Legere potes de ipso helmfile et exemplorum usui in
Nos nosse non-obvias vias describere solvo in helmfile
Dicamus nos habere fasciculum chartis galeae (exempli gratia, dicamus postgressas et aliquas applicationes posteriores) et plures ambitus (plures racemos kubernetes, plura nomina spatia, vel plures utriusque). Sumimus galeam, documenta perlegimus et ambitus nostros ac emissiones describere incipimus:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yaml
Nos finita cum II ambitus: develop, productionem — sua quaeque bona pro chartis emissionibus gubernantibus contineat. ad eos sic disponemus;
helmfile -n <namespace> -e <env> apply
Variae versiones galeae chartulae in diversis ambitibus
Quid si necesse est varias versiones ad varias ambitus evolvere? Quomodo versionem emissionem parameterizes? Valores environmental praesentes per {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...
Diversis applicationibus in diversis ambitibus
Magnum, sed quid si non opus est? production
evolvunt postgres, quia scimus nos non necesse habemus impulsum datorum in k8s et venales habere mirabilem nos separatos postgres glomerari? Ad hanc quaestionem solvendam habemus pittacia
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend apply
Magna haec, sed personaliter describere malo quae ad explicandas applicationes in ambitu non argumentis inmissis, sed in ipsarum ambiturum descriptione explicandis. Quid facere? Potes descriptiones emissiones in separato folder collocare, indicem emissiones necessariarum in ambitu descriptionis creare et "excipere" solum necessarias emissiones, ceteras neglectas.
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}
releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
releases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yaml
nota
cum usura bases:
necesse est uti yaml separator ---
, ita ut solutiones (et alias partes, ut helmDefaults) cum valoribus e ambitu reddere possis.
Hoc in casu, missio postgres ne in descriptione productionis continebitur. Admodum commode!
Overridable global values for releases
Nimirum magnum est quod pro singulis ambitus chartis gubernantibus potes bona ponere, sed quid si plures ambitus descriptos habemus, et velimus, exempli gratia, pro omnibus idem ponere. affinity
sed in ipsis chartis, que in rapa reponuntur, eam configurare noluimus.
Hoc in casu, pro unaquaque remissio nos 2 fasciculos valores exprimere potuimus: primam cum valoribus defaltis, qui valores ipsius chartulae determinabunt, et secundum cum valoribus pro ambitu, qui vicissim vincet. defaltam dumtaxat.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
releases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yaml
envs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"
Definiens valores globales ad chartas gubernaculorum omnium emissiones in gradu ambitus
Dicamus nos plures introitus in pluribus emissiones creare - potuimus manually pro singulis chartis definire hosts:
at in casu nostro idem est fundi, cur non eam in aliqua variabili globali variabili ratione et valorem suum in chartis substituunt? Ad hoc faciendae tabellae illae cum valoribus quos parameterizare volumus, extensionem habebunt .gotmpl
ita ut helmfile sciat eam per machinam elaboratam esse.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}
envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}
envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}
nota
Ut patet, ingressus in chartis postgressis aliquid valde dubium est, ideo hic articulus simpliciter ponitur exemplum sphaericum in vacuo et ne novam aliquam remissionem in articulum iusta causa describendi ingressus inducat.
Substitutis secreta a environment values
Per analogiam cum exemplo praedicto, substituere potes encryptas utentes
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}
envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...
envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...
envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}
envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domain
envs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domain
nota
Per viam, getOrNil
- munus peculiare ad formularia in helmfile, quae, etiam si .Values.secrets
non erit, errorem non mittet, sed effectum utens munere permittet default
substitutus default valorem
conclusio,
Res quae descriptae videntur satis apertae sunt, sed notitias de descriptione instruere ad plures ambitus usus helmfile valde rara est, et amo IaC (Infrastructure-as-Code) et claram descriptionem status instruere volo.
Demum addere velim variabiles ambitus ambitus defectus, vicissim parameterized cum variabilium ambitus cuiusdam cursoris OS, e quo instruere poterit, ac sic ambitus dynamicos consequi.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}
Source: www.habr.com