Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

An ECD Patch is meant to provide a flexible option to define and provision Kubernetes objects that suit your system architecture, or to tailor the ECD to their preferred flavor.

...

Note!

An ECD Patch is NOT the same as using the kubectl patch command. Although they are conceptually similar, they do not necessarily behave in the same way.

Introduction

The ECD patch functionality enables you to add, change, and remove certain fields and functionality that might not be supported directly in the ECD specification, from the different Kubernetes objects created by the Operator through the ECD specification. The patch and patchType fields are part of the ECD CRD structure.

...

Code Block
apiVersion: mz.digitalroute.com/v1alpha1
kind: ECDeployment
metadata:
  ...
spec:
  ...
  ingress:
    patchType: "application/json-patch+json"
    patch: |
      - op: replace
        path: /metadata/annotations/Kubernetes.io~1ingress.class
        value: istio 

Merge Patch

...

Changing an item in a list

In order to change an item in a list you can do this conveniently with JSON Patch. In the example below we change the service port from 1234 to 1235. The zero in the path (/spec/ports/0/port) specifies that the first item in the list should be changed.

...

Merge Patch

As defined in RFC7386, a Merge Patch is a partial representation of the resource. The submitted JSON is "merged" with the current resource to create a new one, then the new one is saved. For more details on how to use Merge Patch, see the RFC.

...

In this ECD Services, port 9092 is already defined. Using Strategic Merge Patch, you can add two more ports 9093 and 9094. If you want were to change the type from a Strategic Merge Patch to a Merge Patch in this case, port 9092 would have been removed after the patch.

Code Block
services:
    - spec:
        type: ClusterIP
        ports:
          - port: 9092
            protocol: TCP
            targetPort: 9092
      ...
      ...
      patchType: "application/strategic-merge-patch+json"
      patch: |
        spec:
          ports:
            - name: "port-1"
              port: 9093
              protocol: TCP
              targetPort: 9093
            - name: "port-2"
              port: 9094
              protocol: UDP
              targetPort: 9094
          ...

Here is an example changing multiple (sub-)paths in the same deployment/pod patch (also using Strategic Merge Patch):

Code Block
patchType: "application/strategic-merge-patch+json"
  patch: |
    spec:
      template:
        spec:
          hostAliases:
          - ip: 34.88.208.176
            hostnames:
            - "client"
            - "client-simulator"
          - ip: 35.228.46.60
            hostnames:
            - "proxy"
            - "proxy2"
          containers:
          - name: ec1
    targetPort: 9093        resources:
    - name: "port-2"        limits:
      port: 9094         memory: 1536Mi
    protocol: UDP         requests:
     targetPort: 9094          memory: ...1024Mi

Samples

Below are samples that can help you get started with an ECD patch. The “Before” section is based on the ECD, which is the definition file for the desired state. while the “After” section is based on the conversion and logic processing done by Operator - which is the actual objects provisioning yaml to be applied to the cluster. As you can see, there are several objects that will be provisioned and handled by the Operator itself.

...

Before ECD Patch

After ECD Patch

k kubectl apply -f file.yaml

Code Block
apiVersion: mz.digitalroute.com/v1alpha1
kind: ECDeployment
metadata:
  name: ecd-test-rolling-strategy
spec:
  enabled: true
  patchType: "application/strategic-merge-patch+json"
  patch: |
    spec:
      strategy:
        type: Recreate
  image: dtr.digitalroute.com/dr/mz10:10.1.0.0-dev-20200813052033.a224284-ec
  workflows:
  - template: Default.http2
    instances:
      - name: server-1
        parameters: |
          {
            "port": 8989
          }

k kubectl get deploy ecd-test-rolling-strategy -o yaml

Code Block
apiVersion: apps/v1
kind: Deployment
metadata:
  ...
  ...
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: ecd-test-rolling-strategy
  strategy:
    type: Recreate
  template:
    ...
    ...

...

In the example below, with a 3 node implementation of a Kubernetes cluster, 2 nodes are tainted color=blue and 1 node is tainted color=red. The test is to add toleration to ECD so that it will get deployed into node tainted with color=red.

Code Block
$ kkubectl taint nodes kl-kube-node01.digitalroute.com kl-kube-node02.digitalroute.com color=blue:NoSchedule
node/kl-kube-node01.digitalroute.com tainted
node/kl-kube-node02.digitalroute.com tainted
$kubectl k taint nodes kl-kube-node03.digitalroute.com color=red:NoSchedule
node/kl-kube-node03.digitalroute.com tainted

...

Before ECD Patch

After ECD Patch

k kubectl apply -f file.yaml

Code Block
apiVersion: mz.digitalroute.com/v1alpha1
kind: ECDeployment
metadata:
  name: ecd-test-tolerations
spec:
  enabled: true
  patchType: "application/strategic-merge-patch+json"
  patch: |
    spec:                                 # Spec for Deployment
      template:                           # Template for Pods
        spec:                             # Spec for Pods
          tolerations:                    # Toleration added to each Pod
          - key: "color"
            value: "red"                  
            operator: "Equal"
            effect: "NoSchedule"
  image: dtr.digitalroute.com/dr/mz10:10.1.0.0-dev-20200813052033.a224284-ec
  workflows:
  - template: Default.http2
    instances:
      - name: server-1
        parameters: |
          {
            "port": 8989
          }

k kubectl get pods ecd-test-tolerations-5d646c45cd-g9x8n -o wide

Code Block
NAME                                    READY   STATUS    RESTARTS   AGE   IP            NODE                              NOMINATED NODE   READINESS GATES
ecd-test-tolerations-5d646c45cd-g9x8n   1/1     Running   0          80s   10.244.2.10   kl-kube-node03.digitalroute.com   <none>           <none>

 

k kubectl describe pods ecd-test-tolerations-5d646c45cd-g9x8n| grep -i toleration

Code Block
Name:         ecd-test-tolerations-5d646c45cd-g9x8n
Labels:       ECDeployment=ecd-test-tolerations
              app=ecd-test-tolerations
Controlled By:  ReplicaSet/ecd-test-tolerations-5d646c45cd
  ecd-test-tolerations:
Tolerations:     color=red:NoSchedule
  Normal   Scheduled  5m21s  default-scheduler                         Successfully assigned castle-black/ecd-test-tolerations-5d646c45cd-g9x8n to kl-kube-node03.digitalroute.com
  Normal   Created    5m21s  kubelet, kl-kube-node03.digitalroute.com  Created container ecd-test-tolerations
  Normal   Started    5m20s  kubelet, kl-kube-node03.digitalroute.com  Started container ecd-test-tolerations

...

Before ECD Patch

After ECD Patch

k kubectl apply -f file.yaml

Code Block
apiVersion: mz.digitalroute.com/v1alpha1
kind: ECDeployment
metadata:
  name: ecd-test-2
spec:
  enabled: true
  patchType: "application/strategic-merge-patch+json"
  patch: |
    spec:  
      template:              
        spec:     
          containers:
          - name: ecd-test-2
            env:
            - name: ENV 
              value: dev
  image: dtr.digitalroute.com/dr/mz10:10.1.0.0-dev-20200813052033.a224284-ec
  workflows:
  - template: Default.http2
    instances:
      - name: server-1
        parameters: |
          {
            "port": 8989
          }

kex kubectl exec ecd-test-2-7487469546-s77xx bash -- /bin/bash printenv | grep ENV

Code Block
ENV=dev

 

k kubectl describe pods ecd-test-2-7487469546-s77xx

Code Block
Name:         ecd-test-2-7487469546-s77xx
Namespace:    castle-black
Priority:     0
Node:         kl-kube-node03.digitalroute.com/10.60.10.143
Start Time:   Tue, 25 Aug 2020 17:05:04 +0800
Labels:       ECDeployment=ecd-test-2
              app=ecd-test-2
              pod-template-hash=7487469546
Annotations:  Status:  Running
IP:           10.244.2.14
IPs:
  IP:           10.244.2.14
Controlled By:  ReplicaSet/ecd-test-2-7487469546
Containers:
  ecd-test-2:
    Container ID:  docker://a07de37d1cfff80b7ce240d7a6d3821cea393a49b58f8a9f43f97a229efd236f
    Image:         dtr.digitalroute.com/dr/mz10:10.1.0.0-dev-20200813052033.a224284-ec
    Image ID:      docker-pullable://dtr.digitalroute.com/dr/mz10@sha256:6e5efb5bb8e526679d2e0878f5cf69011d0f8724be1dc90f26e631f33afe8227
    Port:          <none>
    Host Port:     <none>
    Command:
      /opt/mz/entrypoint/docker-entrypoint.sh
    Args:
      -e accepts.any.scheduling.criteria=false
    State:          Running
      Started:      Tue, 25 Aug 2020 17:05:05 +0800
    Ready:          True
    Restart Count:  0
    Liveness:       http-get http://:9090/health/live delay=90s timeout=10s period=15s #success=1 #failure=3
    Readiness:      http-get http://:9090/health/ready delay=0s timeout=1s period=5s #success=1 #failure=60
    Environment:
      ENV:  dev
      TZ:   UTC

...

Before ECD Patch

After ECD Patch

k kubectl apply -f file.yaml

Code Block
apiVersion: mz.digitalroute.com/v1alpha1
kind: ECDeployment
metadata:
  name: ecd-test-2
spec:
  enabled: true
  patchType: "application/strategic-merge-patch+json"
  patch: |
    spec:  
      template:              
        spec:     
          containers:
          - name: ecd-test-2
            volumeMounts:
            - mountPath: /cdr_volume
              name: cdr-volume
              $patch: delete
          volumes:
          - name: cdr-volume
            emptyDir: {}
            $patch: delete
  image: dtr.digitalroute.com/dr/mz10:10.2.0-xe-2080-bugfix-latest-ec
  workflows:
  - template: Default.http2
    instances:
      - name: server-1
        parameters: |
          {
            "port": 8989
          }

kg kubectl get pods ecd-test-2-678ccb76d6-s49ql -o yaml

Code Block
apiVersion: v1
kind: Pod
metadata:
  ...
  ...
  name: ecd-test-2-678ccb76d6-s49ql
  ...
  ...
spec:
  containers:
  - name: ecd-test-2
    ...
    ...
    volumeMounts:
    - mountPath: /etc/config/common
      name: common-config
    - mountPath: /var/run/secrets/Kubernetes.io/serviceaccount
      name: default-token-4dc54
      readOnly: true
  ...
  ...
  volumes:
  - configMap:
      defaultMode: 420
      name: common-config
    name: common-config
  - name: default-token-4dc54
    secret:
      defaultMode: 420
      secretName: default-token-4dc54
status:
  ...
  ...