如何使用 Kubernetes yaml 文件设置动态值

Question

For example, a deployment yaml file:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: guestbook
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: guestbook
      spec:
        container:
          - name: guestbook
            image: {{Here want to read value from config file outside}}

There is a ConfigMap feature with Kubernetes, but that's also write the key/value to the yaml file. Is there a way to set the key to environment variables?

Answer 1

You can't do it automatically, you need to use an external script to "compile" your template, or use helm as suggested by @Jakub.

You may want to use a custom bash script, maybe integrated with your CI pipeline.

Given a template yml file called deploy.yml.template very similar to the one you provided, you can use something like this:

#!/bin/bash

# sample value for your variables
MYVARVALUE="nginx:latest"

# read the yml template from a file and substitute the string 
# {{MYVARNAME}} with the value of the MYVARVALUE variable
template=`cat "deploy.yml.template" | sed "s/{{MYVARNAME}}/$MYVARVALUE/g"`

# apply the yml with the substituted value
echo "$template" | kubectl apply -f -

Answer 2

You can also use envsubst when deploying.

eg

cat $app/deployment.yaml | envsubst | kubectl apply ...

It will replace all variables in the file with their values. We are successfully using this approach on our CI when deploying to multiple environments, also to inject the CI_TAG etc into the deployments.

Answer 3

I don't think it is possible to set image through variable or Config Map in Kubernetes. But you can use for example Helm to make your deployments much more flexible and configurable.

Answer 4

One line:

cat app-deployment.yaml | sed "s/{{BITBUCKET_COMMIT}}/$BITBUCKET_COMMIT/g" | kubectl apply -f -

In yaml:

  ...
  containers:
  - name: ulisses
    image: niceuser/niceimage:{{BITBUCKET_COMMIT}}
  ...

Answer 5

This kind of thing is painfully easy with ytt :

deployment.yml

#@ load("@ytt:data", "data")
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: guestbook
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: guestbook
      spec:
        container:
          - name: guestbook
            image: #@ data.values.image

values.yml

#@data/values
image: nginx@sha256:fe2fa7bb1ceb86c6d9c935bc25c3dd8cbd64f2e95ed5b894f93ae7ffbd1e92bb

Then...

$ ytt -f deployment.yml -f values.yml | kubectl apply -f -

or even better, use ytt 's cousin, kapp for a high-control deployment experience:

$ ytt -f deployment.yml -f values.yml | kapp deploy -a guestbook -f -

Answer 6

I create a script called kubectl_create and use it to run the create command. It will substitute any value in the template that is referenced in an environment variable.

#!/bin/bash
set -e
eval "cat <<EOF
$(<$1)
EOF
" | kubectl create -f -

For example, if the template file has:

apiVersion: v1
kind: Service

metadata:
  name: nginx-external
  labels:
    app: nginx

spec:
  loadBalancerIP: ${PUBLIC_IP}
  type: LoadBalancer
  ports:
  - name: http
    port: 80
    targetPort: 80
  - name: https
    port: 443
    targetPort: 443

  selector:
    app: nginx

Run kubectl_create nginx-service.yaml and then the environment variable PUBLIC_IP will be substituted before running the actual kubectl create command.

Answer 7

My approach:

tools/jinja2-cli.py :

#!/usr/bin/env python3
import os
import sys
from jinja2 import Environment, FileSystemLoader

sys.stdout.write(Environment(loader=FileSystemLoader('templates/')).from_string(sys.stdin.read()).render(env=os.environ) + "\n")

Make rule:

_GENFILES = $(basename $(TEMPLATES))
GENFILES = $(_GENFILES:templates/%=%)

$(GENFILES): %: templates/%.j2 $(MKFILES) tools/jinja2-cli.py .env
        env $$(cat .env | xargs) tools/jinja2-cli.py < $< > $@ || (rm -f $@; false)

Inside the .j2 template file you can use any jinja syntax construct, eg {{env.GUEST}} will be replaced by the value of GUEST defined in .env

So your templates/deploy.yaml.j2 would look like:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: guestbook
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: guestbook
      spec:
        container:
          - name: guestbook
            image: {{env.GUEST}}

Another approach (using just bash builtins and xargs ) might be

env $(cat .env | xargs) cat <<EOF | kubectl create -f -
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: guestbook
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: guestbook
      spec:
        container:
          - name: guestbook
            image: ${GUEST}
EOF

Answer 8

I have been using kubetpl

It has three different template flavors and supports ConfigMap/Secret freezing.

