/AutoKube

A service for managing kubernetes configuration automatically

Primary LanguageShellMIT LicenseMIT

AutoKube

Automatically apply configuration based on deployments.

This project uses consul-template to generate configuration and invoke the Kubernetes update.

AutoKube talks to consul, ideally this will be a local agent.

AutoKube talks to the Kubernetes API server via kubectl using basic username/password authentication.

  • CONSUL_HTTP_ADDR (optional)
  • CONSUL_HTTP_TOKEN
  • NAMESPACE

Running in kubernetes

Autokube is designed to run within Kubernetes, for this to work the following service account needs to be set up with the given roles.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: autokube
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    k8s-app: autokube
  name: autokube
rules:
  - apiGroups: [ "*" ]
    resources: [ "virtualservices", "destinationrules" ]
    verbs: [ "get", "list", "watch", "create", "update", "patch", "delete" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: autokube
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: autokube
subjects:
  - kind: ServiceAccount
    name: autokube
    namespace: platform
---

Testing

Testing done by injecting test data into a consul server running locally and then generating the templates from that, asserting against expected output files.

Test data

Test data is injected into the consul server at start up from test/data/consul.json. This is a json representation of the consul structure where the "value" is base64 encoded. This is the consul export format and is imported using the consul import command.

Test data is loaded before all tests, therefore is available for all tests.

Note that the consul service may not be terminated between runs and therefore may contain out of date test data, particularly if data is removed from consul.json.

Test Namespaces

Tests are run against a namespace, as this is how the tool is expected to be run.

A namespace is used to look up global configuration.

To add a new namespace create an directory in "test/expected_outputs" with the name of the new namespace and copy this line, replacing "saturn-green" with the the new namespace:

runTestsFor "saturn-green" && RESULT=1

You will need to add appropriate test data to the test data file.

Expected outputs

Tests are run against a namespace, the consul template output is asserted against the files in test/expected_outputs.

Running tests

$ make test

If a test fails, a diff between the expected output file and the file generated by consul template is shown.