With previous releases of Tanzu Kubernetes Grid (TKG), if you needed to apply special OS customizations that were applied to the deployed Control Plane and Worker Node VMs, such as injecting commands to handle network proxy or dealing with insecure container registry, your only option was to hand edit the default TKG Dev/Prod YAML templates. Not only was this error prone but because the templates can change from each release, it was difficult to manage and test until you attempted a deployment.
One of the newest features with the release of TKG 1.2 is official support for customizing the Kubernetes (K8s) Cluster Templates Plans using YTT (YAML Templating Tooling) which allows users to provide custom data that can then be patched/overlay to an existing YAML file. YTT itself is part of a larger toolset for building, creating and configuring deployments for K8s called Carvel. The Domain Specific Language (DSL) that YTT uses was not exactly intuitive but since the official TKG documentation had an example to start with, I was able to mostly figure my way through along with some tips from the #carvel Slack channel.
So what was I trying to do? I was working on updating my TKG Demo Appliance Fling to the latest 1.2 release and part of the setup required adding an entry to /etc/hosts file on all TKG VMs that are deployed. Instead of directly messing with the YAML templates, there is now a new "overlay" YAML file in ~/.tkg/providers/infrastructure-vsphere/ytt/vsphere-overlay.yaml which can be used to make such changes.
The default example only demonstrates how to add a command into preKubeadmCommands which only affects the Control Plane VMs as it targets the KubeadmControlPlane kind as shown below:
#@ load("@ytt:overlay", "overlay")
#@overlay/match by=overlay.subset({"kind":"KubeadmControlPlane"})
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
kind: KubeadmControlPlane
spec:
kubeadmConfigSpec:
preKubeadmCommands:
#! Add nameserver to all k8s nodes
#@overlay/append
- echo "192.168.2.2 registry.rainpole.io" >> /etc/hosts
For the change to apply to both the Control Plane and Worker Node VMs, the following would need to be used:
#@ load("@ytt:overlay", "overlay")
#@overlay/match by=overlay.subset({"kind":"KubeadmControlPlane"})
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
kind: KubeadmControlPlane
spec:
kubeadmConfigSpec:
preKubeadmCommands:
#! Add nameserver to all k8s nodes
#@overlay/append
- echo "192.168.2.2 registry.rainpole.io" >> /etc/hosts
#@overlay/match by=overlay.subset({"kind":"KubeadmConfigTemplate"})
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
kind: KubeadmConfigTemplate
spec:
template:
spec:
preKubeadmCommands:
#! Add nameserver to all k8s nodes
#@overlay/append
- echo "192.168.2.2 registry.rainpole.io" >> /etc/hosts
The way that you figure out the spec is by looking at the original Dev/Prod YAML to figure which you wish to replace and/or overlay and append. It took a few tries until this had clicked for me and not messing up on the indentation. As of writing this, there is no online YTT linter which you can run it through for syntax validation, so I had to wait to see if TKG complained and/or verified the results to see if the changes did what I want.
Thanks for the comment!