Kustomize 介绍

kustomize 允许为多种目的定制(overlay)原始 YAML 文件，且保持原始(base)的 YAML 不变并保持可用性。

介绍

使用场景：

kustomize 特别适合用于 gitops 工作流中

安装

curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash

ubuntu

snap install kustomize

Mac

brew install kustomize

其他

kustomize 命令也可以使用 kubectl 替代

kubectl apply -k
kubectl apply -f ./k8s/base/

help

kustomize--help ↕

$ kustomize --help

Manages declarative configuration of Kubernetes.
See https://sigs.k8s.io/kustomize

Usage:
  kustomize [command]

Available Commands:
  build                     Build a kustomization target from a directory or URL.
  cfg                       Commands for reading and writing configuration.
  completion                Generate shell completion script
  create                    Create a new kustomization in the current directory
  edit                      Edits a kustomization file
  fn                        Commands for running functions against configuration.
  help                      Help about any command
  version                   Prints the kustomize version

Flags:
  -h, --help          help for kustomize
      --stack-trace   print a stack-trace on error

Additional help topics:
  kustomize docs-fn                   [Alpha] Documentation for developing and invoking Configuration Functions.
  kustomize docs-fn-spec              [Alpha] Documentation for Configuration Functions Specification.
  kustomize docs-io-annotations       [Alpha] Documentation for annotations used by io.
  kustomize docs-merge                [Alpha] Documentation for merging Resources (2-way merge).
  kustomize docs-merge3               [Alpha] Documentation for merging Resources (3-way merge).
  kustomize tutorials-command-basics  [Alpha] Tutorials for using basic config commands.
  kustomize tutorials-function-basics [Alpha] Tutorials for using functions.

Use "kustomize [command] --help" for more information about a command.

使用说明

目录结构

~/someApp
├── README.md
├── base  # 基本的配置
│   ├── deployment.yaml
│   ├── kustomization.yaml  # 入口文件
│   └── service.yaml
└── overlays  # 不同环境的配置
    ├── staging
    ├── development
    │   ├── cpu_count.yaml
    │   ├── kustomization.yaml
    │   └── replica_count.yaml
    └── production
        ├── cpu_count.yaml
        ├── kustomization.yaml
        └── replica_count.yaml

kustomization.yaml

示例文件

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
metadata:
  name: arbitrary

commonLabels:
  app: hello

commonAnnotations:
  app.kb.cx/inject: hello

resources:
- deployment.yaml
- service.yaml
- configMap.yaml

configMapGenerator:
- files:
  - controller_manager_config.yaml
  name: manager-config

patchesStrategicMerge:
- xxx-cm-patch.yaml

images:
- name: nginx
  newName: nginx
  newTag: 1.5.1

说明：

namespace 为所有资源添加 namespace
resources 是 k8s 资源的位置，可以是一个文件或文件夹，读取的时候会按照顺序读取
- 路径可以是相对路径也可以是绝对路径，相对路径是相对于 kustomization.yaml 的路径
crds 和 resources 类似，只是 crds 是自定义资源
images 修改镜像的名称、tag 或 image digest ，而无需使用 patches
replicas 资源副本数
namePrefix 为所有资源和引用的名称添加前缀
nameSuffix 为所有资源和引用的名称添加后缀
patches 在资源上添加或覆盖字段，kustomization 使用 patches 字段来提供该功能
- 参考
patchesJson6902 列表中的每个条目都应可以解析为 kubernetes 对象和将应用于该对象的 JSON patch
patchesStrategicMerge 使用 strategic merge patch 标准 Patch resources
- 标记为已废弃
vars 类似指定变量
commonAnnotations 为所有资源加上 annotations 如果对应的 key 已经存在值，该值将会被覆 commonLabels
commonLabels 为所有资源的加上 label 和 label selector
configMapGenerator 可以生成 configmap，列表中的每一条都会生成一个 configmap
secretGenerator 用于生成 secret 资源
generatorOptions 用于控制 configMapGenerator 和 secretGenerator 的行为

修改镜像

通过 kustomization.yaml 文件的 images 字段更新镜像

$ cat << EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  selector:
    matchLabels:
      run: my-nginx
  replicas: 2
  template:
    metadata:
      labels:
        run: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: abc
        ports:
        - containerPort: 80
EOF

