Declarative. It becomes a way of life. We have chosen kustomize to safely build our inventory of YAML, including Istio and Cert-Manager. But, it has proven incredibly non-DRY. After some refactoring etc, I made a few Generators and Transformers to cover some of the most common cases.

And, today, for the low low price of $0, you can snoop around and use them, via our Github page.

It turned out that (as you might expect) the main driver was errors. One particularly complex thing was running Istio as (sole) Ingress(gateway) with Cert-Manager. We want TLS for all endpoints. We like Let’s Encrypt. We want to use solely Istio. But Cert-Manager was a bit picky about this. The solution needed to have calibrated YAML created for a Gateway, a VirtualService, and a Certificate. But, we kept making typos and then spending time debugging. The IstioGenerator solved that, reducing from ~100 lines of YAML to ~10 with no loss in fidelity.

Each of these Generators and Transformers had a different driver. Security, Simplicity, Accuracy, Effort. All were implicated and involved.

I hope you get some value from the collection. It will grow over time, and as always, Pull Requests are most welcome.

Share This

Share this post with your friends!