Kubernetes: Error kubectl edit deployment

Question

I'm trying to edit deployment in kubernetes by:

kubectl -n <namespace> edit deployment <depolyment_name>.

after entering the command, vi windows for editing appears, then I make some changes for example in the command section or in volumeMounts section.

but I get the following error:

A copy of your changes has been stored to "/tmp/kubectl-edit-hv5dh.yaml"
error: map: map[] does not contain declared merge key: name

someone can help with it?

attached the edit deployment file of apiserver:

kubectl -n federation-system edit deployment apiserver

(codes between ** ** are the lines i added)

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
    federation.alpha.kubernetes.io/federation-name: fed
  creationTimestamp: 2018-04-01T13:26:40Z
  generation: 1
  labels:
    app: federated-cluster
  name: apiserver
  namespace: federation-system
  resourceVersion: "393140"
  selfLink: /apis/extensions/v1beta1/namespaces/federation-system/deployments/apiserver
  uid: <uid>
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: federated-cluster
      module: federation-apiserver
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      annotations:
        federation.alpha.kubernetes.io/federation-name: fed
      creationTimestamp: null
      labels:
        app: federated-cluster
        module: federation-apiserver
      name: apiserver
    spec:
      containers:
      - command:
        - /fcp
        - federation-apiserver
        - --admission-control=NamespaceLifecycle
        - --advertise-address=<master-ip>
        - --bind-address=0.0.0.0
        - --client-ca-file=/etc/federation/apiserver/ca.crt
        - --etcd-servers=http://localhost:2379
        - --secure-port=8443
        - --tls-cert-file=/etc/federation/apiserver/server.crt
        - --tls-private-key-file=/etc/federation/apiserver/server.key
        **- --enable-admission-plugins=SchedulingPolicy
        - --admission-control-config-file=/etc/kubernetes/admission/config.yml**
        image: gcr.io/k8s-jkns-e2e-gce-federation/fcp-amd64:v1.9.0-alpha.3
        imagePullPolicy: IfNotPresent
        name: apiserver
        ports:
        - containerPort: 8443
          name: https
          protocol: TCP
        - containerPort: 8080
          name: local
          protocol: TCP
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /etc/federation/apiserver
          name: apiserver-credentials
          readOnly: true
        **volumeMounts:
        - mountPath: /etc/kubernetes/admission
          name: admission-config**
      - command:
        - /usr/local/bin/etcd
        - --data-dir
        - /var/etcd/data
        image: gcr.io/google_containers/etcd:3.1.10
        imagePullPolicy: IfNotPresent
        name: etcd
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      imagePullSecrets:
      - {}
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
      - name: apiserver-credentials
        secret:
          defaultMode: 420
          secretName: apiserver-credentials
      **- name: admission-config
        configMap:
          name: admission**
status:
  availableReplicas: 1
  conditions:
  - lastTransitionTime: 2018-04-01T13:26:40Z
    lastUpdateTime: 2018-04-01T13:26:40Z
    message: Deployment has minimum availability.
    reason: MinimumReplicasAvailable
    status: "True"
    type: Available
  - lastTransitionTime: 2018-04-01T13:26:40Z
    lastUpdateTime: 2018-04-01T13:27:20Z
    message: ReplicaSet "apiserver-8484fd45f8" has successfully progressed.
    reason: NewReplicaSetAvailable
    status: "True"
    type: Progressing
  observedGeneration: 1
  readyReplicas: 1
  replicas: 1
  updatedReplicas: 1

it's happened after I created configMap file:

kubectl create -f scheduling-policy-admission.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: admission
  namespace: federation-system
data:
  config.yml: |
    apiVersion: apiserver.k8s.io/v1alpha1
    kind: AdmissionConfiguration
    plugins:
    - name: SchedulingPolicy
      path: /etc/kubernetes/admission/scheduling-policy-config.yml
  scheduling-policy-config.yml: |
    kubeconfig: /etc/kubernetes/admission/opa-kubeconfig
  opa-kubeconfig: |
    clusters:
      - name: opa-api
        cluster:
          server: http://opa.federation-system.svc.cluster.local:8181/v0/data/kubernetes/placement
    users:
      - name: scheduling-policy
        user:
          token: deadbeefsecret
    contexts:
      - name: default
        context:
          cluster: opa-api
          user: scheduling-policy
    current-context: default

I'm trying to configure Admission Controller in the Federation API.

Thanks,

Answer 1

  dnsPolicy: ClusterFirst
  # DELETE imagePullSecrets:
  # DELETE - {}
  restartPolicy: Always

I would strongly recommend removing that imagePullSecrets block. Since those objects have a mergeKey of name, but that object has no name, it would very easily cause the error you are experiencing. If the YAML was given to your editor in that condition, then I am almost certain that is a kubernetes bug: it should always(?) allow round-tripping YAML via kubectl edit, if for no other reason than this situation right here.