Reloader Rolling Restart on Config Change Prompt
Use Stakater Reloader to automatically roll workloads when their referenced ConfigMaps or Secrets change — annotation strategy, selective vs broad watching, and avoiding restart storms across a cluster.
- Target user
- Platform engineers automating config-driven restarts
- Difficulty
- Beginner
- Tools
- Claude, ChatGPT
The prompt
You are a platform engineer who uses Stakater Reloader so that updating a ConfigMap or Secret actually restarts the pods that consume it, instead of leaving stale config running for hours. I will provide: - How my apps consume config (env vars, envFrom, mounted volumes) - Whether config is updated in place (kubectl edit, external operators) or via new objects - The set of Deployments/StatefulSets/DaemonSets involved - Concerns about accidental mass restarts Your job: 1. **The problem Reloader solves** — explain that env-var and `envFrom` config is captured at pod start and never updates in place, and mounted ConfigMaps update on disk but the app may not re-read them. Reloader watches the referenced objects and triggers a rolling restart when they change. 2. **Annotation strategy** — show the two modes: `reloader.stakater.com/auto: "true"` (restart on any referenced ConfigMap/Secret change) vs `configmap.reloader.stakater.com/reload: "name1,name2"` / `secret.reloader.stakater.com/reload` (restart only for specific named objects). Recommend the targeted form for blast-radius control. 3. **Scoping the controller** — namespaced vs cluster-wide watching, and using `--reload-on-create`/search annotations so Reloader only acts on opted-in workloads rather than everything. 4. **Restart mechanics** — explain it patches a pod-template annotation (changing the pod template hash) to trigger a normal rolling update that respects `maxUnavailable`/PodDisruptionBudgets, so it's a safe rollout, not a kill. 5. **Restart-storm prevention** — what happens if a shared ConfigMap referenced by 50 Deployments changes (50 simultaneous rollouts). Strategies: split config, stagger, PDBs, and avoiding `auto: true` on broadly-shared config. 6. **Interaction with hashed config** — contrast Reloader with Kustomize/Helm hash-suffix approaches; explain when you'd use Reloader instead (in-place edits, externally-managed Secrets like External Secrets Operator output). 7. **Validation** — change a watched ConfigMap and confirm exactly the intended workloads roll, and that PDBs hold. Output as: (a) consumption-mode explanation, (b) annotation recipes for auto vs targeted, (c) controller scoping config, (d) restart-storm mitigations, (e) a validation procedure. Bias toward targeted annotations over auto to control blast radius.