When we first build a solution and deploy it into Kubernetes, we’re likely using the latest versions of everything, ensuring our dependencies are up-to-date, and all software is fully patched.
But what happens when the software has been running for a while? It’s easy to change a version number, but how do we know a new version has been released? How do we patch it across the entire cluster before attackers use published vulnerabilities to attack our cluster?
And how do we keep up with these new image versions across a fleet of microservices for software we didn’t build?
This Shoreline automation Op Pack continuously monitors public and your private registry for new image versions. When one is found, the deployment, StatefulSet, or DaemonSet is patched with the new image version. Then Shoreline kicks off a rolling restart of the application. If the pods crash or the image pull fails, Shoreline instantly restores to the original version and raises an alert. As the user clicks through to a Shoreline Runbook, they can experiment with the new image version, run integration tests, and determine the root cause of the upgrade failure.