我的书签
添加书签
移除书签Patch in the Definitions
By default, KubeVela will merge patched values with CUE’s merge. However, CUE cannot handle conflicting fields currently.
For example, if replicas=5 has been set in a component instance, once there is another trait, attempting to patch the value of the replicas field, it will fail. So we recommend that you need to plan ahead and don’t use duplicate fields between components and traits.
But in some cases, we do need to deal with overwriting fields that have already been assigned a value. For example, when set up resources in multi-environments, we hope that the envs in different environments are different: i.e., the default env is MODE=PROD, and in the test environment, it needs to be modified to MODE=DEV DEBUG=true .
In this case, we can apply the following application:
After deploying the application, you can see that in the test namespace, the envs of the nginx application are as follows:
spec:containers:- env:- name: MODEvalue: test- name: DEBUGvalue: "true"
At the same time, in the prod namespace, the envs are as follows:
spec:containers:- env:- name: MODEvalue: prod
deploy-test will deploy nginx to the test namespace. At the same time, the env trait overwrite the same envs by using the patch strategy, thus adding MODE=test DEBUG=true in the test namespace, while the nginx in the prod namespace will retain the original MODE=prod env.
KubeVela provides a series of patching strategies to help resolve conflicting issues. When writing patch traits and workflow steps, you can use these patch strategies to solve conflicting values. Note that the patch strategy is not an official capability provided by CUE, but an extension developed by KubeVela.
For the usage of all patch strategies, please refer to .
This pattern is extremely useful when the component definition is provided by third-party component provider (e.g. software distributor) so app operators do not have privilege to change its template.
Below is an example for node-affinity trait:
In patch, we declare the component object fields that this trait will patch to.
The patch trait above assumes the target component instance have spec.template.spec.affinity field. Hence, we need to use appliesToWorkloads to enforce the trait only applies to those workload types have this field. Meanwhile, we use // +patchStrategy=retainKeys to override the conflict fields in the original component instance.
Another important field is podDisruptive, this patch trait will patch to the pod template field, so changes on any field of this trait will cause the pod to restart, We should add podDisruptive and make it to be true to tell users that applying this trait will cause the pod to restart.
Now the users could declare they want to add node affinity rules to the component instance as below:
apiVersion: core.oam.dev/v1beta1kind: Applicationmetadata:name: testappspec:components:- name: express-servertype: webserviceproperties:image: oamdev/testapp:v1traits:- type: "gateway"properties:domain: testsvc.example.comhttp:"/": 8000- type: "node-affinity"properties:server-owner: ["owner1","owner2"]resource-pool: ["pool1","pool2","pool3"]tolerations:resource-pool: "broken-pool1"server-owner: "old-owner"
Patch to traits
You can also patch to other traits by using patchOutputs in the Definition. Such as:
kind: TraitDefinitionmetadata:name: patch-annotationspec:schematic:cue:template: |patchOutputs: {ingress: {metadata: annotations: {"kubernetes.io/ingress.class": "istio"}}}
The patch trait above assumes that the component it binds has other traits which have ingress resource. The patch trait will patch an istio annotation to the ingress resource.
And the ingress resource is now like:
apiVersion: networking.k8s.io/v1beta1kind: Ingressmetadata:annotations:kubernetes.io/ingress.class: istioname: ingressspec:rules:spec:rules:- host: testsvc.example.comhttp:paths:- backend:service:name: express-serverport:number: 8000path: /pathType: ImplementationSpecific
Note: You need to put this kind of trait at the last place to patch for other traits.
You can even write a for-loop in patch trait, below is an example that can patch for all resources with specific annotation.
apiVersion: core.oam.dev/v1beta1kind: TraitDefinitionmetadata:name: patch-for-argospec:cue:patch: {metadata: annotations: {"argocd.argoproj.io/compare-options": "IgnoreExtraneous""argocd.argoproj.io/sync-options": "Prune=false"}}patchOutputs: {for k, v in context.outputs {"\(k)": {metadata: annotations: {"argocd.argoproj.io/compare-options": "IgnoreExtraneous""argocd.argoproj.io/sync-options": "Prune=false"}}}}
This example solved a .
When you use op.#ApplyComponent in a custom workflow step definition, you can patch component or traits in the patch field.
For example, when using Istio for canary release, you can add annotations of the release name to the component in patch: workload of op.#ApplyComponent; meanwhile, you can change the traffic and destination rule in patch: traits: <trait-name>.
Following is a real example of canary rollout in a custom workflow step:
After deploying the above definition, you can apply the following workflow to control the canary rollout:
...workflow:steps:- name: rollout-1st-batchtype: canary-rolloutproperties:batchPartition: 0traffic:weightedTargets:- revision: reviews-v1weight: 90- revision: reviews-v2weight: 10- name: manual-approvaltype: suspend- name: rollout-resttype: canary-rolloutproperties:batchPartition: 1traffic:weightedTargets:- revision: reviews-v2weight: 100
In the first and third steps, we declared different revisions and weight in traffic. In the step definition of canary-rollout, we will overwrite the revision and weight declared by the user through , so as to control the progressive rollout in the workflow.