$ cat << EOF > ./kustomization.yaml
resources:
- deployment.yaml
images:
- name: abc
  newName: nginx
  newTag: 1.5.1
EOF

kustomize 设置 image 镜像命令

kustomize edit set image abc=nginx:1.5.1

# 更多帮助
kustomize edit set image [flags]

The command
  set image postgres=eu.gcr.io/my-project/postgres:latest my-app=my-registry/my-app@sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3
will add

images:
- name: postgres
  newName: eu.gcr.io/my-project/postgres
  newTag: latest
- digest: sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3
  name: my-app
  newName: my-registry/my-app

初始化 kustomization.yaml

kustomize init

删除对象

$ cat kustomization.yaml
bases:
- ...
patchesStrategicMerge:
- remove-svc.yaml

$ cat remove-svc.yaml
kind: Service
apiVersion: v1
metadata:
  name: flaskapp
$patch: delete

删除字段

$ cat kustomization.yaml：
bases:
- ...
patchesStrategicMerge:
- remove-field.yaml

$ cat remove-field.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: abc
spec:
  replicas: 1
  template:
    spec:
      containers:
        - name: abc
          image: alpine
          env:
          - name: CONFIG
            $patch: delete

replace

apiVersion: apps/v1
kind: Deployment
metadata:
  name: simple-deployment
spec:
  selector:
    matchLabels:
      $patch: replace
      tier: api
      app: simple-deployment

# replace array
apiVersion: apps/v1
kind: Deployment
metadata:
  name: simple-deployment
spec:
  template:
    spec:
      containers:
      - name: simple-app
        env:
        - $patch: replace
        - name: my_replaced_key
          value: My new patched value
        - name: my_patched_key
          value: "true"

Inline Patch

$ cat << EOF > kustomization.yaml
resources:
- ../base

patchesStrategicMerge:
- |-
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: deploy
  spec:
    template:
      spec:
        containers:
        - name: nginx
          image: nginx:latest
        # containers:
        # - name: nginx
        #   $patch: delete
EOF

从文件生成 configMap

cat <<EOF >$DEMO_HOME/base/common.properties
color=blue
height=10m
EOF

cat <<EOF >$DEMO_HOME/base/kustomization.yaml
configMapGenerator:
- name: my-configmap
  files:
  - common.properties
EOF

patchesJson6902 示例

patchesJson6902:
- target:
    version: v1
    group: monitoring.googleapis.com
    kind: ClusterRules
    name: pods
  patch: |-
    - op: replace
      path: /spec/groups/0/rules/0/for
      value: 15m
    - op: replace
      path:/spec/groups/0/rules/1/for
      value: 15m

build 示例

# Build the current working directory
  kustomize build

# Build some shared configuration directory
  kustomize build /home/config/production

# Build from github
  kustomize build https://github.com/kubernetes-sigs/kustomize.git/examples/helloWorld?ref=v1.0.6

更多配置参考：https://kubectl.docs.kubernetes.io/zh/guides/

helm to kustomize

方法一：使用 Kustomize 内置的 Helm 支持（推荐）

这种方法不需要你把 Chart 彻底翻译成静态 YAML，而是让 Kustomize 在构建时动态去渲染 Helm Chart。你依然保留 Helm Chart 的引用和 values.yaml。

前提： 你的机器上需要安装 helm 命令。

    
    text
  
my-project/
├── kustomization.yaml
└── values.yaml       # 你的自定义 values 配置

编写 kustomization.yaml

使用 helmCharts 字段。Kustomize 会在后台运行 helm template。

    
      
      
    
    yaml
  
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

helmCharts:
  - name: my-chart-name # Chart 名称
    repo: https://charts.bitnami.com/bitnami # Chart 仓库地址 (如果是本地 Chart，这里可以省略，改用 home 字段)
    version: 1.2.3 # Chart 版本
    releaseName: my-release # Helm Release 名称
    namespace: my-namespace
    includeCRDs: true # 是否包含 CRD
    # 关键点：引用本地的 values.yaml
    valuesFile: values.yaml
    # 或者直接在这里写覆盖值（可选）
    # valuesInline:
    #   replicaCount: 3

生成 YAML

运行以下命令查看生成的结果：

bash

kustomize build --enable-helm .

注意：必须加上 --enable-helm 参数。

方法二：使用 helm template 静态转换（彻底脱离 Helm）

helm show values bitnami/nginx> values.yaml

# 语法：helm template [RELEASE_NAME] [CHART] -f [VALUES_FILE] > [OUTPUT_FILE]
helm template my-release bitnami/nginx -f values.yaml --namespace my-namespace > all-in-one.yaml

kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - all-in-one.yaml

其他

argoproj-deployments

介绍

安装