Kubernetes Container Settings

Available Kubernetes Settings

In this section we are covering the Kubernetes settings that you can configure in Cloudflow.

Several Kubernetes settings for a streamlet can be set under cloudflow.streamlets.[streamlet-name].kubernetes. In the following examples we show configurations under a specific streamlet, my-streamlet, its complete path is cloudflow.streamlets.my-streamlet. It is also possible, as explained in Configuring a Runtime using the runtime Scope, to apply any configuration shown here to any runtimes. The complete path for a runtime is cloudflow.runtimes.akka.

Resource Requirements

Container resource requirements can be set in the cloudflow.streamlets.[streamlet-name].kubernetes.pods.pod.containers.container section. The example below shows how resource requirements are set specifically for a my-streamlet streamlet:

cloudflow.streamlets.my-streamlet {
  kubernetes.pods.pod {
    containers.container {
      resources {
        requests {
          cpu = "500m"
          memory = "512Mi"
        }
        limits {
          memory = "4Gi"
        }
      }
    }
  }
}

The above example shows that 500mcpu and 512Mi of memory is requested, while the memory limit is set to 4Gi.

Environment Variables

Container environment variables can be set in the cloudflow.streamlets.[streamlet-name].kubernetes.pods.pod.containers.container section. The example below shows how resource requirements are set specifically for a my-streamlet streamlet:

cloudflow.streamlets.my-streamlet {
  kubernetes.pods.pod {
    containers.container {
      env = [
            { name = "JAVA_OPTS"
              value = "-XX:MaxRAMPercentage=40.0"
            },{
              name = "FOO"
              value = "BAR"
            }
          ]
    }
  }
}

The above example shows how to set the environment variables JAVA_OPTS=XX:MaxRAMPercentage=40.0 and FOO=BAR

Labels

To set pod labels, add the labels section shown in the example below:

cloudflow.streamlets.my-streamlet {
  kubernetes.pods.pod {
    labels {
      key1 = value1
      key2 = value2
    }
  }
}

The example above shows how to add the labels key1 = value1 and key2 = value2 to the pod for streamlet my-streamlet.

Annotations

Similar to labels we can add annotations to any streamlet pod. The snippet below shows how:

cloudflow {
  streamlets {
    my-streamlet {
      kubernetes {
        pods.pod {
          annotations {
            key1 = annotation1
          }
        }
      }
    }
  }
}

This configuration adds the annotation key: annotation1 to the pod for streamlet my-akka-streamlet.

Annotations, similar to labels, are defined by a key/value and can also be defined specifically for a streamlet or for all streamlets of a runtime, for instance under cloudflow.runtimes.akka.kubernetes.pods.pod.annotations.

Container Ports

To add container ports we need to at least provide a container-port number. The snippet below shows how:

cloudflow {
  streamlets {
    my-streamlet {
      kubernetes {
        pods.pod.containers.container {
          ports = [
            { container-port=9001},
            { container-port=9002, host-ip="10.132.0.123", protocol = "SCTP", host-port=9999, name="user-datagram"}
          ]
        }
      }
    }
  }
}

It is possible, as we showed above, to also set host-ip, protocol, host-port and a name. This configuration adds two container ports to every container where my-akka-streamlet is deployed. One in 9001 as TCP and the other in 9002 as UDP with Host Ports:9999/UDP, name: user-datagram and hostIp: 10.132.0.123

For more info see container ports in the Kubernetes API container port

Volumes and Volume-Mounts

Mounting Secrets

It’s possible to add a volume that contains a secret, and mount it into the container with volume-mounts. Bear in mind that each kubernetes.pods.pod.containers.container.volume-mounts name must match a kubernetes.pods.pod.volumes name in the config.

Here’s a sample, and further explanation, of how to configure two secrets to be mounted on a container.

cloudflow.streamlets.my-streamlet {
  kubernetes.pods.pod {
   volumes {
      foo {
        secret {
          name = mysecret1
        }
      }
      bar {
        secret {
          name = mysecret2
        }
      }
    }
    containers.container {
      volume-mounts {
        foo {
          mount-path = "/mnt/folderA"
          read-only = true
        }
        bar {
          mount-path = "/mnt/folderB"
          read-only = true
        }
      }
    }
  }
}

This configuration will mount mysecret1 into each my-streamlet container on to the path /mnt/folderA/mysecret1 as read-only, while mysecret2 will be mounted on path /mnt/folderB/mysecret2. Inside these folders, you’ll find as many files as values are under the data tag in the Kubernetes Secret mounted. As each volume-mounts name must match a volumes name, volume-mounts.foo matches volumes.foo and volume-mounts.bar matches volumes.bar.

