Infrastructure as code with Kubernetes manifests¶

Infrastructure as code (IaC) with Kubernetes manifests involves defining and managing application deployments and infrastructure resources declaratively using YAML or JSON configuration files.^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md] In this context, the Kubernetes cluster acts as the IaaS (Infrastructure as a Service) layer, which, when combined with a unified runtime environment like Docker and supporting services such as monitoring and CI/CD tools, constitutes a PaaS (Platform as a Service) capability^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].

Core Concepts¶

In a Kubernetes-based IaC workflow, resources are defined as manifests (typically YAML files) that specify the desired state of the system^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md]. These manifests are applied to the cluster to create or update resources. This method allows for version control, peer review, and reproducible deployments.

Common Resources¶

Standard resources managed via manifests include: * Deployments: Define the desired state for application pods, including replica counts, container images, and update strategies^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md]. * Services: Expose applications as network services within or outside the cluster^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md]. * Ingress: Manages external access to services, typically via HTTP/HTTPS^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md]. * ConfigMaps & Secrets: Used to inject configuration data and sensitive information into pods^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md]. * Namespaces: Logical partitions within a cluster to isolate resources (e.g., test, prod, armory)^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].

Automated Deployment with CI/CD¶

While raw Kubernetes manifests provide the foundation, advanced IaC implementations integrate with Continuous Deployment (CD) platforms like Spinnaker to automate the release process^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].

Spinnaker Integration: Spinnaker can deploy Docker images created by Jenkins pipelines directly into a Kubernetes cluster^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md]. Instead of writing YAML manually, Spinnaker allows users to configure deployments via a graphical interface, which internally manages the Kubernetes manifests and deployment strategies^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].
Strategies: These platforms facilitate deployment strategies such as Rolling Update (gradually replacing instances) or Redeploy, ensuring zero downtime during releases^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].
Configuration Management: Automated systems often handle complex configurations like readiness probes (checking if a container is ready to accept traffic), resource limits, and persistent volume mounts^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].

Operational Aspects¶

Effective IaC with Kubernetes requires more than just application definitions; it necessitates a supporting infrastructure^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].

Storage: Integration with distributed storage clusters (e.g., NFS) to provide persistent volumes for applications^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].
Observability: Deployment of monitoring stacks (e.g., Prometheus) and logging aggregators (e.g., ELK stack) to track application health and performance^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].
Container Registry: Using a private registry (e.g., Harbor) to store Docker images, which are then referenced in the manifests^[400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md].

Sources¶

400-devops__06-Kubernetes__k8s-paas__08.spinaker部署与应用.md

Kubernetes
[[Docker]]
CI/CD
[[Spinnaker]]