubectl compares the three configurations. If differences are detected—such as the updated image version—the live object is updated and the annotation storing the last applied configuration is refreshed.
The last applied configuration annotation is crucial when fields are removed from your local configuration. For example, if you remove the “type” label:
kubectl notices that the “type” label, which existed in the last applied configuration, is now absent locally. As a result, it removes this field from the live configuration.
When kubectl apply is executed for the first time, the YAML configuration is converted to JSON and stored as an annotation under the key kubectl.kubernetes.io/last-applied-configuration. The following snippet shows an example of a live object with this annotation:
This annotation is the key to performing a three-way merge in future apply operations. The process compares:
The local file.
The live object configuration.
The last applied configuration.
This comparison ensures that Kubernetes makes precise updates. It’s important to note that mixing imperative commands (like kubectl create or kubectl replace) with declarative ones can lead to inconsistencies, as only kubectl apply stores the last applied configuration.
Creates the object and stores the configuration as an annotation
kubectl apply -f nginx.yaml
Update Configuration
Modifies the object by comparing local, live, and last applied configuration
kubectl apply -f nginx.yaml
Remove a Field
Deletes a field from live configuration when it is removed locally
kubectl apply -f nginx.yaml
Avoid mixing imperative commands with declarative approaches. Imperative actions like kubectl create or kubectl replace will not record the last applied configuration and may lead to inconsistencies when using kubectl apply.
Understanding how kubectl apply processes local configurations, the live state of Kubernetes objects, and the last applied configuration annotation is crucial for managing resources declaratively. For more comprehensive information, please refer to the Kubernetes documentation.Thank you for reading this guide on the kubectl apply command. Happy deploying!
