kubernetes¶
Manage kubernetes resources as salt states¶
NOTE: This module requires the proper pillar values set. See salt.modules.kubernetesmod for more information.
Warning
Configuration options will change in 2019.2.0.
The kubernetes module is used to manage different kubernetes resources.
my-nginx:
kubernetes.deployment_present:
- namespace: default
metadata:
app: frontend
spec:
replicas: 1
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
my-mariadb:
kubernetes.deployment_absent:
- namespace: default
# kubernetes deployment as specified inside of
# a file containing the definition of the the
# deployment using the official kubernetes format
redis-master-deployment:
kubernetes.deployment_present:
- name: redis-master
- source: salt://k8s/redis-master-deployment.yml
require:
- pip: kubernetes-python-module
# kubernetes service as specified inside of
# a file containing the definition of the the
# service using the official kubernetes format
redis-master-service:
kubernetes.service_present:
- name: redis-master
- source: salt://k8s/redis-master-service.yml
require:
- kubernetes.deployment_present: redis-master
# kubernetes deployment as specified inside of
# a file containing the definition of the the
# deployment using the official kubernetes format
# plus some jinja directives
nginx-source-template:
kubernetes.deployment_present:
- source: salt://k8s/nginx.yml.jinja
- template: jinja
require:
- pip: kubernetes-python-module
# kubernetes deployment using a template with custom template_context variables
nginx-template-with-template_context:
kubernetes.deployment_present:
- name: nginx-template
- source: salt://k8s/nginx-template.yml.jinja
- template: jinja
- template_context:
replicas: 3
nginx_version: 1.19
environment: production
app_label: frontend
# kubernetes secret with template_context variables
cert-secret-with-template_context:
kubernetes.secret_present:
- name: tls-cert
- source: salt://k8s/tls-cert.yml.jinja
- template: jinja
- template_context:
cert_name: myapp.example.com
cert_data: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
- secret_type: kubernetes.io/tls
# Kubernetes secret
k8s-secret:
kubernetes.secret_present:
- name: top-secret
data:
key1: value1
key2: value2
key3: value3
Added in version 2017.7.0.
- saltext.kubernetes.states.kubernetes.__virtual__()[source]¶
Only load if the kubernetes module is available in __salt__
- saltext.kubernetes.states.kubernetes.deployment_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named deployment is absent from the given namespace.
- name
The name of the deployment
- namespace
The name of the namespace
- wait
Added in version 2.0.0.
If set to True, the function will wait until the deployment is deleted.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the deployment to
Example:
my-nginx: kubernetes.deployment_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.deployment_present(name, namespace='default', metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named deployment is present inside of the specified namespace with the given metadata and spec. If the deployment exists, it will be patched with the desired state.
- name
The name of the deployment.
- namespace
The namespace holding the deployment. The ‘default’ one is going to be used unless a different one is specified.
- metadata
The metadata of the deployment object.
- spec
The spec of the deployment object.
- source
A file containing the definition of the deployment (metadata and spec) in the official kubernetes format.
- template
Template engine to be used to render the source file.
- template_context
Added in version 2.0.0.
Variables to be passed into the template.
- wait
Added in version 2.0.0.
If set to True, the function will wait until the deployment is ready.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the deployment to be ready.
Example:
my-nginx: kubernetes.deployment_present: - namespace: default - metadata: app: frontend - spec: replicas: 1 template: metadata: labels: run: my-nginx spec: containers: - name: my-nginx image: nginx ports: - containerPort: 80
- saltext.kubernetes.states.kubernetes.statefulset_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named statefulset is absent from the given namespace.
- name
The name of the statefulset
- namespace
The name of the namespace
- wait
If set to True, the function will wait until the statefulset is deleted.
- timeout
The time in seconds to wait for the statefulset to be deleted.
Example:
my-statefulset: kubernetes.statefulset_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.statefulset_present(name, namespace='default', metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named statefulset is present inside of the specified namespace with the given metadata and spec. If the statefulset exists, it will be patched with the desired state.
- name
The name of the statefulset.
- namespace
The namespace holding the statefulset. The ‘default’ one is going to be used unless a different one is specified.
- metadata
The metadata of the statefulset object.
- spec
The spec of the statefulset object.
- source
A file containing the definition of the statefulset (metadata and spec) in the official kubernetes format.
- template
Template engine to be used to render the source file.
- template_context
Variables to be passed into the template.
- wait
If set to True, the function will wait until the statefulset is ready.
- timeout
The time in seconds to wait for the statefulset to be ready.
Example:
my-statefulset: kubernetes.statefulset_present: - namespace: default - metadata: app: myapp - spec: serviceName: my-service replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp image: myapp:latest ports: - containerPort: 8080
- saltext.kubernetes.states.kubernetes.replicaset_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named replicaset is absent from the given namespace.
