Kustomize 配置管理
什么是 Kustomize
Kustomize 是 K8s 原生的配置管理工具(已内置到 kubectl),通过 overlay 机制实现多环境配置管理,无需模板语言。
目录结构
k8s/
├── base/ # 基础配置
│ ├── kustomization.yaml
│ ├── deployment.yaml
│ ├── service.yaml
│ └── configmap.yaml
└── overlays/
├── dev/ # 开发环境
│ ├── kustomization.yaml
│ └── patch-replicas.yaml
├── staging/ # 预发布环境
│ ├── kustomization.yaml
│ └── patch-resources.yaml
└── production/ # 生产环境
├── kustomization.yaml
├── patch-replicas.yaml
└── patch-resources.yamlbase/kustomization.yaml
yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
- configmap.yaml
commonLabels:
app: my-app
managed-by: kustomize
commonAnnotations:
team: backend
namePrefix: ""
nameSuffix: ""overlays/production/kustomization.yaml
yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
bases:
- ../../base
namespace: production
# 修改镜像
images:
- name: my-app
newTag: v2.0.0
newName: registry.example.com/my-app
# 合并补丁(Strategic Merge Patch)
patchesStrategicMerge:
- patch-replicas.yaml
- patch-resources.yaml
# JSON Patch
patches:
- target:
kind: Deployment
name: my-app
patch: |-
- op: replace
path: /spec/replicas
value: 5
# 生成 ConfigMap
configMapGenerator:
- name: app-config
literals:
- LOG_LEVEL=warn
- MAX_CONNECTIONS=500
files:
- config/app.yaml
# 生成 Secret
secretGenerator:
- name: db-secret
literals:
- password=prod-password
type: Opaque
# 替换变量
vars:
- name: SERVICE_NAME
objref:
kind: Service
name: my-app
apiVersion: v1
fieldref:
fieldpath: metadata.namepatch-replicas.yaml
yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 5使用
bash
# 预览生成的 YAML
kubectl kustomize overlays/production
# 应用
kubectl apply -k overlays/production
# 删除
kubectl delete -k overlays/production
# 使用 kustomize 命令
kustomize build overlays/production | kubectl apply -f -Helm + Kustomize 结合
yaml
# kustomization.yaml
helmCharts:
- name: nginx-ingress
repo: https://kubernetes.github.io/ingress-nginx
version: 4.9.0
releaseName: ingress-nginx
namespace: ingress-nginx
valuesFile: nginx-values.yaml