Seal the Secret !!
2022-Aug-18
Lets Kustomize !!!
By:DALEEP SINGH
2022-Feb-22 08:02:41
Recently, while discussing various options to provide environment specific values for our K8S/OpenShift deployments, possible suggestions given were using OpenShift Templates or Helm charts. However, both of them needs you to have quite good understanding of writing the json/yaml syntax and also need to understand the intricasies of compiling all of the required resources in either big file or putting them in the required framework/folders as needed by Helm.
This encouraged us to look for other option which could be easy and still allow us to provide the environment specific values, customize the resources and also support the entire idea of GitOps. The option we found was Kustomize.
So what is Kustomize?
Kustomize is a standalone command-line tool that supports template-free, structured customization of Kubernetes objects through a kustomization file. It is an implementation of DAM ( Declarative Application Management). It is available both as a standalone binary and as a native feature of kubectl. Kustomize helps users author and reuse Resource Config using Kubernetes native concepts. Users can now apply directories with kustomization.yaml to a cluster using kubectl apply -k dir/.
Kustomize has the concepts of bases and overlays. The base acts as the foundation of kustomization and can be referenced by other Kustomizations. It is a directory with a kustomization.yaml file which points to set of resources to be created. A base has no knowledge of the overlays that refer to it and can be used by multiple overlays. The overlay is a directory that contains a kustomization.yaml file and other information which points to other kustomization directories. In short, an overlay is unusable without a base as it creates all resources mentioned in the base with the customization suggested in the overlays. An overlay can act as a base for other overlays though.
The term kustomization refers to a kustomization.yaml file, or more generally to a directory (the root) containing the kustomization.yaml file. The kustomization file is a YAML specification of a Kubernetes Resource Model (KRM) object called a Kustomization. A kustomization describes how to generate or transform other K8S objects.
A kustomization file contains fields falling into four categories:
- resources - what existing resources are to be customized. Example fields: resources, crds.
- generators - what new resources should be created. Example fields: configMapGenerator (legacy), secretGenerator (legacy), generators (v2.1).
- transformers - what to do to the aforementioned resources. Example fields: namePrefix, nameSuffix, images, commonLabels, patchesJson6902, etc.
- meta - fields which may influence all or some of the above. Example fields: vars, namespace, apiVersion, kind, etc
This can also be clearly understood from the below output which shows the tree structure of the demo folder consisting of base directory with its own kustomization.yaml and for now, only one overlay, which is prod with its own kustomization.yaml and resources to be modified in the Prod environment.
How to install Kustomize?
Kustomize can be installed using multiple methods, using binaries which are available for download, available at Docker images, install from source code etc. Refer to https://kubectl.docs.kubernetes.io/installation/kustomize/ for various ways of installation.
In my environment, I installed it using precompiled binary.
How to use Kustomize?
Kustomize can be used as a standalone tool to generate the K8S resource definitions or even be used with kubectl to create the resources directly on the cluster with the required changes as per overlays.
#kustomize build base/.
#kustomize build overlays/prod/.
And once you have the required resource definitions with you, go ahead and run kubectl/oc create -f . We can also execute kubectl apply -k kustomize-demo/base/. to create the resources and do the deployment as well. You can add -dry-run=client -o yaml to just display the output to stdout or redirect to some file and save it for later use. You can add different namePrefix matching the required overlays as shown in below example kustomization.yaml file.
cat < dev/kustomization.yaml
bases:
- ../base
namePrefix: dev-
EOF
Can I modify or create some resources with Kustomize?
Of course, kustomize provides us several sub-commands to create and modify the kustomization for us. For example, run below command to find more sub-commands which would allow us to add various resources, labels, generators etc to kustomization.yaml file. The output would seem like the one shown below.
#kustomize help edit add
Similarly to modify the existing values, below command helps you to set the value of different fields in kustomization file.
#kustomize help edit set
Let me quickly show an example to generate a configmap and add to the kustomization.yaml in my prod overlay. The first image shows the current state of the overlay kustomization.yaml.
Execute the below command in the directory holding the kustomization.yaml for prod overlay and now you can see the configmap added to the kustomization.yaml file. Now you can jusy go ahead and use the configmap in your production deployments.
#kustomize edit add configmap testconfig --from-literal=TestKey=UpdateToKustomize
I am sure you would be thinking, what is this patchesStrategicMerge?
It is a list of patch files where each file is parsed as a Strategic Merge Patch. Each file should be resolved to a strategic merge patch. Kustomize supports other patching also such as patchesJSON6902 or patches.
This was a small introduction to showcase how we can utilize the power of Kustomize to define our K8S resources and also if needed, create them on the cluster and all without going through any steep learning curve or using any templating engine. The original files still exist as it is, with no changes to them, which also allow us to leverage GitOps. There is a lot more than this and you could find more information on this at https://github.com/kubernetes-sigs/kustomize with sufficient examples.
Happy Reading !!!
