Learnitweb

What Happens if You Run a Rolling Deploy with a Bad Config?

In Kubernetes, a Rolling Update is the default deployment strategy used to update applications without downtime. However, if the update includes a bad configuration—such as an incorrect environment variable, bad image, broken readiness probe, or wrong secret—it can partially or completely break your application.

1. What Is a Rolling Deployment?

A Rolling Deployment in Kubernetes updates Pods incrementally:

  • It creates new Pods with the updated config/image.
  • Once a new Pod becomes Ready, an old Pod is terminated.
  • This continues until all Pods are replaced.

It ensures zero downtime—but only when the update is successful.

Example command:

kubectl apply -f deployment.yaml

or:

kubectl set image deployment/myapp myapp=myimage:v2

2. What Is a “Bad Config”?

A bad configuration can mean:

  • Typo in environment variables
  • Invalid container image
  • Unreachable external dependency
  • Bad secret or config map mount
  • Broken readiness/liveness probes
  • Port mismatch or missing dependencies
  • CrashLoopBackOff on start

These cause the updated pods to fail or hang during the rollout.

3. What Happens During a Rolling Deploy with a Bad Config?

1. New Pods Start Getting Created

Kubernetes begins rolling out the new version by creating a new pod with the bad config.

kubectl rollout status deployment my-deploy

You’ll see:

Waiting for deployment "my-deploy" rollout to finish: 1 out of 3 new replicas have been updated...

2. New Pods Fail

The new Pod may:

  • Crash (state: CrashLoopBackOff)
  • Hang (stuck in ContainerCreating)
  • Stay unready (failing readiness probe)
  • Log errors due to misconfig or missing secrets

Kubernetes does not proceed to terminate the old Pod until the new Pod becomes Ready.

3. Rollout Halts

If readiness probe never passes, the rolling update is paused.

You can confirm with:

kubectl rollout status deployment my-deploy

Output:

deployment "my-deploy" exceeded its progress deadline

Or describe the deployment:

kubectl describe deployment my-deploy

Look for:

ProgressDeadlineExceeded

4. Service Keeps Sending Traffic to Old Pods

As long as old pods are running and ready, traffic continues to be served.

But the rollout is stuck in-progress.