Last modified March 6, 2022
Configure an app's target namespace via its App CR
Overview
At some point, you might want to add specific labels or annotations to an app’s target namespace to enable other tools such as linkerd
or kiam
. For example, to include all pods in a namespace in the linkerd
service mesh. Or, to tell kiam
you do allow Loki to get logs from pods running in this namespace.
This feature enables you to add labels and annotations to the app’s target namespace via its App CR.
This is simpler and easier than using other solutions such as triggering a Kubernetes job via a Helm hook.
Configuring labels / annotations
You can use .spec.namespaceConfig
to configure the namespace metadata. You can set .spec.namespaceConfig.annotations
and / or
spec.namespaceConfig.labels
and provide the values as a key/value map. App platform then ensures the namespace exists and has this metadata.
For example, if you want to add an annotation linked.io/inject: enabled
to the target namespace loki1
add this to the app CR.
apiVersion: application.giantswarm.io/v1alpha1
kind: App
metadata:
name: loki-app
namespace: loki0
spec:
catalog: giantswarm
name: loki
namespace: loki
namespaceConfig:
annotations:
linkerd.io/inject: "enabled"
Now you can check the namespace and it will be the same as below.
apiVersion: v1
kind: Namespace
metadata:
annotations:
linkerd.io/inject: "enabled"
name: loki
If you want to set labels on the namespace, use spec.namespaceConfig.labels
.
apiVersion: application.giantswarm.io/v1alpha1
kind: App
metadata:
name: kiam-app
namespace: kiam0
spec:
catalog: giantswarm
name: kiam
namespace: kiam
namespaceConfig:
labels:
monitoring: "enabled"
Validation
The validation logic in app-admission-controller checks whether multiple app CRs are updating the same namespace with different values. The validation webhook will prevent the conflicting value from being added.
Need help, got feedback?
We listen to your Slack support channel. You can also reach us at support@giantswarm.io. And of course, we welcome your pull requests!