- name
The name of the replicaset
- namespace
The namespace of the replicaset
- wait
Wait for replicaset to be deleted (default: False)
- timeout
Timeout in seconds to wait for replicaset deletion (default: 60)
CLI Example:
my-replicaset: kubernetes.replicaset_absent: namespace: default
- saltext.kubernetes.states.kubernetes.replicaset_present(name, namespace='default', metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named replicaset is present inside of the specified namespace with the given metadata and spec. If the replicaset exists, it will be patched with the desired state.
- name
The name of the replicaset
- namespace
The namespace of the replicaset
- metadata
A dictionary representing the metadata of the replicaset
- spec
A dictionary representing the spec of the replicaset
- source
File path to replicaset definition
- template
Template engine to use to render the source file
- saltenv
Salt environment to pull the source file from
- template_context
Variables to make available in templated files
- wait
Wait for replicaset to become ready (default: False)
- timeout
Timeout in seconds to wait for replicaset (default: 60)
CLI Example:
my-replicaset: kubernetes.replicaset_present: namespace: default metadata: labels: app: my-app spec: replicas: 3
- saltext.kubernetes.states.kubernetes.daemonset_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named daemonset is absent from the given namespace.
- name
The name of the daemonset
- namespace
The namespace of the daemonset
- wait
Wait for daemonset to be deleted (default: False)
- timeout
Timeout in seconds to wait for daemonset deletion (default: 60)
CLI Example:
my-daemonset: kubernetes.daemonset_absent: namespace: default
- saltext.kubernetes.states.kubernetes.daemonset_present(name, namespace='default', metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named daemonset is present inside of the specified namespace with the given metadata and spec. If the daemonset exists, it will be patched with the desired state.
- name
The name of the daemonset
- namespace
The namespace of the daemonset
- metadata
Metadata for the daemonset
- spec
Specification for the daemonset
- source
File path to daemonset definition
- template
Template engine to use to render the source file
- saltenv
Salt environment to pull the source file from
- template_context
Variables to make available in templated files
- wait
Wait for daemonset to become ready (default: False)
- timeout
Timeout in seconds to wait for daemonset (default: 60)
CLI Example:
my-daemonset: kubernetes.daemonset_present: namespace: default metadata: labels: app: my-daemonset spec: replicas: 3
- saltext.kubernetes.states.kubernetes.storageclass_absent(name, wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named storageclass is absent.
- name
The name of the storageclass
- wait
Wait for storageclass to be deleted (default: False)
- timeout
Timeout in seconds to wait for storageclass deletion (default: 60)
CLI Example:
my-storageclass: kubernetes.storageclass_absent:
- saltext.kubernetes.states.kubernetes.storageclass_present(name, metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Added in version 2.1.0.
Ensures that the named storageclass is present with the given metadata and spec. If the storageclass exists, it will be patched with the desired state.
- name
The name of the storageclass
- metadata
Metadata for the storageclass
- spec
Specification for the storageclass
- source
File path to storageclass definition
- template
Template engine to use to render the source file
- template_context
Variables to make available in templated files
- wait
Wait for storageclass to become ready (default: False)
- timeout
Timeout in seconds to wait for storageclass (default: 60)
CLI Example:
my-storageclass: kubernetes.storageclass_present: metadata: labels: app: my-storageclass spec: provisioner: kubernetes.io/no-provisioner
- saltext.kubernetes.states.kubernetes.service_present(name, namespace='default', metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named service is present inside of the specified namespace with the given metadata and spec. If the service exists, it will be patched with the desired state.
- name
The name of the service.
- namespace
The namespace holding the service. The ‘default’ one is going to be used unless a different one is specified.
- metadata
The metadata of the service object.
- spec
The spec of the service object.
- source
A file containing the definition of the service (metadata and spec) in the official kubernetes format.
- template
Template engine to be used to render the source file.
- template_context
Added in version 2.0.0.
Variables to be passed into the template.
- wait
Added in version 2.0.0.
If set to True, the function will wait until the service is created.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the service to be created.
Example:
my-service: kubernetes.service_present: - namespace: default - metadata: app: frontend - spec: ports: - port: 80 targetPort: 80 protocol: TCP selector: app: frontend
- saltext.kubernetes.states.kubernetes.service_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named service is absent from the given namespace.
- name
The name of the service
- namespace
The name of the namespace
- wait
Added in version 2.0.0.
If set to True, the function will wait until the service is deleted.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the service to be deleted.
Example:
my_service: kubernetes.service_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.namespace_absent(name, wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named namespace is absent.
- name
The name of the namespace
- wait
Added in version 2.0.0.
If set to True, the function will wait until the namespace is deleted.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the namespace to be deleted.
Example:
my_namespace: kubernetes.namespace_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.namespace_present(name, **kwargs)[source]¶
Ensures that the named namespace is present.
- name
The name of the namespace.
Example:
my_namespace: kubernetes.namespace_present: - namespace: default
- saltext.kubernetes.states.kubernetes.secret_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named secret is absent from the given namespace.
