如何使用kustomize配置traefik 2.x indressRoute(metadata.name,spec.Routes [0] .services [0] .name& spec.Routes [0] .match = host())
我们有 一个以 CRD 方式部署的 Traefik 运行的 EKS 集群(完整设置在 GitHub 上)并且不想部署我们的应用程序 https://gitlab.com/jonashackt/microservice-api-spring-boot 以及 Kubernetes 对象 Deployment、Service 和 IngressRoute(请参阅 配置存储库位于此处)。清单如下所示:
deployment.yml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: microservice-api-spring-boot
spec:
replicas: 3
revisionHistoryLimit: 3
selector:
matchLabels:
app: microservice-api-spring-boot
branch: main
template:
metadata:
labels:
app: microservice-api-spring-boot
branch: main
spec:
containers:
- image: registry.gitlab.com/jonashackt/microservice-api-spring-boot:c25a74c8f919a72e3f00928917dc4ab2944ab061
name: microservice-api-spring-boot
ports:
- containerPort: 8098
imagePullSecrets:
- name: gitlab-container-registry
service.yml:
apiVersion: v1
kind: Service
metadata:
name: microservice-api-spring-boot
spec:
ports:
- port: 80
targetPort: 8098
selector:
app: microservice-api-spring-boot
branch: main
traefik-ingress-route.yml:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: microservice-api-spring-boot-ingressroute
namespace: default
spec:
entryPoints:
- web
routes:
- match: Host(`microservice-api-spring-boot-BRANCHNAME.tekton-argocd.de`)
kind: Rule
services:
- name: microservice-api-spring-boot
port: 80
我们已经使用Kustomize,尤其是 kustomize CLI(在 Mac 上或使用 brew 安装在 GitHub Actions 中)安装 kustomize),具有以下文件夹结构:
├── deployment.yml
├── kustomization.yaml
├── service.yml
└── traefik-ingress-route.yml
我们的 kustomization.yaml 如下所示:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yml
- service.yml
- traefik-ingress-route.yml
images:
- name: registry.gitlab.com/jonashackt/microservice-api-spring-boot
newTag: foobar
commonLabels:
branch: foobar
nameSuffix: foobar
现在动态更改 metadata.name 以向部署添加后缀,使用 kustomize CLI 可以轻松在 GitHub Actions 工作流程中设置服务和 IngressRoute 的 .metadata.name(因为我们希望后缀为使用前缀 -,我们需要在此处使用 -- -barfoo 语法):
kustomize edit set namesuffix -- -barfoo
检查结果
kustomize build .
还更改 .spec.selector.matchLabels.branch部署和服务中的、.spec.template.metadata.labels.branch 和 .spec.selector.branch 没有问题:
kustomize edit set label branch:barfoo
更改我们的 Deployment 的 .spec.template.spec.containers[0].image 适用于:
kustomize edit set image registry.gitlab.com/jonashackt/microservice-api-spring-boot:barfoo
但查看我们的 IngressRoute 似乎 .spec。无法使用开箱即用的 Kustomize 更改 paths[0].services[0].name 和 .spec.routes[0].match = Host()?那么我们如何才能在不需要 yq 甚至 sed/envsubst 这样的替换工具的情况下更改这两个字段呢?
We have a EKS cluster running with Traefik deployed in CRD style (full setup on GitHub) and wan't to deploy our app https://gitlab.com/jonashackt/microservice-api-spring-boot with the Kubernetes objects Deployment, Service and IngressRoute (see configuration repository here). The manifests look like this:
deployment.yml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: microservice-api-spring-boot
spec:
replicas: 3
revisionHistoryLimit: 3
selector:
matchLabels:
app: microservice-api-spring-boot
branch: main
template:
metadata:
labels:
app: microservice-api-spring-boot
branch: main
spec:
containers:
- image: registry.gitlab.com/jonashackt/microservice-api-spring-boot:c25a74c8f919a72e3f00928917dc4ab2944ab061
name: microservice-api-spring-boot
ports:
- containerPort: 8098
imagePullSecrets:
- name: gitlab-container-registry
service.yml:
apiVersion: v1
kind: Service
metadata:
name: microservice-api-spring-boot
spec:
ports:
- port: 80
targetPort: 8098
selector:
app: microservice-api-spring-boot
branch: main
traefik-ingress-route.yml:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: microservice-api-spring-boot-ingressroute
namespace: default
spec:
entryPoints:
- web
routes:
- match: Host(`microservice-api-spring-boot-BRANCHNAME.tekton-argocd.de`)
kind: Rule
services:
- name: microservice-api-spring-boot
port: 80
We already use Kustomize and especially the kustomize CLI (on a Mac or in GitHub Actions install with brew install kustomize) with the following folder structure:
├── deployment.yml
├── kustomization.yaml
├── service.yml
└── traefik-ingress-route.yml
Our kustomization.yaml looks like this:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yml
- service.yml
- traefik-ingress-route.yml
images:
- name: registry.gitlab.com/jonashackt/microservice-api-spring-boot
newTag: foobar
commonLabels:
branch: foobar
nameSuffix: foobar
Now changing the metadata.name dynamically to add a suffix to the Deployment's, Service's and IngressRoute's .metadata.name from within our GitHub Actions workflow is easy with kustomize CLI (because we want the suffix to use a prefixed -, we need to use the -- -barfoo syntax here):
kustomize edit set namesuffix -- -barfoo
Check the result with
kustomize build .
Also changing the .spec.selector.matchLabels.branch, .spec.template.metadata.labels.branch and .spec.selector.branch in the Deployment and Service is no problem:
kustomize edit set label branch:barfoo
Changing the .spec.template.spec.containers[0].image of our Deployment works with:
kustomize edit set image registry.gitlab.com/jonashackt/microservice-api-spring-boot:barfoo
But looking into our IngressRoute it seems that .spec.routes[0].services[0].name and .spec.routes[0].match = Host() can't be changed with Kustomize out of the box?! So how can we change both fields without the need for a replacement tooling like yq or even sed/ envsubst?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
1。更改
IngressRoutes.spec.Routes [0] .Services [0] .namewith Kustomize更改
IngressRoutes s s 代码> .spec.Routes [0] .Services [0] .name 在使用 anamereferencetransformer transformer(请参阅此处的文档) - 幸运的是,我找到了Inspiration 在本期中。因此,我们需要在我们的配置关键字中包括kustomize.yaml:我们还需要添加名为
namereference.yml的文件:我们将服务的
名称将其连接到IngressRoutesspec/routes/services/name。现在,运行不仅将更改部署,服务和IngressRoute的标签
god>- 还将更改 .spec.routes [0] .services [0] .name IngressRoute的范围,因为现在已链接到服务的metadata.name。请注意,仅当转介程序和目标都具有名称标签时,仅此而已。2。更改IngressRoutes的一部分
.spec.Routes [0] .match = host()问题的第二部分询问如何更改IngressRoutes的一部分
。 .routes [0] .match = host()。有 kustomize github project中的一个开放问题。目前,Kustomize不支持此用例 - 仅编写用于Kustomize的自定义生成器插件。由于这可能不是首选选项,因此还有另一种受到此博客文章。因为我们可以使用语法cat>可以在控制台中插入YAML文件。 ./myyamlfile.yml< eof ... eof我们还可以使用内联变量替换。因此,首先将分支名称定义为变量:
然后使用所描述的语法来创建
indressRoute-patch.ymlfile inline:最后一步是使用
indressroute-patch.yml 文件为patchestrategicmerge在我们的kustomization.yaml之类的中,例如:现在运行
kustomize build.应该输出正确的部署,服务和ingressRoute设置:1. Change the
IngressRoutes.spec.routes[0].services[0].namewith KustomizeChanging the
IngressRoutes.spec.routes[0].services[0].nameis possible with Kustomize using aNameReferencetransformer (see docs here) - luckily I found inspiration in this issue. Therefore we need to include theconfigurationskeyword in ourkustomize.yaml:We also need to add file called
nameReference.yml:As you can see we tie the Service's
nameto the IngressRoutesspec/routes/services/name. Now runningwill not only change the
metadata.nametags of the Deployment, Service and IngressRoute - but also the.spec.routes[0].services[0].nameof the IngressRoute, since it is now linked to themetadata.nameof the Service. Note that this only, if both the referrer and the target's have anametag.2. Change a part of the IngressRoutes
.spec.routes[0].match = Host()The second part of the question ask how to change a part of the IngressRoutes
.spec.routes[0].match = Host(). There's an open issue in the Kustomize GitHub project. Right now Kustomize doesn't support this use case - only writing a custom generator plugin for Kustomize. As this might not be a preferred option, there's another way inspired by this blog post. As we can create yaml files inline in our console using the syntaxcat > ./myyamlfile.yml <<EOF ... EOFwe could also use the inline variable substitution.So first define the branch name as variable:
And then use the described syntax to create a
ingressroute-patch.ymlfile inline:The last step is to use the
ingressroute-patch.ymlfile aspatchesStrategicMergeinside ourkustomization.yamllike this:Now running
kustomize build .should output the correct Deployment, Service and IngressRoute for our setup: