kubekick v1.0.0
kubekick
A companion tool for doing deployments with Kubernetes.
One-off tasks
Applications often have tasks that need to be run before the deployment rolls out. Probably the most common example is running database migrations.
Secrets
Secrets are a tricky thing to manage. Kubekick takes away the headache. Just create a secrets.ejson
file, which is just a JSON file with encrypted values. Kubekick can deploy these encrypted secrets for you.
Templating
It would be really nice if this was part of Kubernetes, but it isn't. So, Kubekick can read a template and inject some variables.
Installation
Kubekick expects you to have kubectl
installed.
If you're on macOS, you can install kubekick
with Homebrew:
$ brew tap rzane/kubekick
$ brew install kubekick
Alternatively, you can install a pre-built binary from the releases page.
Usage
One-off-tasks
Create a kubernetes pod template with restartPolicy: Never
:
apiVersion: v1
kind: Pod
metadata:
name: example
spec:
restartPolicy: Never
activeDeadlineSeconds: 10
containers:
- name: example
image: alpine:3.6
command: ["sleep", "5"]
Now, simply run it:
$ kubekick run -f path/to/file.yaml
When you run it, kubekick
will assign a unique name to the pod, so that it won't conflict with others.
Here's the output you'd see:
pod "example-4e32ae20-7f3e-4b0f-b731-213797d0024d" pending
pod "example-4e32ae20-7f3e-4b0f-b731-213797d0024d" running
pod "example-4e32ae20-7f3e-4b0f-b731-213797d0024d" succeeded
pod "example-4e32ae20-7f3e-4b0f-b731-213797d0024d" deleted
Secrets
First, you need to generate a keypair. Running this command will store the keypair as a secret in your Kubernetes cluster.
$ kubekick secrets provision
secret "ejson-keys" created
public key: 2fbd6f1978d14fcc9df3a463e0718a22f0023ae8aaaa0be5c28118c99e31ec64
secret key: e600285996f56db39a858e3f49a4f785b1c4ad7db455f935f822b02f226574e0
Next, create a file named secrets.ejson
:
{
"_public_key": "YOUR_PUBLIC_KEY",
"kubernetes_secrets": {
"secrets": {
"_type": "Opaque",
"data": {
"api-token": "blah blah blah"
}
}
}
}
Encrypt the values:
$ kubekick secrets encrypt --replace -f path/to/secrets.ejson
Now you can deploy them:
$ kubekick secrets deploy -f path/to/secrets.ejson
You can safely commit the secrets.ejson
file. You might also want to consider backing up your keypair somewhere.
Templating
There are certainly more powerful templating tools than Kubekick, but it should get the job done for simple cases. Templating is done with mustache.
Given a file:
This is a template, and this {{ value }} will be replaced.
Now, you can render that template:
$ kubekick template -f path/to/file.txt value=PARTY
This command will output:
This is a template, and this PARTY will be replaced.
This feature is particularly useful when combined with other commands:
$ kubekick template -f path/to/file.yaml image=alpine:3.6 | kubekick run -f -
Developing
Install requirements:
$ brew install crystal-lang libsodium
Run tests:
$ crystal spec
Contributing
- Fork it
- Create your feature branch (git checkout -b my-new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin my-new-feature)
- Create a new Pull Request
Tribute
Kubekick is pretty much a blatant ripoff of kubernetes-deploy. If you find yourself needing a more fully featured tool, you should use it.
I built Kubekick because:
- I thought it would be nice to have pre-compiled binaries.
- I wanted to use Crystal.
- I felt that
kubernetes-deploy
was doing more than I needed.
kubekick
- 0
- 0
- 0
- 0
- 4
- over 6 years ago
- March 23, 2018
MIT License
Thu, 21 Nov 2024 03:29:51 GMT