kustomize允许为多种目的定制(overlay)原始YAML文件,且保持原始(base)的YAML不变并保持可用性。
介绍
使用场景:
- kustomize 特别适合用于 gitops 工作流中
安装
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash
ubuntu
snap install kustomize
Mac
brew install kustomize
其他
kustomize 命令也可以使用 kubectl 替代
kubectl apply -k
kubectl apply -f ./k8s/base/
help
$ kustomize --help
Manages declarative configuration of Kubernetes.
See https://sigs.k8s.io/kustomize
Usage:
kustomize [command]
Available Commands:
build Build a kustomization target from a directory or URL.
cfg Commands for reading and writing configuration.
completion Generate shell completion script
create Create a new kustomization in the current directory
edit Edits a kustomization file
fn Commands for running functions against configuration.
help Help about any command
version Prints the kustomize version
Flags:
-h, --help help for kustomize
--stack-trace print a stack-trace on error
Additional help topics:
kustomize docs-fn [Alpha] Documentation for developing and invoking Configuration Functions.
kustomize docs-fn-spec [Alpha] Documentation for Configuration Functions Specification.
kustomize docs-io-annotations [Alpha] Documentation for annotations used by io.
kustomize docs-merge [Alpha] Documentation for merging Resources (2-way merge).
kustomize docs-merge3 [Alpha] Documentation for merging Resources (3-way merge).
kustomize tutorials-command-basics [Alpha] Tutorials for using basic config commands.
kustomize tutorials-function-basics [Alpha] Tutorials for using functions.
Use "kustomize [command] --help" for more information about a command.
使用说明
目录结构
~/someApp
├── README.md
├── base # 基本的配置
│ ├── deployment.yaml
│ ├── kustomization.yaml # 入口文件
│ └── service.yaml
└── overlays # 不同环境的配置
├── staging
├── development
│ ├── cpu_count.yaml
│ ├── kustomization.yaml
│ └── replica_count.yaml
└── production
├── cpu_count.yaml
├── kustomization.yaml
└── replica_count.yaml
kustomization.yaml
示例文件
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
metadata:
name: arbitrary
commonLabels:
app: hello
commonAnnotations:
app.kb.cx/inject: hello
resources:
- deployment.yaml
- service.yaml
- configMap.yaml
configMapGenerator:
- files:
- controller_manager_config.yaml
name: manager-config
patchesStrategicMerge:
- xxx-cm-patch.yaml
images:
- name: nginx
newName: nginx
newTag: 1.5.1
说明:
namespace 为所有资源添加 namespaceresources 是 k8s 资源的位置,可以是一个文件或文件夹,读取的时候会按照顺序读取
- 路径可以是相对路径也可以是绝对路径,相对路径是相对于
kustomization.yaml 的路径
crds 和 resources 类似,只是 crds 是自定义资源images 修改镜像的名称、tag 或 image digest ,而无需使用 patchesreplicas 资源副本数namePrefix 为所有资源和引用的名称添加前缀nameSuffix 为所有资源和引用的名称添加后缀patches 在资源上添加或覆盖字段,kustomization 使用 patches 字段来提供该功能
patchesJson6902 列表中的每个条目都应可以解析为 kubernetes 对象和将应用于该对象的 JSON patchpatchesStrategicMerge 使用 strategic merge patch 标准 Patch resources
vars 类似指定变量commonAnnotations 为所有资源加上 annotations 如果对应的 key 已经存在值,该值将会被覆 commonLabelscommonLabels 为所有资源的加上 label 和 label selectorconfigMapGenerator 可以生成 configmap,列表中的每一条都会生成一个 configmapsecretGenerator 用于生成 secret 资源generatorOptions 用于控制 configMapGenerator 和 secretGenerator 的行为
修改镜像
通过 kustomization.yaml 文件的 images 字段更新镜像
$ cat << EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
selector:
matchLabels:
run: my-nginx
replicas: 2
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: abc
ports:
- containerPort: 80
EOF
$ cat << EOF > ./kustomization.yaml
resources:
- deployment.yaml
images:
- name: abc
newName: nginx
newTag: 1.5.1
EOF
kustomize edit set image abc=nginx:1.5.1
# 更多帮助
kustomize edit set image [flags]
The command
set image postgres=eu.gcr.io/my-project/postgres:latest my-app=my-registry/my-app@sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3
will add
images:
- name: postgres
newName: eu.gcr.io/my-project/postgres
newTag: latest
- digest: sha256:24a0c4b4a4c0eb97a1aabb8e29f18e917d05abfe1b7a7c07857230879ce7d3d3
name: my-app
newName: my-registry/my-app
kustomize init
删除对象
$ cat kustomization.yaml
bases:
- ...
patchesStrategicMerge:
- remove-svc.yaml
$ cat remove-svc.yaml
kind: Service
apiVersion: v1
metadata:
name: flaskapp
$patch: delete
删除字段
$ cat kustomization.yaml:
bases:
- ...
patchesStrategicMerge:
- remove-field.yaml
$ cat remove-field.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: abc
spec:
replicas: 1
template:
spec:
containers:
- name: abc
image: alpine
env:
- name: CONFIG
$patch: delete
replace
apiVersion: apps/v1
kind: Deployment
metadata:
name: simple-deployment
spec:
selector:
matchLabels:
$patch: replace
tier: api
app: simple-deployment
# replace array
apiVersion: apps/v1
kind: Deployment
metadata:
name: simple-deployment
spec:
template:
spec:
containers:
- name: simple-app
env:
- $patch: replace
- name: my_replaced_key
value: My new patched value
- name: my_patched_key
value: "true"
Inline Patch
$ cat << EOF > kustomization.yaml
resources:
- ../base
patchesStrategicMerge:
- |-
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy
spec:
template:
spec:
containers:
- name: nginx
image: nginx:latest
# containers:
# - name: nginx
# $patch: delete
EOF
从文件生成 configMap
cat <<EOF >$DEMO_HOME/base/common.properties
color=blue
height=10m
EOF
cat <<EOF >$DEMO_HOME/base/kustomization.yaml
configMapGenerator:
- name: my-configmap
files:
- common.properties
EOF
patchesJson6902 示例
patchesJson6902:
- target:
version: v1
group: monitoring.googleapis.com
kind: ClusterRules
name: pods
patch: |-
- op: replace
path: /spec/groups/0/rules/0/for
value: 15m
- op: replace
path:/spec/groups/0/rules/1/for
value: 15m
build 示例
# Build the current working directory
kustomize build
# Build some shared configuration directory
kustomize build /home/config/production
# Build from github
kustomize build https://github.com/kubernetes-sigs/kustomize.git/examples/helloWorld?ref=v1.0.6
更多配置参考:https://kubectl.docs.kubernetes.io/zh/guides/
其他