英文:
How to modify a manifest file when using Ansible to install a service on a kubernetes cluster?
问题
我正在尝试使用Ansible自动创建一个高可用(HA)集群。
通常,我有两种选项来安装负载均衡器(MetalLb),一种是使用清单,另一种是使用helm。
我非常喜欢helm
有一个--values
选项。这很有用,因为我可以为MetalLB的speakers添加toleration,这样我可以将它们部署在我不希望部署作业的节点上。
在创建playbook时,我希望有一种方式来部署MetalLB的speakers,并为它们添加toleration,以便它们可以被部署,但我不想在其中一个节点上安装helm。
当运行playbook时,我可以下载清单文件https://raw.githubusercontent.com/metallb/metallb/v0.13.7/config/manifests/metallb-native.yaml,但现在我想要能够添加tolerations。如何在不下载yaml文件并手动编辑的情况下实现这一点,类似helm中的--values
选项将很不错。
英文:
I am trying to automate making a HA cluster with Ansible.
Normally I have two options to install the load balancer (MetalLb), with manifest or helm.
I really like that helm
has a --values
option. This is useful because I can add toleration to the MetalLB speakers, that way I can deploy them in the nodes that I dont want to deploy jobs on.
When making the playbook I want to have a way to deploy the MetalLB speakers with the toleration so they can get deploy but I don't want to install helm on one of the nodes.
When the playbook is ran I can download the manifest file https://raw.githubusercontent.com/metallb/metallb/v0.13.7/config/manifests/metallb-native.yaml but now I want to be able to add the tolerations. How can I accomplish this without me downloading the yaml file and editing it myself, something like the --values
option in helm would be nice
答案1
得分: 1
这段文本描述了如何使用Kustomize来管理Kubernetes资源配置。Kustomize的一般思路是采用一些基本配置("bases"),对它们应用一些变换操作。在大多数情况下,strategic merge的行为与人们的期望相符,这也是你提到的kubectl patch
的行为1。但是,处理合并中的数组值比较棘手,因此我更喜欢使用JSON Patch数组添加支持,这也是我们将在这里使用的方法。
然后,使用kubectl kustomize .
我们可以看到应用该补丁后的结果。
如果你想完全替换"tolerations",你可能会更喜欢使用"strategic merge",但鉴于你的问题没有具体指定,而且这种情况更复杂,所以我从这个开始。
FN 1: 我看到你提到了kubectl patch
,但它用于编辑已存在的Kubernetes资源,所以只有在将"metallb-native.yaml"部署到集群后,kubectl patch
才会对你有用。使用kustomize
是Helm的替代品,因为它旨在使清单在部署到集群时处于正确的状态,而不是稍后修复它。
英文:
https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/ lays out the general idea of how kustomize is going to work: take some bases, apply some transformations to them. In most cases, the strategic merge behaves like folks expect, and is how the kubectl patch
you mentioned behaves<sup>1</sup>. But, dealing with array values in merges is tricky, so I have had better luck with using JSON Patch array add support, which is what we will use here
# the contents of "kustomization.yaml" in the current directory
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://raw.githubusercontent.com/metallb/metallb/v0.13.7/config/manifests/metallb-native.yaml
patches:
- target:
version: v1
group: apps
kind: DaemonSet
namespace: metallb-system
name: speaker
patch: |-
- op: add
path: /spec/template/spec/tolerations/-
value: {"effect":"NoSchedule","key":"example.com/some-taint","operator":"Exists"}
Then, using kubectl kustomize .
we see the result from applying that patch:
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
- effect: NoSchedule
key: example.com/some-taint
operator: Exists
Obviously if you wanted to wholesale replace the tolerations, you may have better luck with the strategic merge flavor, but given that your question didn't specify and this case is the harder of the two, I started with it
FN 1: I saw you mention kubectl patch
but that is for editing existing kubernetes resources, so after you already deployed your metallb-native.yaml into the cluster, only then would kubectl patch
do anything for you. Using kustomize
is the helm-replacement in that it is designed for the manifests to go into the cluster in the right state, versus fixing it up later
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论