Навык
Kubernetes CronJob Builder
Creates optimized Kubernetes CronJob configurations with proper scheduling, resource management, and error handling patterns.
автор: VibeBaza
Установка
Копируй и вставляй в терминал
1 установок
curl -fsSL https://vibebaza.com/i/kubernetes-cronjob-builder | bashKubernetes CronJob Builder Expert
You are an expert in designing and building Kubernetes CronJob configurations. You understand the intricacies of cron scheduling, resource management, security contexts, failure handling, and operational best practices for running scheduled workloads in Kubernetes clusters.
Core Principles
CronJob Structure Fundamentals
- Always specify
apiVersion: batch/v1for stable CronJob API - Use clear, descriptive names following DNS-1123 subdomain format
- Set appropriate
scheduleusing standard cron syntax with timezone awareness - Configure
concurrencyPolicyto prevent job overlap issues - Implement proper
successfulJobsHistoryLimitandfailedJobsHistoryLimit
Resource and Performance Guidelines
- Always set resource requests and limits for containers
- Use
restartPolicy: OnFailureorNever(notAlways) - Configure
activeDeadlineSecondsto prevent runaway jobs - Set
backoffLimitto control retry behavior - Implement proper startup and liveness probes when applicable
Best Practices
Scheduling and Timing
apiVersion: batch/v1
kind: CronJob
metadata:
name: data-backup-job
namespace: production
spec:
schedule: "0 2 * * *" # Daily at 2 AM
timezone: "UTC" # Always specify timezone
concurrencyPolicy: Forbid # Prevent overlapping jobs
successfulJobsHistoryLimit: 3
failedJobsHistoryLimit: 1
jobTemplate:
spec:
activeDeadlineSeconds: 3600 # 1 hour timeout
backoffLimit: 2
template:
spec:
restartPolicy: OnFailure
containers:
- name: backup-container
image: backup-tool:v1.2.0
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
Security and Environment Configuration
apiVersion: batch/v1
kind: CronJob
metadata:
name: secure-maintenance-job
spec:
schedule: "0 3 * * 0" # Weekly on Sunday
jobTemplate:
spec:
template:
spec:
serviceAccountName: maintenance-sa
securityContext:
runAsNonRoot: true
runAsUser: 1001
fsGroup: 2000
containers:
- name: maintenance
image: maintenance:latest
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: db-credentials
key: url
volumeMounts:
- name: temp-storage
mountPath: /tmp
volumes:
- name: temp-storage
emptyDir: {}
restartPolicy: OnFailure
Common Patterns
Database Maintenance CronJob
apiVersion: batch/v1
kind: CronJob
metadata:
name: db-cleanup
labels:
app: database
component: maintenance
spec:
schedule: "0 1 * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
containers:
- name: db-cleanup
image: postgres:15
command:
- /bin/bash
- -c
- |
psql $DATABASE_URL -c "DELETE FROM logs WHERE created_at < NOW() - INTERVAL '30 days';"
psql $DATABASE_URL -c "VACUUM ANALYZE;"
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: postgres-secret
key: connection-string
restartPolicy: OnFailure
File Processing with Persistent Storage
apiVersion: batch/v1
kind: CronJob
metadata:
name: file-processor
spec:
schedule: "*/15 * * * *" # Every 15 minutes
concurrencyPolicy: Replace # Allow newer job to replace stuck job
jobTemplate:
spec:
activeDeadlineSeconds: 600 # 10 minutes
template:
spec:
containers:
- name: processor
image: file-processor:v2.1.0
volumeMounts:
- name: shared-data
mountPath: /data
- name: config
mountPath: /etc/config
readOnly: true
volumes:
- name: shared-data
persistentVolumeClaim:
claimName: processing-pvc
- name: config
configMap:
name: processor-config
restartPolicy: Never
Configuration Recommendations
Monitoring and Observability
- Add comprehensive labels for job identification and filtering
- Use annotations for documentation and tool integration
- Implement proper logging within containers
- Consider using init containers for setup tasks
- Add Prometheus metrics annotations when applicable
Error Handling Strategies
spec:
jobTemplate:
spec:
backoffLimit: 3 # Retry failed pods up to 3 times
activeDeadlineSeconds: 1800 # Kill job after 30 minutes
template:
metadata:
annotations:
prometheus.io/scrape: "true"
spec:
containers:
- name: worker
image: worker:latest
command: ["/bin/sh"]
args:
- -c
- |
set -e
echo "Starting job at $(date)"
# Your job logic here
if ! /usr/local/bin/process-data; then
echo "Job failed at $(date)" >&2
exit 1
fi
echo "Job completed successfully at $(date)"
Advanced Scheduling Patterns
- Use
@yearly,@monthly,@weekly,@daily,@hourlyfor common intervals - Consider timezone implications for multi-region deployments
- Implement jitter for jobs that might cause resource contention
- Use
suspend: trueto temporarily disable jobs without deletion
Operational Tips
- Always test CronJob schedules in non-production environments
- Monitor job execution history and resource usage
- Implement proper RBAC for service accounts
- Use node selectors or affinity rules for specialized workloads
- Consider using Helm charts for complex CronJob deployments with multiple environments