- name
The name of the secret
- namespace
The name of the namespace
- wait
Added in version 2.0.0.
If set to True, the function will wait until the secret is deleted.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the secret to be deleted.
Example:
my_secret: kubernetes.secret_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.secret_present(name, namespace='default', data=None, source=None, template=None, template_context=None, secret_type=None, metadata=None, wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named secret is present inside of the specified namespace with the given data. If the secret exists, it will be patched with the desired state.
- name
The name of the secret.
- namespace
The namespace holding the secret. The ‘default’ one is going to be used unless a different one is specified.
- data
The dictionary holding the secrets.
- source
A file containing the data of the secret in plain format.
- template
Template engine to be used to render the source file.
- template_context
Added in version 2.0.0.
Variables to be passed into the template.
- secret_type
Added in version 2.0.0.
The type of secret to create. Defaults to
Opaque.- metadata
Added in version 2.0.0.
The metadata to include in the secret (annotations, labels, etc).
- wait
Added in version 2.0.0.
If set to True, the function will wait until the secret is created.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the secret to be created.
Example:
my_secret: kubernetes.secret_present: - namespace: default - data: key1: value1 key2: value2 key3: value3
- saltext.kubernetes.states.kubernetes.configmap_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named configmap is absent from the given namespace.
- name
The name of the configmap
- namespace
The namespace holding the configmap. The ‘default’ one is going to be used unless a different one is specified.
- wait
Added in version 2.0.0.
If set to True, the function will wait until the configmap is deleted.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the configmap to be deleted.
Example:
my_configmap: kubernetes.configmap_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.configmap_present(name, namespace='default', data=None, source=None, template=None, template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named configmap is present inside of the specified namespace with the given data. If the configmap exists, it will be patched with the desired state.
- name
The name of the configmap.
- namespace
The namespace holding the configmap. The ‘default’ one is going to be used unless a different one is specified.
- data
The dictionary holding the configmaps.
- source
A file containing the data of the configmap in plain format.
Changed in version 2.0.0: The configmap definition must be a proper spec with the configmap data in the
datakey. In previous versions, the rendered output was used as the data directly.- template
Template engine to be used to render the source file.
- template_context
Added in version 2.0.0.
Variables to be passed into the template.
- wait
Added in version 2.0.0.
If set to True, the function will wait until the configmap is created.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the configmap to be created.
Example:
my_configmap: kubernetes.configmap_present: - namespace: default - data: key1: value1 key2: value2 key3: value3
- saltext.kubernetes.states.kubernetes.pod_absent(name, namespace='default', wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named pod is absent from the given namespace.
- name
The name of the pod
- namespace
The name of the namespace
- wait
Added in version 2.0.0.
If set to True, the function will wait until the pod is deleted.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the pod to be deleted.
Example:
my_pod: kubernetes.pod_absent: - namespace: default
- saltext.kubernetes.states.kubernetes.pod_present(name, namespace='default', metadata=None, spec=None, source='', template='', template_context=None, wait=False, timeout=60, **kwargs)[source]¶
Ensures that the named pod is present inside of the specified namespace with the given metadata and spec.
Note
Pods are immutable once created. If the pod already exists, this state will report success without changes. To update a pod, first remove it with
pod_absentand then recreate it. For managed workloads, consider usingdeployment_presentinstead.- name
The name of the pod.
- namespace
The namespace holding the pod. The ‘default’ one is going to be used unless a different one is specified.
- metadata
The metadata of the pod object.
- spec
The spec of the pod object.
- source
A file containing the definition of the pod (metadata and spec) in the official kubernetes format.
- template
Template engine to be used to render the source file.
- template_context
Added in version 2.0.0.
Variables to be passed into the template.
- wait
Added in version 2.0.0.
If set to True, the function will wait until the pod is created.
- timeout
Added in version 2.0.0.
The time in seconds to wait for the pod to be created.
Example:
my_pod: kubernetes.pod_present: - namespace: default - metadata: app: frontend - spec: containers: - name: my-nginx image: nginx ports: - containerPort: 80
- saltext.kubernetes.states.kubernetes.node_label_absent(name, node, **kwargs)[source]¶
Ensures that the named label is absent from the node.
- name
The name of the label
- node
The name of the node
Example:
my_label: kubernetes.node_label_absent: - node: node_name
- saltext.kubernetes.states.kubernetes.node_label_folder_absent(name, node, **kwargs)[source]¶
Ensures the label folder doesn’t exist on the specified node.
- name
The name of label folder
- node
The name of the node
Example:
my_label_folder: kubernetes.node_label_folder_absent: - node: node_name
- saltext.kubernetes.states.kubernetes.node_label_present(name, node, value, **kwargs)[source]¶
Ensures that the named label is set on the named node with the given value. If the label exists it will be replaced.
- name
The name of the label.
- value
Value of the label.
- node
Node to change.
Example:
my_label: kubernetes.node_label_present: - node: node_name - value: my_value