Home > Enterprise >  Extend kustomize image transformer for new types
Extend kustomize image transformer for new types

Time:04-21

Is there a way to extend the kustomize image transformer to recognise more keys as image specifiers? Like the nameReference transformer does for the namePrefix and nameSuffix transformers.

The Kustomize images: transformer is very useful for image replacement and registry renaming in k8s manifests.

But it only supports types that embed PodTemplate and maybe some hardcoded types. CRDs that don't use PodTemplate are not handled despite them being very common. Examples include the kube-prometheus Prometheus and AlertManager resources and the opentelemetry-operator OpenTelemetryCollector resource.

As a result you land up having to maintain a bunch of messy strategic merge or json patches to prefix such images with a trusted registry or the like.

Here's an example of the problem as things stand. Say I have to deploy everything prefixed with mytrusted.registry with an images: transformer list. For the sake of brevity here I'll use a dummy one that replaces all matched images with MATCHED, so I don't have to list them all:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - "https://github.com/prometheus-operator/kube-prometheus"
images:
  - name: "(.*)"
    newName: "MATCHED"
    newTag: "fake"

You'd expect the only images in the result to be "MATCHED:fake", but in reality:

$ kustomize build  | grep 'image: .*' | sort | uniq -c
     12         image: MATCHED:fake
      1   image: quay.io/prometheus/alertmanager:v0.24.0
      1   image: quay.io/prometheus/prometheus:v2.34.0

the images in the kind: Prometheus and kind: AlertManager resources don't get matched because they are not a PodTemplate.

You have to write a custom patch for these, which creates mess like this kustomization.yaml content:

patches:
  - path: prometheus_image.yaml
    target:
      kind: Prometheus
  - path: alertmanager_image.yaml
    target:
      kind: Alertmanager

with prometheus_image.yaml:

apiVersion: monitoring.coreos.com/v1
kind: Prometheus
metadata:
      name: ignored
spec:
      image: "MATCHED:fake"

and alertmanager_image.yaml:

apiVersion: monitoring.coreos.com/v1
kind: Alertmanager
metadata:
      name: ignored
spec:
      image: "MATCHED:fake"

which is IMO ghastly.

What I want to be able to do is tell Kustomize's image transformer about it, like it can be extended with custom configmap generators, etc, like the following unsupported and imaginary pseudocode modeled on the existing nameReference transformer

imageReference:
  - kind: Prometheus
    fieldSpecs:
      - spec/image

CodePudding user response:

Just after writing this up I finally stumbled on the answer: Kustomize does support image transformer configs.

The correct way to express the above would be a image_transformer_config.yaml file containing:

images:
  - path: spec/image
    kind: Prometheus
  - path: spec/image
    kind: Alertmanager

and a kustomization.yaml entry referencing it, like

configurations:
  - image_transformer_config.yaml

This appears to work fine when imported as a Component too.

It's even pointed out by the transformer docs so I'm going to blame this one on being blind.

Page link:https//www.codepudding.com/Enterprise/379824.html

Prev:Kubernetes Cluster - Containers do not restart after reboot
Next:How to uninstall complete NVM in windows
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding