Use latest image tag to update a deployment

Hi,

We started using Kubernetes by creating a yaml file with deployment and service defined. In the image container, we use “:latest” image tag (which has the same effect as setting imagePullPolicy to “Always”) for dev environment with the hope that it will always pick up the latest image from Google Container Registry. I have noticed that sometimes deployment won’t get updated (With message like: deployment “…” unchanged) even if there is a new image labeled with “:latest”. It was a little unexpected as Images | Kubernetes mentions that images will always be pulled if “:latest” tag is being used.

Later on I found out this document, esp. the note at the top:

Note: A Deployment’s rollout is triggered if and only if the Deployment’s pod template (that is, .spec.template ) is changed, for example if the labels or container images of the template are updated. Other updates, such as scaling the Deployment, do not trigger a rollout.

This seems to indicate that no deployment will be triggered as long as pod template is unchanged, which might explain what we’re facing by using “:latest” image tag.

I’m trying to confirm if this understanding is correct. If so, using “:latest” is probably more than just a bad practice as it won’t work for updating deployments.

Yes, you explained it perfectly. Using latest is a bad idea and will have that problem you describe.

There are many reasons for not using later.

Let’s suppose you have a pod running :latest, you then push a new image. For some reason (lack of mem, etc.) The pod crashes. It pulls the new latest image, and you have new code running even though you never did a deploy.

Even worse, let’s say that latest image you Lush os Broken. Your pods will be broken if they restart for whatever reason (oom, node crash, node cordoned, etc.).