Kubernetes work

Workceptor has the ability to launch Kubernetes pods to perform work.


- node:
    id: foo

- log-level:
    level: Debug

- tcp-listener:
    port: 2222

- control-service:
    service: control
    filename: /tmp/foo.sock

- work-kubernetes:
    worktype: kubeit
    authmethod: kubeconfig
    allowruntimeauth: true
    allowruntimepod: true
    allowruntimeparams: true


Note at this time it is necessary to have either a tcp-listener or a tcp-peer to be able to start the control service. See https://github.com/ansible/receptor/issues/518

apiVersion: v1
kind: Pod
    generateName: myapp-pod-
        app: myapp
    - name: worker
      image: busybox
      command: ['sh', '-c', 'echo The Pod is running && sleep 6 && exit 0']
    restartPolicy: Never

Note: at least one of the containers in the pod spec must be named “worker”. This is the container that stdin is passed into, and that stdout is retrieved from.

First, we need the receptor control service running in order to be able to start a kubernetes work unit.

$ receptor -c foo.yml
DEBUG 2022/01/17 10:05:56 Listening on TCP [::]:2222
INFO 2022/01/17 10:05:56 Running control service control
INFO 2022/01/17 10:05:56 Initialization complete

Now we can submit a kubernetes work unit.

$ receptorctl --socket /tmp/foo.sock work submit kubeit --param secret_kube_config=@$HOME/.kube/config --param secret_kube_pod=@kubeitpod.yml --no-payload
Result:  Job Started
Unit ID: FfpQ4zk2

secret_kube_config The contents of kubeconfig file. The “@” tells receptorctl to read in a file name and pass the contents on.

secret_kube_pod The contents of a pod definition. The “@” tells receptorctl to read in a file name and pass the contents on.

Runtime Params

Additional parameters can be passed in when issuing a “work submit” command, using “–param” in receptorctl. These params must have the correct allowruntime* fields specified in the work-kubernetes definition.

param description permission
kube_image container image to use allowruntimecommand
kube_command command container should run allowruntimecommand
kube_params parameters to pass into kube_command allowruntimeparams
kube_namespace kubernetes namespace to use allowruntimeauth
secret_kube_config kubeconfig to authenticate with allowruntimeauth
secret_kube_pod pod definition allowruntimepod
pod_pending_timeout allowed duration for pod to be Pending allowruntimeparams

pod_pending_timeout is provided as a string, for example 1h20m30s or 30m10s.