Skiperator is an operator intended to make the setup of applications simple from
the users' point of view. When using the operator an application developer can
set up all associated resources for an optimal deployment using a simple custom
resource called Application.
- The Dockerfile must build an image where the user ID is set to
150as this UID is hard coded in Skiperator
Below you will find a list of all accepted input parameters to the Application
custom resource.
To see explanations and requirements for all inputs, see the documentation under the API documentation.
apiVersion: skiperator.kartverket.no/v1alpha1 kind: Application metadata: name: teamname-frontend namespace: yournamespace spec: # Required, everything beyond image and port is optional image: "kartverket/example" port: 8080 priority: medium additionalPorts: - name: metrics-port port: 8181 protocol: TCP - name: another-port port: 8282 protocol: TCP command: - node - ./server.js ingresses: - testapp.dev.skip.statkart.no replicas: 2 # or replicas: min: 2 max: 5 targetCpuUtilization: 80 gcp: auth: serviceAccount: some-serviceaccount@some-project-id.iam.gserviceaccount.com env: - name: ENV value: PRODUCTION - name: USERNAME valueFrom: configMapKeyRef: name: some-configmap key: username - name: PASSWORD valueFrom: secretKeyRef: name: some-secret key: password envFrom: - configMap: some-configmap - secret: some-secret filesFrom: - emptyDir: temp-dir mountPath: /tmp - configMap: some-configmap mountPath: /var/run/configmap - secret: some-secret mountPath: /var/run/secret - persistentVolumeClaim: some-pvc mountPath: /var/run/volume strategy: type: RollingUpdate liveness: path: "/" port: 8080 failureThreshold: 3 timeout: 1 initialDelay: 0 readiness: # Readiness has the same options as liveness path: .. startup: # Startup has the same options as liveness path: .. labels: someLabel: some-label resourceLabels: Deployment: labelKey: A value for the label Service: labelKeyOne: A value for the one label labelKeyTwo: A value for the two label prometheus: port: 8181 path: "/metrics" authorizationSettings: allowAll: false allowList: - "/actuator/health" - "/actuator/info" resources: limits: cpu: 1000m # Avoid using this memory: 1G requests: cpu: 25m memory: 250M enablePDB: true # Note: If replicas is set to 0, a PodDisruptionBudget will not be created, regardless of the value of enablePDB. accessPolicy: inbound: # The rules list specifies a list of applications. When no namespace is # specified it refers to an app in the current namespace. For apps in # other namespaces, namespace is required. Alternately you can define # namespacesByLabel as a value-map of namespace labels. If both # namespace and namespacesByLabel are defined for an application, # namespacesByLabel is ignored rules: - application: other-app - application: third-app namespace: other-namespace - application: fourth-app namespacesByLabel: somelabel: somevalue anotherlabel: anothervalue # outbound specifies egress rules. Which apps on the cluster and the # internet are the Application allowed to send requests to? Alternately # you can define namespacesByLabel as a value-map of namespace labels. # If both namespace and namespacesByLabel are defined for an application, # namespacesByLabel is ignored outbound: rules: - application: some-app namespacesByLabel: somelabel: somevalue - application: other-app external: - host: nrk.no - host: smtp.mailgrid.com ip: "123.123.123.123" ports: - name: smtp protocol: TCP port: 587 # podSettings are used to apply specific settings to the Pod Template used by Skiperator to create Deployments. podSettings: annotations: some-annotation: some-value terminationGracePeriodSeconds: 30 disablePodSpreadTopologyConstraints: false # istioSettings are used to configure istio specific resources. Currently, adjusting sampling interval for tracing is # the only supported option. istioSettings: telemetry: tracing: - randomSamplingPercentage: 10
Below you will find a list of all accepted input parameters to the SKIPJob
custom resource. Only types are shown here. The fields are documented in the API, see the API
apiVersion: skiperator.kartverket.no/v1alpha1 kind: SKIPJob metadata: namespace: sample name: sample-job spec: cron: schedule: "* * * * *" suspend: false startingDeadlineSeconds: 10 job: activeDeadlineSeconds: 10 backoffLimit: 10 suspend: false ttlSecondsAfterFinished: prometheus: path: /metrics port: 8080 container: # Pod image: "" command: - "" resources: requests: cpu: 10m memory: 128Mi limits: memory: 256Mi # Networking accessPolicy: inbound: rules: - application: "" namespace: "" outbound: external: - host: "" ip: "" ports: - name: "" port: 10 protocol: "" additionalPorts: - name: "" port: 10 protocol: "" # Volumes / environment env: - name: "" value: "" envFrom: - configMap: "" - secret: "" filesFrom: - mountPath: "" # + one of: secret: "" configMap: "" emptyDir: "" persistentVolumeClaim: "" gcp: auth: serviceAccount: "" # Probes startup: path: "" port: 0 failureThreshold: 0 initialDelay: 0 period: 0 successThreshold: 0 timeout: 0 # Same as startup liveness: ... readiness: ... # Miscellaneous priority: "" restartPolicy: ""
Routing is a separate custom resource that can be used to set up path-based routing for a Skiperator application. Use this
instead of the ingresses field in the Application custom resource. The routes are processed in order, so the last
route should be a catch-all route. This will only work for applications in the same namespace as the Routing resource.
Below you will find a list of all accepted input parameters to the Routing
custom resource. Only types are shown here. The fields are documented in the API, see the API
apiVersion: skiperator.kartverket.no/v1alpha1 kind: Routing metadata: name: sample-routing namespace: sample spec: hostname: app.example.com routes: - pathPrefix: /api rewriteUri: true targetApp: backend-app - pathPrefix: / rewriteUri: false targetApp: frontend-app
See CONTRIBUTING.md for information on how to develop the Skiperator.