Rundeck Kubernetes Plugin
This project provides integration between Rundeck and Kubernetes. This project contains a number of providers allowing job writers to use steps to call various API actions in Kubernetes.
Use cases:
- Create Kubernetes Deployments, Services and Jobs
- Run ad hoc command executions inside Kubernetes containers.
Requirements
These plugins require the python kubernetes SDK to be installed on the rundeck server.
For example, you can install it using pip install kubernetes
.
The Python Kubernetes API client requires version 11 of the library. You can confirm it with python -m pip list | grep kubernetes
.
Further information here: https://github.com/kubernetes-client/python.
Authentication for Tectonic Environments.
There is a pull request work for the kubernetes python SDK to support authenticating with the kubernetes API using OIDC (which is used by tectonic).
For now, you can install the kubernetes python SDK from this repo to have the OIDC support:
git clone --recursive https://github.com/ltamaster/python
cd python
python setup.py install
Build and Install
Run gradle build
to build the zip file. Then, copy the zip file to the $RDECK_BASE\libext
folder.
Authentication
By default, and if any authentication parameters are not set, the plugin will check the ~/.kube/config
file to get the authentication parameters.
Otherwise, you can set the following parameters:
- Kubernetes Config File Path: a custom path for the kubernetes config file
- Cluster URL: Kubernetes Cluster URL
- Kubernetes API Token: Token to connect to the kubernetes API
- Verify SSL: Enable/Disable the SSL verification
- SSL Certificate Path: SSL Certificate Path for SSL connections
Resource Model
This plugin allows getting the container pods from kubernetes as rundeck nodes.
-
Default attributes: List of key=value pairs, example: username=root
-
Custom Mapping: Custom mapping adding on the rundeck nodes, for example:
nodename.selector=default:Name,hostname.selector=default:pod_id
-
Tags: List of tags. You can add static and custom tags, for example:
tag.selector=default:image, tag.selector=default:status, kubernetes
-
Field Selector: Filter the list of pods using a response's API fields. For further information check SDK docs here. For example:
metadata.namespace=default
will show the pods of the default namespace. -
Just Running Pods?: Filter by running pods
This plugin generates a list of default
pod's attributes in order to reference them on the custom config parameters of the plugin (eg: default:status, default:image). The following list are the default available attributes:
default:pod_id: Pod ID,
default:host_id: Host ID,
default:started_at: started At,
default:name: Pod Name,
default:namespace: Pod namespace,
default:labels: Deployments labels,
default:image: Image,
default:status: Pod Status,
default:status_message: Pod Status message,
default:container_id: Container ID,
default:container_name: Container Name
For example, if you want to add a custom tag for the container's image name, use tag.selector=default:image
on the Tags
config attribute. Or if you want to define the hostname node attribute using the POD ID, use hostname.selector=default:pod_id
on the Custom Mapping
config attribute.
Node Executor
This plugin allows run commands/scripts to a container pod from rundeck.
Configurations:
- Shell: Shell used on the POD to run the command. Default value: /bin/bash
- Debug?: Write debug messages to stderr
File Copier
This plugin allows copy files from rundeck to a pod. For now just script and text files can be copied to a remote pod.
Configurations:
- Shell: Shell used on the POD to run the command. Default value: /bin/bash
- Debug?: Write debug messages to stderr
Workflow Steps
The following steps plugins allow you to deploy/un-deploy applications and run/re-run jobs on kubernetes. For example, you can create deployment, services, ingress, etc and update or delete those kubernetes resources.
Create / Update / Delete / Check / Wait a Deployment
These steps manage deployment resources, you can create, update or delete a deployment and check its status.
Also, you have a step to wait for a deployment to be ready when the deployment is created. These require that the deployment define a Readiness Probe
(further information here)
Create / Update / Delete Services
These steps manage services resources, you can create, update or delete a service.
Create / Delete / Re-run Jobs
These steps manage services resources, you can create or delete a Job.
Also, you can re-run jobs that are already created. Kubernetes doesn't allow re-run jobs, so what this step does is get the job definition, delete it, and creating it again.
Generic Steps
These steps provide a generic way to create/delete resources on kubernetes using a yaml script. The resources that this plugin allows creating are:
- Deployment
- Service
- Ingress
- Job
- StorageClass
- PersistentVolume
- PersistentVolumeClaim
- Secret