This controller is used to fill the gap in k8s-config-connector (KCC) and AWS Controllers for Kubernetes (ACK) for exporting values from managed resources into Secrets and ConfigMaps.
The controller discovers available API resources within the following supported API groups.
alloydb.cnrm.cloud.google.comiam.cnrm.cloud.google.comredis.cnrm.cloud.google.comsql.cnrm.cloud.google.comstorage.cnrm.cloud.google.com
Here is an example of exporting fields from a KCC RedisInstance to a ConfigMap.
apiVersion: gdp.deliveryhero.io/v1alpha1
kind: ResourceFieldExport
metadata:
name: myapp-redis
spec:
from:
apiVersion: redis.cnrm.cloud.google.com/v1beta1
kind: RedisInstance
name: myapp-redis
outputs:
- key: endpoint
path: .status.host
- key: port
path: .status.port
requiredFields:
statusConditions:
- status: "True"
type: Ready
to:
name: myapp-redis-config
type: ConfigMapWhich will update a ConfigMap with data that can be used to add environment variables to your Kubernetes pod:
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
endpoint: 10.111.1.3
port: 6379The controller can also update a Secret.
rds.services.k8s.awsdynamodb.services.k8s.awselasticache.services.k8s.aws (for Redis)
For ACK resources, it is recommended to wait for the resource to be synced before exporting fields. This can be achieved by requiring the ACK.ResourceSynced condition to be True.
Here is an example of exporting the endpoint from an rds.services.k8s.aws DBCluster into a Secret:
apiVersion: gdp.deliveryhero.io/v1alpha1
kind: ResourceFieldExport
metadata:
name: myapp-db-aws
spec:
from:
apiVersion: rds.services.k8s.aws/v1alpha1
kind: DBCluster
name: myapp-db-aws
outputs:
- key: endpoint
path: .status.endpoint
- key: reader-endpoint
path: .status.readerEndpoint
requiredFields:
statusConditions:
- status: "True"
type: ACK.ResourceSynced
to:
name: myapp-db-aws-output
type: SecretThe controller will create or update a Secret with the exported data. The values will be base64 encoded as is standard for Secrets. This can then be consumed by your pods. As shown in the KCC example, the controller can also write to a ConfigMap.
You’ll need a Kubernetes cluster to run against. You can use KIND to get a local cluster for testing, or run against a remote cluster.
Note: Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster kubectl cluster-info shows).
Follow chart doc to install Field Exporter with CRDs
- Install Instances of Custom Resources:
kubectl apply -k config/samples/- Build and push your image to the location specified by
IMG:
make docker-build docker-push IMG=<some-registry>/field-exporter:tag- Deploy the controller to the cluster with the image specified by
IMG:
make deploy IMG=<some-registry>/field-exporter:tagTo delete the CRDs from the cluster:
make uninstallUnDeploy the controller from the cluster:
make undeployThis project aims to follow the Kubernetes Operator pattern.
It uses Controllers, which provide a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster.
- Install the CRDs into the cluster:
make install- Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running):
make runNOTE: You can also run this in one step by running: make install run
If you are editing the API definitions, generate the manifests such as CRs or CRDs using:
make manifestsNOTE: Run make --help for more information on all potential make targets
More information can be found via the Kubebuilder Documentation
To contribute, please read our contributing docs.
Copyright © 2023 Delivery Hero SE
Contents of this repository is licensed under the Apache-2.0 License.