Managing Kubernetes manifests with Spruce

Slide 1

Slide 1 text

Managing Kubernetes manifests with Spruce Kubernetes Meetup Tokyo #2 Moto Ishizawa @summerwind

Slide 2

Slide 2 text

Who’s this guy? • Moto Ishizawa (@summerwind) • Software Engineer @ Z Lab • Kubernetes, Kafka, HTTP/2, Go…

Slide 3

Slide 3 text

We are hiring! We are building a large scale infrastructure with Kubernetes! https://zlab.co.jp

Slide 4

Slide 4 text

What is Kubernetes manifest? • The definition of Kubernetes resource • Generally written as YAML file • Deployment, Service, DaemonSet, Namespace, ConfigMap… • Used to create a resource on the Kubernetes via kubectl • kubectl create -f manifest.yaml • There are so many examples in the Kubernetes repos • https://github.com/kubernetes/kubernetes/tree/master/examples

Slide 5

Slide 5 text

What is Kubernetes manifest? apiVersion: extensions/v1beta1 kind: Deployment metadata: name: frontend spec: replicas: 3 template: metadata: labels: app: guestbook tier: frontend spec: containers: - name: php-redis image: gcr.io/google-samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 80

Slide 6

Slide 6 text

What is Spruce? • Spruce is a domain-specific YAML merging tool • It has been developed to generate the BOSH manifest • However, it can also be used in any YAML file ! • It's a single binary, written in Go • https://github.com/geoﬀfranks/spruce

Slide 7

Slide 7 text

What is Spruce?

Slide 8

Slide 8 text

Basic usage of Spruce $ cat a.yaml prompt: color: white message: Hello! $ cat b.yaml prompt: message: Hello, Kube! $ spruce merge a.yaml b.yaml c.yaml prompt: color: white # From a.yaml debug: true # From c.yaml message: Hello, Kube! # From b.yaml Let's merge multiple YAML files! $ cat c.yaml prompt: debug: true

Slide 9

Slide 9 text

Accessing the environment variables $ cat config.yaml config: debug: (( grab $DEBUG_MODE || true )) environment: (( grab $ENV_NAME )) log: (( grab $LOG_LEVEL || "info" )) $ spruce merge config.yaml config: debug: true environment: dev log: error When you use the "grab" keyword, Spruce will try to pull the environment variable. $ export ENV_NAME=dev $ export LOG_LEVEL=error

Slide 10

Slide 10 text

Accessing the secrets of Vault $ cat secret.yaml key: (( vault "/secret/spruce:key" )) secret: (( vault "/secret/spruce:secret" )) $ spruce merge secret.yaml key: ca978112ca1bbdcafa secret: 72b9807785afee48bb Spruce can also pull the secrets from Vault. $ export VAULT_ADDR="https://vault:8200" $ export VAULT_TOKEN="4da786eff81"

Slide 11

Slide 11 text

Managing Kubernetes manifest with Spruce • We usually use the multiple environments • Production, Staging, Testing, Development... • Use multiple manifests for each environment • Merge the base manifest and the environment-specific manifest when creating a resource • It is inspired by Ruby on Rails

Slide 12

Slide 12 text

Managing Kubernetes manifest with Spruce # cat guestbook.yaml apiVersion: extensions/v1beta1 kind: Deployment spec: replicas: 3 template: metadata: labels: app: guestbook spec: containers: - name: php-redis image: gcr.io/google-samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 Define the base manifest first…

Slide 13

Slide 13 text

Managing Kubernetes manifest with Spruce # cat dev.yaml spec: replicas: 1 # Use only one pod template: metadata: labels: env: dev # Add label "env" spec: containers: - name: php-redis resources: requests: cpu: 50m # Reduce CPU resource memory: 50Mi # Reduce memory resource And define the environment-specific manifest.

Slide 14

Slide 14 text

Managing Kubernetes manifest with Spruce # spruce merge guestbook.yaml dev.yaml apiVersion: extensions/v1beta1 kind: Deployment spec: replicas: 1 template: metadata: labels: app: guestbook env: dev spec: containers: - image: gcr.io/google-samples/gb-frontend:v4 name: php-redis ports: - containerPort: 80 resources: requests: cpu: 50m memory: 50Mi When you create a resource, let's merge both the manifest.

Slide 15

Slide 15 text

Conclusion • Kubernetes Manifest is the definition of the Kubernetes Resource • Spruce is a easy and flexible YAML merging tool • Spruce will simplify the management of Kubernetes Manifest

Slide 16

Slide 16 text

Thanks!