Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Managing Kubernetes manifests with Spruce

Managing Kubernetes manifests with Spruce

Kubernetes Meetup Tokyo #2

Moto Ishizawa

June 20, 2016
Tweet

More Decks by Moto Ishizawa

Other Decks in Technology

Transcript

  1. What is Kubernetes manifest? • The definition of Kubernetes resource

    • Generally written as YAML file • Deployment, Service, DaemonSet, Namespace, ConfigMap… • Used to create a resource on the Kubernetes via kubectl • kubectl create -f manifest.yaml • There are so many examples in the Kubernetes repos • https://github.com/kubernetes/kubernetes/tree/master/examples
  2. What is Kubernetes manifest? apiVersion: extensions/v1beta1 kind: Deployment metadata: name:

    frontend spec: replicas: 3 template: metadata: labels: app: guestbook tier: frontend spec: containers: - name: php-redis image: gcr.io/google-samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 80
  3. What is Spruce? • Spruce is a domain-specific YAML merging

    tool • It has been developed to generate the BOSH manifest • However, it can also be used in any YAML file ! • It's a single binary, written in Go • https://github.com/geofffranks/spruce
  4. Basic usage of Spruce $ cat a.yaml prompt: color: white

    message: Hello! $ cat b.yaml prompt: message: Hello, Kube! $ spruce merge a.yaml b.yaml c.yaml prompt: color: white # From a.yaml debug: true # From c.yaml message: Hello, Kube! # From b.yaml Let's merge multiple YAML files! $ cat c.yaml prompt: debug: true
  5. Accessing the environment variables $ cat config.yaml config: debug: ((

    grab $DEBUG_MODE || true )) environment: (( grab $ENV_NAME )) log: (( grab $LOG_LEVEL || "info" )) $ spruce merge config.yaml config: debug: true environment: dev log: error When you use the "grab" keyword, Spruce will try to pull the environment variable. $ export ENV_NAME=dev $ export LOG_LEVEL=error
  6. Accessing the secrets of Vault $ cat secret.yaml key: ((

    vault "/secret/spruce:key" )) secret: (( vault "/secret/spruce:secret" )) $ spruce merge secret.yaml key: ca978112ca1bbdcafa secret: 72b9807785afee48bb Spruce can also pull the secrets from Vault. $ export VAULT_ADDR="https://vault:8200" $ export VAULT_TOKEN="4da786eff81"
  7. Managing Kubernetes manifest with Spruce • We usually use the

    multiple environments • Production, Staging, Testing, Development... • Use multiple manifests for each environment • Merge the base manifest and the environment-specific manifest when creating a resource • It is inspired by Ruby on Rails
  8. Managing Kubernetes manifest with Spruce # cat guestbook.yaml apiVersion: extensions/v1beta1

    kind: Deployment spec: replicas: 3 template: metadata: labels: app: guestbook spec: containers: - name: php-redis image: gcr.io/google-samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 Define the base manifest first…
  9. Managing Kubernetes manifest with Spruce # cat dev.yaml spec: replicas:

    1 # Use only one pod template: metadata: labels: env: dev # Add label "env" spec: containers: - name: php-redis resources: requests: cpu: 50m # Reduce CPU resource memory: 50Mi # Reduce memory resource And define the environment-specific manifest.
  10. Managing Kubernetes manifest with Spruce # spruce merge guestbook.yaml dev.yaml

    apiVersion: extensions/v1beta1 kind: Deployment spec: replicas: 1 template: metadata: labels: app: guestbook env: dev spec: containers: - image: gcr.io/google-samples/gb-frontend:v4 name: php-redis ports: - containerPort: 80 resources: requests: cpu: 50m memory: 50Mi When you create a resource, let's merge both the manifest.
  11. Conclusion • Kubernetes Manifest is the definition of the Kubernetes

    Resource • Spruce is a easy and flexible YAML merging tool • Spruce will simplify the management of Kubernetes Manifest