Create a patch to add a kubernetes annotation

kubectl patch
kubectl annotate
kubectl patch environment variable
kubectl patch configmap
kubectl patch statefulset
kubectl patch daemonset
kubectl patch secret
kubectl patch remove field

I would like to write an mutating webhook to add a default ingress class to all ingress object, that do not explicitly provide one.

According to the examples I found I need to provide a proper json patch for the webhook to return.

I first tried my patches using kubectl:

$ kubectl patch ingress mying --type='json' -p='[{"op": "add", "path": "/metadata/annotations/key", "value":"value"}]'
The  "" is invalid

Looks like this is not working when there is not already an annotations element present.

$ kubectl patch ingress mying --type='json' -p='[{"op": "add", "path": "/metadata/annotations", "value":{"key":"value"}}]'
ingress.extensions/kafka-monitoring-topics-ui patched

Creating the complete annotations element works fine, however in my case I need a key of kubernetes.io/ingress.class which contains a slash.

kubectl patch ingress mying --type='json' -p='[{"op": "add", "path": "/metadata/annotations", "value":{"kubernetes.io/ingress.class":"value"}}]'
ingress.extensions/kafka-monitoring-topics-ui patched

This works fine when creating the annotation object. However, if there is already a some annotation present and I simply want to add one, it seems to be impossible to add one.

Simply using [{"op": "add", "path": "/metadata/annotations", "value":{"kubernetes.io/ingress.class":"value"}}] removes all existing annotation, while something like '[{"op": "add", "path": "/metadata/annotations/kubernetes.io/ingress.class", "value": "value"}] does not work because of the contained slash.

Long story short: What is the correct way to simply add a ingress class using a proper patch?

PS: Yes, I am aware of kubectl annotate, but unfortunately that does not help with my webhook.

Replace the forward slash (/) in kubernetes.io/ingress.class with ~1.

Your command should look like this,

$ kubectl patch ingress mying --type='json' -p='[{"op": "add", "path": "/metadata/annotations/kubernetes.io~1ingress.class", "value":"nginx"}]'

Reference: RFC 6901 https://tools.ietf.org/html/rfc6901#section-3

Update API Objects in Place Using kubectl patch, Make the patch: $ kubectl patch deployment simple --type=json -p='[{"op": "add", " path": "/spec/template/metadata/labels/this", apiVersion: extensions/v1beta1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "2" � The output shows that the Deployment has two Pods. The 1/1 indicates that each Pod has one container:. NAME READY STATUS RESTARTS AGE patch-demo-28633765-670qr 1/1 Running 0 23s patch-demo-28633765-j5qs3 1/1 Running 0 23s

much easier for me was to annotate rather than patch:

kubectl annotate ingress mying kubernetes.io/ingress.class=value

add --dry-run -o yaml flags if you want to test it before applying the change.

An example of using kubectl patch � GitHub, This patch is an add operation of type json with includes a list of items to add. Create an alpine pod ( kubectl apply -f alpine-correct.yaml ); Run the patch This command would patch the /metadata/annotations object with� A running Kubernetes pod doesn't have to be taken down to be altered. Using the patch option, adding a new container to the pod is actually quite easy.

Using just:

[{"op": "add", "path": "/metadata/annotations/kubernetes.io~1ingress.class", "value":"nginx"}]

does not work when the created pod has no annotations, for example when coming from kubectl run --generator=run-pod/v1 --attach test-deploy --image=busybox ls

To detect this you need a separate parsing step into a metadata with pointer annotation so it can be detected as nil, or always send an empty annotation when it's empty:

type Metadata struct {
    Annotations  *map[string]string
}

type ObjectWithMeta struct {
    Metadata Metadata
}

then send:

[
  {"op":"add","path":"/metadata/annotations","value":{}},
  {"op":"add","path":"/metadata/annotations/foo","value": "bar"}
]

kubectl patch cannot patch a json list of items, only a single item , The edit and patch commands do not update the annotation kubectl apply Put another way, you need to make sure all changes to a resource� The Kubernetes documentation states that edit and patch do update the annotation used by kubectl apply, but in practice that is not the case. ↩︎. Other patching approaches. Kubernetes supports two other patching approaches: JSON merge patch and JSON patch. Like the strategic-merge approach, the JSON merge patch approach accepts a partial

Kubernetes Apply vs. Replace vs. Patch, Possible resources include (case insensitive): pods (po), services (svc), replicationcontrollers (rc), nodes (no), events (ev), componentstatuses (cs), limitranges (� This is the easiest way to create a Kubernetes Pod. However, if you need to add more options to the pod it’s better to go with creating in a hard way. Creating a Kubernetes Pod in a Hard way. To create a pod in a hard way first we need to create with a YAML file. To prepare the YAML file we can use vim or some other IDE.

kubectl annotate, Examples. # Partially update a node using strategic merge patch kubectl patch node k8s-node-1 -p --record[=false]: Record current kubectl command in the resource annotation. This will make your HTTPS connections insecure. Where labels and selectors are used for grouping and selecting sets of Kubernetes resources, Annotations provide a means of adding resource-specific metadata This website uses cookies and other tracking technology to analyse traffic, personalise ads and learn how we can improve the experience for our visitors and customers.

kubectl patch, For instance, if you want to patch your manifest to add a new label, you will specify You can also set up the pipeline to trigger based on changes to the patch content: on the patched resource as the kubernetes.io/change-cause annotation. Note. The annotation prefix can be changed using the --annotations-prefix command line argument, but the default is nginx.ingress.kubernetes.io, as described in the table below.

Comments
  • Oh, great. Thanks a lot! I was not aware of JSON Pointers, yet. Adding the class this way will probably only work if the annotation object is already present. - Seems like I have to handle both cases separately.