k8sリソースをグループ化する
18727 ワード
複数のk8sリソースを1つのyamlにまとめたい
k8sのリソースは ---
で区切ることで1つのyamlにグループ化する事ができる
例えばdatadog-agentをデプロイするために必要なリソースをまるっと書くとこうなる
kind: Namespace
apiVersion: v1
metadata:
name: datadog
---
kind: ServiceAccount
apiVersion: v1
metadata:
name: datadog-agent
namespace: datadog
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: datadog-agent
rules:
- apiGroups:
- ""
resources:
- services
- events
- endpoints
- pods
- nodes
- componentstatuses
verbs:
- get
- list
- watch
- apiGroups: ["quota.openshift.io"]
resources:
- clusterresourcequotas
verbs:
- get
- list
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
- datadogtoken # Kubernetes event collection state
- datadog-leader-election # Leader election token
verbs:
- get
- update
- apiGroups: # To create the leader election token
- ""
resources:
- configmaps
verbs:
- create
- nonResourceURLs:
- "/version"
- "/healthz"
- "/metrics"
verbs:
- get
- apiGroups: # Kubelet connectivity
- ""
resources:
- nodes/metrics
- nodes/spec
- nodes/proxy
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: datadog-agent
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: datadog-agent
subjects:
- kind: ServiceAccount
name: datadog-agent
namespace: datadog
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: datadog-agent
namespace: datadog
spec:
selector:
matchLabels:
app: datadog-agent
template:
metadata:
labels:
app: datadog-agent
name: datadog-agent
spec:
serviceAccountName: datadog-agent
containers:
- image: datadog/agent:latest
imagePullPolicy: Always
name: datadog-agent
ports:
- containerPort: 8125
# Custom metrics via DogStatsD - uncomment this section to enable custom metrics collection
# hostPort: 8125
name: dogstatsdport
protocol: UDP
- containerPort: 8126
# Trace Collection (APM) - uncomment this section to enable APM
# hostPort: 8126
name: traceport
protocol: TCP
env:
- name: DD_API_KEY
valueFrom:
secretKeyRef:
name: datadog-secret
key: api-key
- name: DD_COLLECT_KUBERNETES_EVENTS
value: "true"
- name: DD_LEADER_ELECTION
value: "true"
- name: KUBERNETES
value: "true"
- name: DD_KUBERNETES_KUBELET_HOST
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: DD_APM_ENABLED
value: "true"
resources:
requests:
memory: "256Mi"
cpu: "200m"
limits:
memory: "256Mi"
cpu: "200m"
volumeMounts:
- name: dockersocket
mountPath: /var/run/docker.sock
- name: procdir
mountPath: /host/proc
readOnly: true
- name: cgroups
mountPath: /host/sys/fs/cgroup
readOnly: true
livenessProbe:
exec:
command:
- ./probe.sh
initialDelaySeconds: 15
periodSeconds: 5
volumes:
- hostPath:
path: /var/run/docker.sock
name: dockersocket
- hostPath:
path: /proc
name: procdir
- hostPath:
path: /sys/fs/cgroup
name: cgroups
リソースの順番に気をつける
リソースは、ファイルに記載されている順序で作成されるので書く順番に気をつける
例えばNamespaceより先にDeploymentを書くと
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
namespace: nginx
spec:
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
---
kind: Namespace
apiVersion: v1
metadata:
name: nginx
Namespaceが見つからないと怒られるが
$ kubectl apply -f nginx.yaml
namespace/nginx created
Error from server (NotFound): error when creating "test.yaml": namespaces "nginx" not found
Namespaceを先に書くと
kind: Namespace
apiVersion: v1
metadata:
name: nginx
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
namespace: nginx
spec:
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
怒られない
$ kubectl apply -f nginx.yaml
namespace/nginx created
deployment.extensions/nginx created
Author And Source
この問題について(k8sリソースをグループ化する), 我々は、より多くの情報をここで見つけました https://qiita.com/otappi/items/b8e58a613b69813c5d2e著者帰属:元の著者の情報は、元のURLに含まれています。著作権は原作者に属する。
Content is automatically searched and collected through network algorithms . If there is a violation . Please contact us . We will adjust (correct author information ,or delete content ) as soon as possible .