KUSTOMIZE H ELLO $ OC ADM NEW - PROJECT HCS-C OMPANY \ -- ADMIN - PowerPoint PPT Presentation

KUSTOMIZE

H ELLO … $ OC ADM NEW - PROJECT HCS-C OMPANY \ -- ADMIN ="V INCENT VAN D AM " \ -- DISPLAY - NAME =" JOYREX 2001" \ -- ADMIN - ROLE ="O PEN S OURCE A RCHITECT "

D ELIVERING SOFTWARE D EVELOPED A SERVICE T HINK OF THE INVARIANTS FOR EACH DEPLOYMENT TARGET ( DEV / ACC / PRD ) U SE SOME TEMPLATING SYSTEM ( OPENSHIFT TEMPLATES , HELM ) P OPULATE THESE VARIABLES IN A DELIVERY PIPELINE … AND DEPLOY …

T EMPLATING

P OPULATE IN A PIPELINE stage(”Apply template in dev project") { steps { script { openshift.withCluster() { openshift.withProject("${myproject}") { openshift.apply(openshift.process("-f", template, "-p NAME=${appname}", "-p MEMORY_LIMIT=${mem_limit}", "-p MEMORY_LIMIT_REDIS=${mem_limit_redis}” )) } } } } }

M ANY MOONS LATER … T HE PARAMETERS ARE POPULATED AT VARIOUS PLACES FOR THE DEPLOYMENTS … NEW INSIGHTS , AND A NEW PARAMETER IS REQUIRED , FOR PROD ONLY … C HANGES EVERYWHERE …

T HEN COMES KUSTOMIZE D IFFERENT APPROACH C REATE THE DEPLOYMENT AS REGULAR RESOURCE DEFINITIONS A ND PATCH IT … ... INTEGRATED IN KUBECTL , BUT ALSO AVAILABLE STAND - ALONE

T HEN COMES KUSTOMIZE ├── base │ ├── kustomization.yaml Default – base configuration │ ├── deployment.yaml │ └── service.yaml └── overlays ├── dev Overlays with patches for │ ├── kustomization.yaml each specific environment │ └── patch.yaml ├── prod │ ├── kustomization.yaml │ └── patch.yaml └── staging ├── kustomization.yaml └── patch.yaml

T HEN COMES KUSTOMIZE ├── base │ ├── kustomization.yaml │ ├── deployment.yaml │ └── service.yaml kustomization.yaml commonLabels: app: nginx resources: - deployment.yaml - service.yaml

T HEN COMES KUSTOMIZE ├── base deployment.yaml │ ├── kustomization.yaml │ ├── deployment.yaml apiVersion: apps/v1 │ └── service.yaml kind: Deployment metadata: name: nginx-deployment spec: replicas: 3 selector: matchLabels: app: nginx <<< CUT FOR SIMPLICITY >>>

T HEN COMES KUSTOMIZE ├── base service.yaml │ ├── kustomization.yaml │ ├── deployment.yaml kind: Service │ └── service.yaml apiVersion: v1 metadata: name: nginx-service spec: selector: deployment: nginx type: LoadBalancer ports: <<< CUT FOR SIMPLICITY >>>

T HEN COMES KUSTOMIZE ├── base kustomization.yaml │ ├── kustomization.yaml │ ├── deployment.yaml namespace: myservice-dev │ └── service.yaml └── overlays resources: ├── dev - ../../base │ ├── kustomization.yaml │ └── patch.yaml patches: - patch.yaml

T HEN COMES KUSTOMIZE ├── base patch.yaml │ ├── kustomization.yaml │ ├── deployment.yaml apiVersion: apps/v1 │ └── service.yaml kind: Deployment └── overlays metadata: ├── dev name: nginx-deployment │ ├── kustomization.yaml spec: │ └── patch.yaml replicas: 1

T HEN COMES KUSTOMIZE ├── base kustomization.yaml │ ├── kustomization.yaml │ ├── deployment.yaml namespace: myservice-prod │ └── service.yaml └── overlays resources: ├── dev - ../../base │ ├── kustomization.yaml │ └── patch.yaml patches: ├── prod - patch.yaml │ ├── kustomization.yaml │ └── patch.yaml

T HEN COMES KUSTOMIZE ├── base patch.yaml │ ├── kustomization.yaml │ ├── deployment.yaml apiVersion: apps/v1 │ └── service.yaml kind: Deployment └── overlays metadata: ├── dev name: nginx-deployment │ ├── kustomization.yaml spec: │ └── patch.yaml template: ├── prod spec: │ ├── kustomization.yaml containers: │ └── patch.yaml - name: fluentd image: fluentd:latest

T HEN COMES KUSTOMIZE service1 service2 deploy deploy ├── kustomization.yaml ├── kustomization.yaml ├── deployment.yaml ├── deployment.yaml └── service.yaml └── service.yaml kustomization.yaml namespace: staging resources: - git::ssh://git@mygit.local/service1//deploy - git::ssh://git@mygit.local/service2//deploy

T RANSFORMING AND GENERATING T RANSFORMERS – UPDATE , CHANGE EXISTING RESOURCES ( PATCHING ) G ENERATORS – CREATE RESOURCES

G ENERATORS mysecret.yaml E XAMPLES : secretGenerator: CONFIG M AP G ENERATOR - name: app-tls files: - secret/tls.cert SECRET G ENERATOR - secret/tls.key type: "kubernetes.io/tls"

P LUG INS C USTOM TRANSFORMERS OR GENERATORS , FOR EXAMPLE : C REATING SECRETS WITH CUSTOM ENCRYPTION C USTOM VALIDATORS ( E . G . TEST IF DEFAULT VALUES OVERWRITTEN ) R EWRITING CONFIGURATIONS

P LUG INS C AN BE IMPLEMENTED AS : N ATIVE GO PLUGIN NOT A GOOD IDEA E XEC PLUGIN

E XEC PLUG INS I NSTALL IN WELL KNOW PLACE (~/. CONFIG / KUSTOMIZE / PLUGIN / HCS - COMPANY . COM / EXAMPLE ) D EFINE CONFIG ( GET THIS AS ARGV [1] IN THE PLUGIN ) G ET PROCESSED RESOURCES IN YAML VIA STDIN ( TRANSFORMER ) O UTPUT RESULT TO STDOUT

E XEC PLUG INS myplugin.yaml apiVersion: hcs-company.com/v1 kind: Example C USTOM CONFIG mysecret: - key: username value: WB4HBKtOyfQx4+Ds15====== - key: password value: WB4HBKtOyfQx4+Ds15====== E XAMPLES ( PYTHON ): HTTPS :// GITHUB . COM /A GILICUS / KUSTOMIZE - PLUGINS

W HY KUSTOMIZE ? U SE REGULAR K UBERNETES RESOURCE MANIFEST N O NEED FOR PLANNING UP - FRONT WHAT SETTINGS TO ‘ TEMPLATE ’ A BILITY TO WRITE CUSTOM PLUGINS TO TACKLE SPECIFIC USE CASES P ART OF KUBECTL

FIN!