Answer 9

yaml does not read values from another yaml file. As an alternative approach you could try this.

kind: Pod
metadata:
  creationTimestamp: null
  annotations:
    namespace: &namespaceId dev
    imageId: &imgageId nginx
    podName: &podName nginx-pod
    containerName: &containerName nginx-container
  name: *podName
  namespace: *namespaceId
spec:
  containers:
  - image: *imgageId
    name: *containerName
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

Answer 10

I create a script called kubectl_apply. It loads variables from .env, replace ${CUSTOMVAR} in yml and pass it to kubectl command

  #!/bin/bash
  set -a
  source .env
  set +a
  eval "cat <<EOF
  $(<$1)
  EOF
  " | kubectl apply -f -

Answer 11

我已经发布了一个命令行工具ysed ，它可以帮助您解决这个问题，以防您计划编写脚本。

Answer 12

I think the standard - Helm should be used instead of custom scripts to solve this problem nowadays. You don't need to deploy to generate Kubernets yamls on the machine.

An example:

1. Install helm on your machine so helm command exists

2. https://artifacthub.io/packages/helm/pauls-helm-charts/helloworld - Install button

3. helm repo add pauls-helm-charts http://tech.paulcz.net/charts

4. helm pull pauls-helm-charts/helloworld --version 2.0.0

5. tar -zxvf helloworld-2.0.0.tgz && cd helloworld

6. helm template -f values.yaml --output-dir helloworld . --namespace my-namespace --name-template=my-name

So it created these files from values.yaml :

wrote helloworld/helloworld/templates/serviceaccount.yaml
wrote helloworld/helloworld/templates/service.yaml
wrote helloworld/helloworld/templates/deployment.yaml

Inside values.yaml , you can change predefined repository (or 100% any value can be repeated in Kubernetes yamls as you wish):

image:
  repository: paulczar/spring-helloworld

Now if you want to deploy, make sure kubectl works and just apply these generated files using kubectl apply -f serviceaccount.yaml , etc.

Answer 13

Helm is exactly meant for such things and a lot more. It handle complex set of resource deployment as a group etc.

But if we are still looking for some simple alternative then how about using ant?

If you want to modify the file as part of build process or test process then you can go with ant task as well.

Using ant you can load all environment values as property or you can simply load properties file like:

<property environment="env" />
<property file="build.properties" />

Then you can have a target which converts template files into your desired yaml file.

<target name="generate_from_template">

    <!-- Copy task to replaces values and create new file -->
    <copy todir="${dest.dir}" verbose="true" overwrite="true" failonerror="true">

        <!-- List of files to be processed -->
        <fileset file="${source.dir}/xyz.template.yml" />

        <!-- Mapper to transform filename. Removes '.template' from the file
            name when copying the file to output directory -->
        <mapper type="regexp" from="(.*).template(.*)" to="\1\2" />

        <!-- Filter chain that replaces the template values with actual values 
            fetched from properties file -->
        <filterchain>
            <expandproperties />
        </filterchain>
    </copy>
</target>

Of course you can use a fileset instead of file in case you want to change values dynamically for multiple files (nested or whatever)

Your template file xyz.template.yml should look like:

apiVersion: v1
kind: Service
metadata:
  name: ${XYZ_RES_NAME}-ser
  labels:
    app: ${XYZ_RES_NAME}
    version: v1
spec:
  type: NodePort
  ports:
    - port: ${env.XYZ_RES_PORT}
      protocol: TCP
  selector:
    app: ${XYZ_RES_NAME}
    version: v1

env. property being loaded from environment variables and other from property file

Hope it helped :)

Answer 14

If you just want to change the image or a tag while your deployment is running, you could set the image of a specific container in your deployment:

kubectl apply -f k8s
kubectl set image deployments/worker-deployment worker=IMAGE:TAG

Answer 15

In the jitsi project the tpl == frep command is used to substitute values, an extension to envsubst

https://github.com/jitsi/docker-jitsi-meet/issues/65

I keep on using the old shell tools like sed and friends but such code is quickly unreadable when its more than a handful of value to deal with.

Answer 16

create a file called kubectl_advance as below and enjoy calling it just like kubectl commands.

eg

EXPORT MY_VAL="my-v1"

kubectl_advance -c -f sample.yaml # -c option is to call create command
kubectl_advance -r -f sample2.yaml # -r option is to call replace command

Assuming the yaml file has the value like ${MY_VAL} to be replaced by the environment variable.

#!/usr/bin/env bash

helpFunction()
{
   echo "Supported option is [-f] for file"
   exit 1
}

while getopts "f:cr" opt
do
   case "$opt" in
      f ) yamlFile="$OPTARG" ;;
      c ) COMMAND_IS_CREATE="true" ;;
      r ) COMMAND_IS_REPLACE="true" ;;
      ? ) helpFunction ;; # Print helpFunction in case parameter is non-existent
   esac
done

echo 'yaml file is : '$yamlFile

YAML_CONTENT=`eval "cat <<EOF
$(<$yamlFile)
EOF
"`

echo 'Final File Content is :=>'
echo '------------------'

echo "$YAML_CONTENT"


if [[ "$COMMAND_IS_CREATE" == "true" ]]; then
  COMMAND="create"
fi

if [[ "$COMMAND_IS_REPLACE" == "true" ]]; then
  COMMAND="replace"
fi

echo "$YAML_CONTENT" | kubectl $COMMAND -f -

Answer 17

When the variable you want to replace is a url containing slashes like this

DASHBOARD_HOST=http://abd1c6f-123246.eu-central-1.elb.amazonaws.com    

the solution using sed produces a bad flag in substitute command: '/' error. But as sed s command can use any character as a delimiter , we could optimize the solution using s# instead of s/ like this:

sed "s#{{DASHBOARD_HOST}}#$DASHBOARD_HOST#g" app-deployment.yaml | kubectl apply -f -

We can also ommit the cat as stated by gertvdijk since sed is able to read files on it's own. The variable we want to replace inside the app-deployment.yaml could look somehow like this:

...
params:
  - name: DASHBOARD_HOST
    value: {{DASHBOARD_HOST}}
...

Multiple variable substitution

Using sed you can even replace multiple variables in your yaml file. Let's assume your app-deployment.yaml has the following contents:

...
params:
  - name: DASHBOARD_HOST
    value: {{DASHBOARD_HOST}}
  - name: DASHBOARD_PORT
    value: {{DASHBOARD_PORT}}
...

Now set both variables inside your shell:

DASHBOARD_HOST=http://abd1c6f-123246.eu-central-1.elb.amazonaws.com
DASHBOARD_PORT=9785

And then chain the sed s# commands using ;like this:

sed "s#{{DASHBOARD_HOST}}#$DASHBOARD_HOST#g;s#{{DASHBOARD_PORT}}#$DASHBOARD_PORT#g" app-deployment.yaml | kubectl apply -f -

Answer 18

For my deployments, I typically use Helm charts. It requires me to update values.yaml files periodically.

For dynamically updating YAML files, I used 'envsubst' since it is simple and does not require sophisticated configuration. In addition, most of the tools only work with valid Kubernetes manifests, not simple YAML files.

I created a simple script to handle the YAML modification to simplify the usage

https://github.com/alexusarov/vars_replacer

Example:

./vars_replacer.sh -i [input_file] -o [output_file] -p "[key=value] [key=value]"