Skip to main content
Version: Next

KCL Operator

Introduction

KCL Operator provides cluster integration, allowing you to use Access Webhook to generate, mutate, or validate resources based on KCL configuration when apply resources to the cluster. Webhook will capture creation, application, and editing operations, and execute KCLRun resource on the configuration associated with each operation, and the KCL programming language can be used to

  • Add labels or annotations based on a condition.
  • Inject a sidecar container in all KRM resources that contain a PodTemplate.
  • Validate all KRM resources using KCL schema.
  • Use an abstract model to generate KRM resources.

Prerequisites

  • Install Kubectl
  • Prepare a Kubernetes cluster

Quick Start

Let’s write a KCL function which add annotation managed-by=kcl-operator only to Pod resources at runtime.

1. Install KCL Operator

kubectl apply -f https://raw.githubusercontent.com/kcl-lang/kcl-operator/main/config/all.yaml

Use the following command to watch and wait the pod status is Running.

kubectl get po

2. Deploy the KCL source

kubectl apply -f- << EOF
apiVersion: krm.kcl.dev/v1alpha1
kind: KCLRun
metadata:
name: set-annotation
spec:
source: |
items = [item | {
metadata.annotations: {
"managed-by" = "kcl-operator"
}
} for item in option("items")]
EOF

3. Validate the result

Validate the mutation result by creating a nginx Pod YAML.

kubectl apply -f- << EOF
apiVersion: v1
kind: Pod
metadata:
name: nginx
annotations:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
EOF
kubectl get po nginx -o yaml | grep kcl-operator

The output is

    managed-by: kcl-operator

Guides for Developing KCL

Here's what you can do in the KCL code:

  • Read resources from option("resource_list"). The option("resource_list") complies with the KRM Functions Specification. You can read the input resources from option("items") and the params from option("params").
  • Return a KPM list for output resources.
  • Return an error using assert {condition}, {error_message}.

More Documents and Examples