ksonnet

Streamline how you write and deploy Kubernetes configurations

read the tutorial

0.13.0

ksonnet 0.13.0 is now available

A CLI-supported framework for extensible Kubernetes configurations

Built on the JSON templating language Jsonnet, ksonnet provides an organizational structure and specialized features for managing configurations across different clusters and environments.

Reusable prototypes


Save time by minimizing duplicate code and concisely describe configurations with a built-in Jsonnet library for Kubernetes.

Customizable & scalable


Customize prototypes to meet your needs, and scale your application with a flexible framework.

Portable & shareable


  Seamlessly deploy across environments and share version controlled configurations across teams as the single source of truth.

Escape the wall of YAML

ksonnet provides a simple way to create and edit Kubernetes configuration files

--- apiVersion: v1 kind: ServiceAccount metadata: name: nginx-ingress-serviceaccount namespace: nginx-ingress --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role metadata: name: nginx-ingress-role namespace: nginx-ingress rules: - apiGroups: - "" resources: - configmaps - pods - secrets verbs: - get - apiGroups: - "" resourceNames: - ingress-controller-leader-nginx resources: - configmaps verbs: - get - update - apiGroups: - "" resources: - configmaps verbs: - create - apiGroups: - "" resources: - endpoints verbs: - get - create - update --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: nginx-ingress-clusterrole rules: - apiGroups: - "" resources: - configmaps - endpoints - nodes - pods - secrets verbs: - list - watch - apiGroups: - "" resources: - nodes verbs: - get - apiGroups: - "" resources: - services verbs: - get - list - watch - apiGroups: - extensions resources: - ingresses verbs: - get - list - watch - apiGroups: - "" resources: - events verbs: - create - patch - apiGroups: - extensions resources: - ingresses/status verbs: - update --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: name: nginx-ingress-role-nisa-binding namespace: nginx-ingress roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: nginx-ingress-role subjects: - kind: ServiceAccount name: nginx-ingress-serviceaccount namespace: nginx-ingress --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: nginx-ingress-clusterrole-nisa-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: nginx-ingress-clusterrole subjects: - kind: ServiceAccount name: nginx-ingress-serviceaccount namespace: nginx-ingress --- apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: run: nginx-ingress-controller name: nginx-ingress-controller namespace: nginx-ingress spec: replicas: 2 template: metadata: annotations: prometheus.io/port: "10254" prometheus.io/scrape: "true" labels: run: nginx-ingress-controller spec: containers: - args: - /nginx-ingress-controller - --default-backend-service=$(POD_NAMESPACE)/default-http-backend env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.13 livenessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 name: nginx-ingress-controller ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 443 readinessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP serviceAccountName: nginx-ingress-serviceaccount terminationGracePeriodSeconds: 60 --- apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: run: default-http-backend name: default-http-backend namespace: nginx-ingress spec: replicas: 1 template: metadata: labels: run: default-http-backend spec: containers: - image: gcr.io/google_containers/defaultbackend:1.0 livenessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 30 timeoutSeconds: 5 name: default-http-backend ports: - containerPort: 8080 resources: limits: cpu: 10m memory: 20Mi requests: cpu: 10m memory: 20Mi --- apiVersion: v1 kind: Service metadata: labels: run: nginx-ingress-controller name: nginx-ingress-controller namespace: nginx-ingress spec: ports: - name: http port: 80 - name: https port: 443 selector: run: nginx-ingress-controller type: LoadBalancer --- apiVersion: v1 kind: Service metadata: labels: run: default-http-backend name: default-http-backend namespace: nginx-ingress spec: ports: - port: 80 targetPort: 8080 selector: run: default-http-backend

Features at a glance

Deploy across clusters

Easily apply a manifest across multiple cluster environments

Declarative configuration management

Track configurations with version control in order to reliably manage cluster states

Package management

Reuse common patterns from existing configurations or through an external registry

Extended data templating

Use Jsonnet with the Kubernetes-aware Jsonnet library, ksonnet-lib, to write simplified manifests

Find differences between manifests

See what's different from what running on a cluster from your configurations

Helm integration

Leverage existing charts with all the features behind ksonnet

Tutorial

Build and deploy a complete ksonnet app
in our step-by-step tutorial