ksonnet

Streamline how you write and deploy Kubernetes configurations

read the tutorial

0.7.0

ksonnet 0.7.0 is now available

A CLI-supported framework for extensible Kubernetes configurations

Built on the JSON templating language Jsonnet, ksonnet simplifies defining an application configuration, updating the configuration over time, and specializing it for different clusters and environments.

Predefined prototypes


Save time with out-of-the-box, app-specific Kubernetes configurations with sensible defaults.

Customizable & scalable


Customize prototypes to meet your needs, and scale your application with a flexible framework.

Portable & shareable


Port your application across environments, and collaborate across your team with clear version control.

Escape the wall of YAML

ksonnet provides a simple way to create and edit Kubernetes configuration files

--- apiVersion: v1 kind: ServiceAccount metadata: name: nginx-ingress-serviceaccount namespace: nginx-ingress --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role metadata: name: nginx-ingress-role namespace: nginx-ingress rules: - apiGroups: - "" resources: - configmaps - pods - secrets verbs: - get - apiGroups: - "" resourceNames: - ingress-controller-leader-nginx resources: - configmaps verbs: - get - update - apiGroups: - "" resources: - configmaps verbs: - create - apiGroups: - "" resources: - endpoints verbs: - get - create - update --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: nginx-ingress-clusterrole rules: - apiGroups: - "" resources: - configmaps - endpoints - nodes - pods - secrets verbs: - list - watch - apiGroups: - "" resources: - nodes verbs: - get - apiGroups: - "" resources: - services verbs: - get - list - watch - apiGroups: - extensions resources: - ingresses verbs: - get - list - watch - apiGroups: - "" resources: - events verbs: - create - patch - apiGroups: - extensions resources: - ingresses/status verbs: - update --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: name: nginx-ingress-role-nisa-binding namespace: nginx-ingress roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: nginx-ingress-role subjects: - kind: ServiceAccount name: nginx-ingress-serviceaccount namespace: nginx-ingress --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: nginx-ingress-clusterrole-nisa-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: nginx-ingress-clusterrole subjects: - kind: ServiceAccount name: nginx-ingress-serviceaccount namespace: nginx-ingress --- apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: run: nginx-ingress-controller name: nginx-ingress-controller namespace: nginx-ingress spec: replicas: 2 template: metadata: annotations: prometheus.io/port: "10254" prometheus.io/scrape: "true" labels: run: nginx-ingress-controller spec: containers: - args: - /nginx-ingress-controller - --default-backend-service=$(POD_NAMESPACE)/default-http-backend env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.13 livenessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 name: nginx-ingress-controller ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 443 readinessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP serviceAccountName: nginx-ingress-serviceaccount terminationGracePeriodSeconds: 60 --- apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: run: default-http-backend name: default-http-backend namespace: nginx-ingress spec: replicas: 1 template: metadata: labels: run: default-http-backend spec: containers: - image: gcr.io/google_containers/defaultbackend:1.0 livenessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 30 timeoutSeconds: 5 name: default-http-backend ports: - containerPort: 8080 resources: limits: cpu: 10m memory: 20Mi requests: cpu: 10m memory: 20Mi --- apiVersion: v1 kind: Service metadata: labels: run: nginx-ingress-controller name: nginx-ingress-controller namespace: nginx-ingress spec: ports: - name: http port: 80 - name: https port: 443 selector: run: nginx-ingress-controller type: LoadBalancer --- apiVersion: v1 kind: Service metadata: labels: run: default-http-backend name: default-http-backend namespace: nginx-ingress spec: ports: - port: 80 targetPort: 8080 selector: run: default-http-backend

Get started

Install ksonnet

The ksonnet CLI, ks, can be installed in three different ways. Choose the method that best matches your setup:

Run through an example

See some basic ks commands in action:

  # View all available commands
  ks --help

  # Create an app directory (and reference your cluster with $KUBECONFIG)
  KUBECONFIG="${KUBECONFIG:-$HOME/.kube/config}"

  ks init ks-example    # Add '--api-spec=version:v1.8.0' to this command if you're running Kubernetes 1.8!
  cd ks-example

  # Autogenerate a basic manifest
  ks generate deployed-service guestbook-ui \
    --image gcr.io/heptio-images/ks-guestbook-demo:0.1 \
    --type ClusterIP

  # Deploy the manifest to your cluster, and view results
  ks apply default
  kubectl get svc guestbook-ui

  # Teardown (Don't worry, this only removes resources defined in your ksonnet app,
  # and should not affect any other resources in your 'default' namespace)
  ks delete default
  

Wondering what else you can do with ksonnet? See the tutorial to build a complete app.

Tutorial

Build and deploy a complete ksonnet app
in our step-by-step tutorial

read the tutorial