Table 1. Configuration available to mount secrets

resource

key

volumes

kubernetes.pods.pod.volumes.[name].secret.name = [secret-name]

volume-mounts

pod.containers.container.volume-mounts.[name].mount-path = [some-path]

volume-mounts

pod.containers.container.volume-mounts.[name].read-only = [true or false]

Mounting Config Maps

Mounting a config map works similar to mounting a secret.

Here’s a sample, and further explanation, of how to configure two config map’s to be mounted on all the deployed containers of my-streamlet.

cloudflow.streamlets.my-streamlet {
  kubernetes.pods.pod {
   volumes {
      foo {
        config-map {
          name = myconfigmap1
        }
      }
      bar {
        config-map {
          name = myconfigmap2
          optional = true
          items {
            "app.conf" = {
              path = my-app.conf
            }
            key2 = {
              path = mypath2
            }
          }
        }
      }
    }
    containers.container {
      volume-mounts {
        foo {
          mount-path = "/mnt/folderA"
          read-only = true
        }
        bar {
          mount-path = "/mnt/folderB"
          read-only = true
        }
      }
    }
  }
}

This configuration will mount all entries of myconfigmap1 into each my-streamlet container under the path /mnt/folderA/myconfigmap1 as read-only, while for myconfigmap2 only 2 items/files be mounted at the paths /mnt/folderB/myconfigmap2/my-app.conf and /mnt/folderB/myconfigmap2/mypath2. This configuration also specifies myconfigmap2 to be an optional volume by using optional = true, while myconfigmap1, as per default, is a required volume.

As each volume-mounts name must match a volumes name, volume-mounts.foo matches volumes.foo and volume-mounts.bar matches volumes.bar.

Table 2. Configuration available to mount config maps

resource

key

volumes

kubernetes.pods.pod.volumes.[name].config-map.name = [pvc-name]

volumes

kubernetes.pods.pod.volumes.[name].config-map.optional = [true or false]

volumes

kubernetes.pods.pod.volumes.[name].config-map.items.[key].path = [some-path]

volume-mounts

pod.containers.container.volume-mounts.[name].mount-path = [some-path]

volume-mounts

pod.containers.container.volume-mounts.[name].read-only = [true or false]

Mounting Persistent Volume Claims

You can also mount volumes on Persistent Volume Claims (PVC) that already exist in the Kubernetes cluster. They are also mounted into the container with volume-mounts. If the PVC doesn’t not exist in the cluster, an error is shown and the deployment or configuration is stopped.

Here’s a sample, and further explanation, of how to configure two PVC’s to be mounted on all the deployed containers of my-streamlet.

cloudflow.streamlets.my-streamlet {
  kubernetes.pods.pod {
   volumes {
      foo {
        pvc {
          name = myclaim1
          read-only = true
        }
      }
      bar {
        pvc {
          name = myclaim2
          read-only = false
        }
      }
    }
    containers.container {
      volume-mounts {
        foo {
          mount-path = "/mnt/folderA"
          read-only = true
        }
        bar {
          mount-path = "/mnt/folderB"
          read-only = false
        }
      }
    }
  }
}

This configuration will mount an existing Persistent Volume Claim myclaim1 into each my-streamlet container on to the path /mnt/folderA as read-only, while myclaim2 will be mounted on path /mnt/folderB as writable. As each volume-mounts name must match a volumes name, volume-mounts.foo matches volumes.foo and volume-mounts.bar matches volumes.bar.

Table 3. Configuration available to choose pvc and mount it

resource

key

volumes

kubernetes.pods.pod.volumes.[name].pvc.name = [pvc-name]

volumes

kubernetes.pods.pod.volumes.[name].pvc.read-only = [true or false]

volume-mounts

pod.containers.container.volume-mounts.[name].mount-path = [some-path]

volume-mounts

pod.containers.container.volume-mounts.[name].read-only = [true or false]