Hi Folks,
my company has used helm charts to deploy cloud services before. Operation and maintenance personnel generally reported that the writing of helm charts is too complicated, for example:
go templates
values.yaml is not flexible enough
all the k8s resources needed need to be displayed in templates folder
By browsing multiple helm-related articles, I found that many people do not recommend using helm for internal company business orchestration, but instead use helm to directly reference public charts, such as introducing a standard mysql, redis, etc. The orchestration of internal business still needs to consider simplicity, abstraction and multi-environment differentiation.
Recently, through the study of the kubevela and the definition of cloud native applications such as OAM, I feel this abstract patch approach is more acceptable, so I envision building a set of oamfile tools (the directory structure is similar to helmfile):
├─oamfile.yaml
├─environments
│ └─local.yaml
└─applications
└─app-a
└─application.yaml
# oamfile.yaml
environments:
local:
kubeContext: local-k3s
policies:
- environments/local.yaml
dev-cn-shanghai:
kubeContext: gke-dev
policies:
- environments/dev.yaml
applications:
- name: hearing-service
path: applications/app-a
- name: redis
url: "oci://ghcr.io/public/redis"
version: "7.0"
# environments/local.yaml
app-a:
policies:
- type: override
properties:
components:
- type: webservice
properties:
image: demo:v1
traits:
- type: scaler
properties:
replicas: 3
# appliactions/app-a/application.yaml
apiVersion:
kind: Application
metadata:
name: demo
spec:
components:
- name: demo
type: webservice
properties:
image: demo:v1
ports:
- name: http
port: 9898
expose: true
cpu: 2000m
memory: 100Mi
volumeMounts:
emptyDir:
- name: data
mountPath: /datacore.oam.dev/v1beta1
Tools like kustomize, it patch resources by jsonPatch which is often very redundant and requires users to clearly understand the Kubernetes resource API. This is not the case with separation of concerns like oamfile. We will abstract out the most commonly used patches, such as set replicas, set volume mounts etc. Unexpected patches will be degraded to jsonpatch.
I'd like to hear your opinions on this idea, or on tools like helm, kustomize, kubevela, etc.