Skip to content

Instantly share code, notes, and snippets.

@ervinb

ervinb/kustomize_vars.md

Forked from hermanbanken/kustomize_vars.md
Created August 24, 2022 09:05
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ervinb/73c9b5550211b0fbb046604f598549d5 to your computer and use it in GitHub Desktop.
Save ervinb/73c9b5550211b0fbb046604f598549d5 to your computer and use it in GitHub Desktop.
Download ZIP
Kustomize Vars example
Raw
kustomize_vars.md

This was initially posted in an kubernetes-sigs/kustomize issue.

We are using Kustomize's vars feature. Initially we didn't understand how to use it for our purpose, but it is a 100% fit. One example is our Ingress resource, which looks like this:

# file: base/ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: services
  annotations:
    kubernetes.io/ingress.global-static-ip-name: $(SERVICES_GLOBAL_STATIC_IP_NAME)
    kubernetes.io/ingress.allow-http: "false"
    ingress.gcp.kubernetes.io/pre-shared-cert: $(SERVICES_PRE_SHARED_CERT)
    kubernetes.io/ingress.class: "gce"
spec:
  rules:
  - host: $(HOST_A)
    http:
      paths:
      - backend:
          serviceName: serviceA
          servicePort: 80
  - host: $(HOST_B)
    http:
      paths:
      - backend:
          serviceName: serviceB
          servicePort: 80
  - host: $(HOST_C)
    http:
      paths:
      - backend:
          serviceName: serviceC
          servicePort: 80

Then our configMapGenerator / vars looks like this:

# file: base/kustomization.yaml
bases:
- ingress.yaml

configMapGenerator:
- name: ops-ingress-properties
  envs: [environment.properties]

vars:
- name: SERVICES_GLOBAL_STATIC_IP_NAME
  objref: { kind: ConfigMap, name: ops-ingress-properties, apiVersion: v1 }
  fieldref: { fieldpath: data.SERVICES_GLOBAL_STATIC_IP_NAME }
- name: SERVICES_PRE_SHARED_CERT
  objref: { kind: ConfigMap, name: ops-ingress-properties, apiVersion: v1 }
  fieldref: { fieldpath: data.SERVICES_PRE_SHARED_CERT }
- name: HOST_A
  objref: { kind: ConfigMap, name: ops-ingress-properties, apiVersion: v1 }
  fieldref: { fieldpath: data.HOST_A }
- name: HOST_B
  objref: { kind: ConfigMap, name: ops-ingress-properties, apiVersion: v1 }
  fieldref: { fieldpath: data.HOST_B }
- name: HOST_C
  objref: { kind: ConfigMap, name: ops-ingress-properties, apiVersion: v1 }
  fieldref: { fieldpath: data.HOST_C }

and the properties like this:

# file: base/environment.properties

# Ingress annotations
SERVICES_GLOBAL_STATIC_IP_NAME=services
SERVICES_PRE_SHARED_CERT=a-yyyymmdd,b-yyyymmdd,c-yyyymmdd

# Hosts
HOST_A=a.example.org
HOST_B=b.example.org
HOST_C=c.example.org

then in our overlays we redefine the environment.properties file and have this in Kustomization:

# file: overlay/staging/kustomization.yaml
configMapGenerator:
- name: ops-ingress-properties
  envs: [environment.properties]
  behavior: replace # <======= critical

which overwrites the values in the base like this:

# file: overlay/staging/environment.properties

# Ingress annotations
SERVICES_GLOBAL_STATIC_IP_NAME=services-staging
SERVICES_PRE_SHARED_CERT=a-staging-yyyymmdd,b-staging-yyyymmdd,c-staging-yyyymmdd

# Hosts
HOST_A=a-staging.example.org
HOST_B=b-staging.example.org
HOST_C=c-staging.example.org

This works ideal for us! A bit sad that it took us soo long to discover this feature. We really don't want it replaced/removed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment