How to apply patches or any metadata changes in Pods

We have our software deployed on kubenetes as deployments.

Timezone patches for the Operating System are released based on the following conditions and scenarios:

• DST or other time zone policy changes on the respective region.
• or incase of any vulnerability in the existing patches

These files are placed at /usr/share/zoneinfo.
As content of these files are frequently changed.

What should be the best approach to updated these files.
One option is to update image whenever there is the changes in timezone data.

Another is to update the files manually inside pods. but it will be gone once pod restarts.

Please suggest what could be the best way to update.

If the total size of your files does not exceeds 1mo, you can create a configmap with the content of these files, then mount this configmap into your Pods, in the /usr/share/zoneinfo directory.

it can be done easily just by installing k8tz in your cluster.

helm repo add k8tz https://k8tz.github.io/k8tz/
helm install k8tz k8tz/k8tz

by default, k8tz will enforce UTC timezone in all pods created in cluster and will mount the latest tzdb (currently 2022a) to /usr/share/zoneinfo in every pod, regardless of what version installed on the nodes.

you can change the default timezone for the cluster with

helm upgrade k8tz k8tz/k8tz --install --set timezone=Europe/London

or by annotating your namespaces:

kubectl annotate namespace some-namespace k8tz.io/timezone=America/Bogota
kubectl annotate namespace other-namespace k8tz.io/timezone=Europe/Stockholm