Simplify Kubernetes Resource Management with Sveltos, Carvel ytt and Flux

Managing Kubernetes add-ons can be a challenging task, especially when dealing with complex deployments and frequent configuration changes. In this article, we will explore how Sveltos and Carvel ytt can work together to simplify Kubernetes resource management. Sveltos is a powerful Kubernetes add-on management tool, while Carvel ytt is a templating and patching tool for YAML files. We will delve into the integration of Carvel ytt with Sveltos using the ytt controller, enabling seamless deployment and configuration management.

Introducing Sveltos

Sveltos is an open-source project tool that simplifies the process of managing and deploying add-ons to Kubernetes clusters. It provides a comprehensive solution for installing, configuring, and managing add-ons, making it easier to enhance the functionality and capabilities of Kubernetes.
Sveltos provides support for Helm charts, Kustomize, and resource YAMLs.

Kubernetes add-on management with Sveltos

To know more about Sveltos, this article delves into the management of Kubernetes add-ons using Sveltos. This other article focuses on deploying add-ons as a result of events.

An Overview of Carvel Ytt

Carvel ytt is a tool that is part of the Carvel suite. Its main purpose is to facilitate the generation and management of YAML files based on templates. With ytt, you can easily create and modify YAML files by leveraging templates and data values. This enables you to have a flexible and dynamic approach to configuration management within Kubernetes environments.
Unlike Helm and other similar templating tools that treat YAML templates purely as text templates, ytt takes advantage of the inherent language structure of YAML. This means that ytt understands the underlying structure of YAML configurations and utilizes comments to annotate those structures. As a result, ytt goes beyond traditional text templating and becomes a YAML structure-aware templating solution. This unique feature alleviates the need for developers to ensure the structural validity of their generated YAML configurations and makes the process of writing templates much more straightforward.

Integrating Carvel ytt with Sveltos via ytt Controller

Kubernetes add-on deployments with Flux, Ytt controller and Sveltos: Flux syncs with a repository containing ytt files. Ytt controller then invokes ytt to process those files and make the output available for Sveltos. Finally, Sveltos deploys the desired resources within the chosen managed Kubernetes clusters.

To harness the capabilities of Carvel ytt with Sveltos, we have developed the ytt controller. The ytt controller acts as a bridge between Sveltos and Carvel ytt, enabling the processing of ytt files and making the output accessible for Sveltos.

In order to utilize the ytt controller, a Kubernetes Custom Resource Definition (CRD) called YttSource was introduced. By creating instances of YttSource, you can specify the sources of ytt files through various options such as Flux Sources (GitRepository/OCIRepository/Bucket), ConfigMap, or Secret.

The integration process involves the following steps:

1) Install the Ytt controller

kubectl apply -f https://raw.githubusercontent.com/gianlucam76/ytt-controller/main/manifest/manifest.yaml

2) Using GitRepository¹ as a source:

apiVersion: extension.projectsveltos.io/v1alpha1
kind: YttSource
metadata:
  name: yttsource-flux
spec:
  namespace: flux-system
  name: flux-system
  kind: GitRepository
  path: ./deployment/

Flux is utilized to synchronize the ytt-examples GitHub repository, which contains the ytt files. The YttSource is instructing ytt controller to get ytt files from Flux GitRepository. The ytt controller automatically detects changes in the repository and invokes the ytt module to process the files. The resulting output is stored in the Status section of the YttSource instance.

3) Sveltos can then utilize its template feature to deploy the generated Kubernetes resources to the managed cluster.

apiVersion: config.projectsveltos.io/v1alpha1
kind: ClusterProfile
metadata:
  name: deploy-resources
spec:
  clusterSelector: env=fv
  templateResourceRefs:
  - resource:
      apiVersion: extension.projectsveltos.io/v1alpha1
      kind: YttSource
      name: yttsource-flux
      namespace: default
    identifier: YttSource
  policyRefs:
  - kind: ConfigMap
    name: info
    namespace: default
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: info
  namespace: default
  annotations:
    projectsveltos.io/template: "true"  # add annotation to indicate Sveltos content is a template
data:
  resource.yaml: |
    {{ (index .MgtmResources "YttSource").status.resources }}

Using sveltosctl we can display deployed resources:

kubectl exec -it -n projectsveltos sveltosctl-0 -- ./sveltosctl show addons 
+-------------------------------------+-----------------+-----------+----------------------+---------+-------------------------------+------------------+
|               CLUSTER               |  RESOURCE TYPE  | NAMESPACE |         NAME         | VERSION |             TIME              | CLUSTER PROFILES |
+-------------------------------------+-----------------+-----------+----------------------+---------+-------------------------------+------------------+
| default/sveltos-management-workload | :Service        | staging   | sample-app           | N/A     | 2023-05-22 08:00:28 -0700 PDT | deploy-resources |
| default/sveltos-management-workload | apps:Deployment | staging   | sample-app           | N/A     | 2023-05-22 08:00:28 -0700 PDT | deploy-resources |
| default/sveltos-management-workload | :Secret         | staging   | application-settings | N/A     | 2023-05-22 08:00:28 -0700 PDT | deploy-resources |
+-------------------------------------+-----------------+-----------+---

For detailed information on the ytt controller and its usage with ConfigMap/Secret, please refer to the Sveltos documentation. This documentation provides comprehensive insights into the ytt controller and offers guidance on integrating it with ConfigMap and Secret resources.

Conclusion

By integrating Carvel Ytt with Sveltos using the ytt controller, we can greatly simplify Kubernetes resource management. This powerful combination enables clean and efficient configuration management, seamless deployment of resources, and effortless synchronization of changes. Sveltos empowers DevOps teams to focus on their core tasks while providing a unified and intuitive interface for managing Kubernetes infrastructure effectively. Carvel Ytt enhances the deployment process by enabling declarative configuration management and ensuring consistency across deployments. Together, Sveltos and Carvel Ytt create a robust solution for managing Kubernetes resources with ease and efficiency.

0
Subscribe to my newsletter

Read articles from Gianluca Mardente directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Gianluca Mardente
Gianluca Mardente

I am a Principal Engineer at Cisco Systems. I am also an open-source enthusiast and maintainer. I’m currently working on projectsveltos Ask me about policy distribution, golang, Kubernetes, ginkgo/gomega, C++