A package to generate k8s policy file
Project description
KubeGen
kubegen is an utility python library on PyPI. It is use in generating kubernetes policy files. The library generate policy based on the kind specified.
It provides way of generating k8s policy files on the fly during CI/CD process.
:rotating_light:
Features
- Supports creation of deployment, ingress, svc and secret policy file
- Pass json string as argument
- Dynamically bind environment variables, volumes etc.
Installation
Installation is done using the
pip install command:
$ pip install kubegen
$ pip3 install kubegen
Usage:
Usage: kubegen [OPTIONS]
Options:
-k, --kind TEXT what kind of k8s policy file are you trying to create.
support type includes deployment, ingress and svc.
-d, --data TEXT Supply payload for the policy file in jsonstring format e.g
{"name": "app-1", "version": "v1"}
--help Show this message and exit.
// Generate svc policy file
kubegen -k svc -d '{"name": "test-app", "environment": "staging", "port": 8080, "service_type": "ClusterIP", "protocol": "TCP"}'
// Generate secret policy file
kubegen -k secret -d '{"version": "v1", "metadata": {"name": "test-app", "namespace": "dev", "resourceVersion": "123", "uid": "eiir-wkie", "labels": {"name": "test-app"}}, "type": "Opaque", "data": {"username": "YWRtaW4=", "password": "MWYyZDFlMmU2N2Rm"}}'
// Generate ingress policy file
kubegen -k svc -d '{"name": "test-app", "host": "test-app.io", "port": 8080, "path": "/", "tls_secret_name": "test-app-secret", "annotations": {"kubernetes.io/ingress.class": "nginx", "nginx.ingress.kubernetes.io/ssl-redirect": "true"}}'
// Generate deployment policy file
kubegen -k deployment -d '{"version": "apps/v1", "name": "test-app", "image": "test-app:1.0.0", "port": 8080, "environment": "staging", "image_pull_secret": "test-app-secret", "environment_variables": [{"name": "keyvault_id", "value": "12345"}], "replicas": 3, "volume_mounts": [{"name": "test-volume", "mountPath": "/app/test-volume"}], "volumes": [{"name": "test-volume", "configMap": {"name": "app-configmap"}}]}'
// Generate multi-container deployment policy file
kubegen -k multi_container_deployment -d '{"version": "apps/v1", "environment": "dev", "metadata": {"name": "test-app", "namespace": "dev", "labels": {"app": "test-app", "company": "kube"}}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchExpressions": [{"key": "disktype", "operator": "In", "values": ["ssd"]}]}]}}}, "restartPolicy": "Always", "strategy": {"type": "Recreate"}, "replicas": 2, "containers": [{"name": "webapp", "image": "app/webapp", "ports": [{"containerPort": 8080}], "imagePullPolicy": "always", "env": [{"name": "CLIENT_ID", "value": "123"}, {"name": "HOST_URL", "value": "https://is.url"}, {"name": "DB_PASSWORD", "valueFrom": {"secretKeyRef": {"name": "cloudsql-credentials", "key": "db_pass"}}}]}, {"name": "cloudsql-proxy", "image": "gcr.io/cloudsql-docker/gce-proxy:1.16", "command": ["/cloud_sql_proxy", "-instances=demo-instance=tcp:3306", "-credential_file=/secrets/cloudsql/cred.json"]}]}'
another form of usage of affinity:
"affinity": {"podAntiAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": [{"labelSelector": {"matchExpressions": [{"key": "app", "operator": "In", "values": ["web"]}]}, "topologyKey": "kubernetes.io/hostname"}]}, "podAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": [{"labelSelector": {"matchExpressions": [{"key": "app", "operator": "In", "values": ["redis"]}]}, "topologyKey": "kubernetes.io/hostname"}]}}
Sample multi-container yaml output
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-app
namespace: dev
labels:
app: test-app
company: kube
environment: dev
spec:
replicas: 2
template:
spec:
containers:
- name: webapp
image: app/webapp
ports:
- containerPort: 8080
imagePullPolicy: always
env:
- name: CLIENT_ID
value: '123'
- name: HOST_URL
value: https://is.url
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cloudsql-credentials
key: db_pass
- name: cloudsql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.16
command:
- /cloud_sql_proxy
- -instances=demo-instance=tcp:3306
- -credential_file=/secrets/cloudsql/cred.json
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: disktype
operator: In
values:
- ssd
metadata:
labels:
app: test-app
company: kube
environment: dev
strategy:
type: Recreate
// Generate secret policy file
kubegen -k secret -d '{"version": "v1", "metadata": {"name": "test-app", "namespace": "dev", "resourceVersion": "123", "uid": "eiir-wkie"}, "type": "Opaque", "data": {"username": "YWRtaW4=", "password": "MWYyZDFlMmU2N2Rm"}}'
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
kubegen-1.0.5.tar.gz
(6.2 kB
view details)
File details
Details for the file kubegen-1.0.5.tar.gz.
File metadata
- Download URL: kubegen-1.0.5.tar.gz
- Upload date:
- Size: 6.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a28edb366617893c88eb9309fccb0bf34f43c9b8e64d57bece225d5bb47e33ad |
|
| MD5 | 573199fdca41329374f76aeab8030d4e |
|
| BLAKE2b-256 | 3e7db73b8e98ae85e9c9f8893f69eb14e56d9242e4b8483e55787aba642be507 |
