This repository was archived by the owner on Jul 10, 2024. It is now read-only.
Add utilities for Injecting Kubernetes Deployments #207
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
versilis
changed the title
versilis
force-pushed
the
versilis/injector
branch
from
53c17de to
642c84d
Compare
Merged
versilis
commented
Mar 23, 2023
| @@ -0,0 +1,41 @@ | |||
| apiVersion: apps/v1 | |||
Contributor
Author
There was a problem hiding this comment.
I haven't written any unit tests to go alongside this, but it works well for interacting with the CLI
versilis
added
3 – Normal Priority
mgritter
approved these changes
Mar 24, 2023
Contributor
mgritter
left a comment
mgritter
left a comment
There was a problem hiding this comment.
I didn't find anything big, but if you have time there are some changes I would suggest.
The most important one is supportability; is the context for each error clear?
Next-most important is using code from go-utils.
Final set is avoiding unnecessary deep copies.
versilis
added a commit
that referenced
this pull request
Mar 25, 2023
This adds a new command `akita kube inject` that can be used to manually inject Kuberentes YAML configuration files. Along with injecting deployments, it also can generate a secret to a file or stdout with the use of the `--secret` flag. This PR depends on #207 for its injection functionality. Example usages: ``` # Print injected resources to stdout akita kube inject -f in.yml # Print secret and injected resources to stdout. (combining all using `---`) akita kube inject -s -f in.yml # Output injected resource to file, and also generate and merge any required secrets akita kube inject -s -f in.yml -o out.yml # Output injected resources and generated secrets to separate files akita kube inject -s="secret.yml" -f in.yml -o out.yml # Applying via pipe akita kube inject -f in.yml | kubectl -f - # Applying via file akita kube inject -f in.yml -o out.yml && kubectl apply -f out.yml ``` Example Output (w/merged Secrets): ``` --- apiVersion: v1 kind: Secret metadata: name: akita-secrets namespace: default type: Opaque data: akita-api-key: **** akita-api-secret: *** --- apiVersion: v1 kind: Secret metadata: name: akita-secrets namespace: ns1 type: Opaque data: akita-api-key: *** akita-api-secret: *** --- apiVersion: apps/v1 kind: Deployment metadata: creationTimestamp: null name: test-deploy namespace: default spec: replicas: 1 selector: matchLabels: app: test-pod strategy: {} template: metadata: creationTimestamp: null labels: app: test-pod spec: containers: - image: ghcr.io/wzshiming/echoserver/echoserver:v0.0.1 name: test-container resources: {} - args: - apidump - --project - docker-extension-testing env: - name: AKITA_API_KEY_ID valueFrom: secretKeyRef: key: akita-api-key name: akita-secrets - name: AKITA_API_KEY_SECRET valueFrom: secretKeyRef: key: akita-api-secret name: akita-secrets image: akitasoftware/cli:latest lifecycle: preStop: exec: command: - /bin/sh - -c - AKITA_PID=$(pgrep akita) && kill -2 $AKITA_PID && tail -f /proc/$AKITA_PID/fd/1 name: akita resources: {} securityContext: capabilities: add: - NET_RAW status: {} --- apiVersion: apps/v1 kind: Deployment metadata: creationTimestamp: null name: patch-demo namespace: ns1 spec: replicas: 2 selector: matchLabels: app: nginx strategy: {} template: metadata: creationTimestamp: null labels: app: nginx spec: containers: - image: nginx name: patch-demo-ctr resources: {} - args: - apidump - --project - docker-extension-testing env: - name: AKITA_API_KEY_ID valueFrom: secretKeyRef: key: akita-api-key name: akita-secrets - name: AKITA_API_KEY_SECRET valueFrom: secretKeyRef: key: akita-api-secret name: akita-secrets image: akitasoftware/cli:latest lifecycle: preStop: exec: command: - /bin/sh - -c - AKITA_PID=$(pgrep akita) && kill -2 $AKITA_PID && tail -f /proc/$AKITA_PID/fd/1 name: akita resources: {} securityContext: capabilities: add: - NET_RAW tolerations: - effect: NoSchedule key: dedicated value: test-team status: {} ``` --------- Co-authored-by: Jed Liu <liujed@users.noreply.github.com>
versilis
added a commit
that referenced
this pull request
Mar 27, 2023
This adds two new commands, `akita kube inject` and `akita kube secret`, for simplifying the process of installing Akita as a sidecar in Kubernetes Deployments. Changes include: - #202 - #207 - #206 --------- Signed-off-by: versilis <versilis@akitasoftware.com> Co-authored-by: Mark Gritter <mgritter@akitasoftware.com> Co-authored-by: Jed Liu <liujed@users.noreply.github.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds utilities for injecting Kubernetes deployments to be used with #206.
The main component is the
Injectorinterface which provides the functionality to traverse YAML files (including those with multiple resources using the---directive), and inject sidecar containers into any found Deployments.