kubedeployer RU
Deploy application on Kubernetes.
- Deploy application using manifests.
- Deploy application using kustomize.
- Manifests can contain environment variables.
- Contain security scanner for Kubernetes resources.
- Contain security scanner for docker images.
docker build \
--build-arg VAULT_URL=<host-to-vault> \
--build-arg VAULT_APPROLE_ID=<vault-approle-id> \
--build-arg VAULT_APPROLE_SECRET=<vault-approle-secret> \
--build-arg VAULT_SECRETS_PREFIX=<vault-secret-prefix> \
-t kubedeployer \
-f Dockerfile .
- VAULT_URL - Vault URL.
- VAULT_APPROLE_ID - the approle id allows machines or apps to authenticate with Vault-defined roles.
- VAULT_APPROLE_SECRET - approle secret.
- VAULT_SECRETS_PREFIX - template of vault-path to secret where store connection settings to Kubernetes (ex.: template/to/cluster/*/secret).
deploy:
stage: deploy
image: kubedeployer
environment:
name: development
variables:
KUBE_URL: $KUBERNETES_URL
KUBE_TOKEN: $KUBERNETES_TOKEN
KUBE_NAMESPACE: $KUBERNETES_NAMESPACE
ENVIRONMENT: $APPLICATION_ENVIRONMENT
MANIFEST_FOLDER: ./manifests
script:
- kubedeploy
# Kubernetes URL where need to deploy application.
KUBE_URL: "https://kube.local"
# Directory inside project where manifests are located.
MANIFEST_FOLDER: "./manifests"
# If the KUBECONFIG environment variable does exist, kubectl uses an effective
# configuration that is the result of merging the files listed in the KUBECONFIG
# environment variable.
KUBECONFIG: "${HOME}/.kube/config"
# Kubernetes access token.
KUBE_TOKEN: "ey3423423423dfeg34gr34..."
# Kubernetes namespace where application will be deployed by default if
# namespace not set in manifests.
KUBE_NAMESPACE: "default"
# Environments describe where code is deployed (ex.: stage, production, ..).
ENVIRONMENT: "development"
# Show manifests that will be applied.
SHOW_MANIFESTS: "False"
# Template that allows filtering docker image names for Trivy report.
TRIVY_IMAGE_TEMPLATE: "registry\.example\.com"
Kubedeployer collect directories inside which manifests will be found. Root
directory are set with variable MANIFEST_FOLDER
, also to use extended
searching need to set value in variable ENVIRONMENT
. For example:
└── applications
└── manifests
├── development
│ ├── configurations
│ │ └── cm.yaml
│ └── ingress.yaml
├── deployment.yaml
└── svc.yaml
I. Found directories if MANIFEST_FOLDER set only:
MANIFEST_FOLDER = ./manifests
./manifests
II. Found directories if MANIFEST_FOLDER and ENVIRONMENT are set
(in current case subdirectory `production` does not exist):
MANIFEST_FOLDER = ./manifests
ENVIRONMENT = production
./manifests
III. Found directories if MANIFEST_FOLDER and ENVIRONMENT are set:
MANIFEST_FOLDER = ./manifests
ENVIRONMENT = development
./manifests
./manifests/development
./manifests/development/configurations
There are next variants when Kubedeployer was found kustomization.yaml
in
getting directories:
kustomization.yaml
successfully found.- If Kubedeployer found multiple
kustomization.yaml
files then will throw exception. To fix it you are need set path to directory inMANIFEST_FOLDER
that contain requiredkustomization.yaml
. - Kubedeployer auto create
kustomization.yaml
inMANIFEST_FOLER
if it can't find it.
Examples:
-
Project without kustomization.yaml
└── applications └── manifests ├── development │ ├── cm.yaml │ └── ingress.yaml ├── production │ ├── cm.yaml │ └── ingress.yaml ├── deployment.yaml └── svc.yaml MANIFEST_FOLDER = ./manifests ENVIRONMENT = development Kubedeployer will create kustomization.yaml with content: ./manifests/kustomization.yaml resources: - ./manifests/deployment.yaml - ./manifests/svc.yaml - ./manifests/development/cm.yaml - ./manifests/development/ingress.yaml
-
Project with kustomization.yaml
└── applications └── manifests ├── base │ ├── kustomization.yaml │ ├── development.yaml │ └── svc.yaml └── overlays ├── development │ ├── kustomization.yaml │ ├── cm.yaml │ └── ingress.yaml └── production ├── kustomization.yaml ├── cm.yaml └── ingress.yaml MANIFEST_FOLDER = ./manifests/overlays/development In our case, Kubedeployer will use the following file: ./manifests/overlays/development/kustomization.yaml
-
Project contains error
└── applications └── manifests ├── development │ ├── kustomization.yaml │ ├── ingress.yaml │ └── configurations │ ├── kustomization.yaml │ └── cm.yaml ├── kustomization.yaml ├── deployment.yaml └── svc.yaml MANIFEST_FOLDER = ./manifests ENVIRONMENT = development Kubedeployer will throw an exception after found multiple files: - ./manifests/kustomization.yaml - ./manifests/development/kustomization.yaml - ./manifests/development/configurations/kustomization.yaml