Templates

Templates can either be Helm charts or plain Kubernetes manifests which may be instantiated in spaces either manually by the user or in an automated fashion as part of the space creation settings of an account.

Templates

Create Templates

loft UI - Create Template

Enforce Templates

One of the most popular use cases for templates is to ensure cluster security and enforce isolation among users and spaces. You can enforce that certain templates are always applied to spaces when they are being created by adding these templates as part of the "Space Creation Settings" of an account.

loft UI - Enforce Template
Only During Space Creation

Enforced templates are part of the "Space Creation Settings" which means that they are only looked at during the creation of new spaces. Changing the enforced templates will not be reflected in existing space nor will template instances be removed when a template is removed from the list of enforced templates.

Delete Templates

loft UI - Delete Template
Template Instances

Deleting a template will not automatically delete the template instances nor will it automatically delete the Kubernetes objects or Helm charts created by the template instance. To delete the Kubernetes objects or Helm charts created by the template, remove the manifests and Helm chart definition from the template and wait until the controller has synchonized the changes to the template instances.

Enforced Templates

Deleting a template will not automatically delete the template from the list of enforced templates in any cluster account.

Template Instances

After enforcing a template for a certain account, loft will instantiate the template in every new space that is being created with this account. These instances of a template can be tracked with the loft CRD TemplateInstance.

To list all TemplateInstances in a certain namespace, run the following command:

kubectl get templateinstance -n [NAMESPACE]
Template Sync

Template instances keep track of the Helm charts and manifests they are creating. When the underlying template changes, the instance will automatically update the Helm chart or the modified manifests to keep everything in sync with the template.

Instantiate Templates

Of course, you can also manually instantiate a template by creating a TemplateInstance using kubectl. By default, users will not be permitted to create/update/delete TemplateInstances but you can change this using standard Kubernetes RBAC.

Create file template-instance.yaml:

apiVersion: config.kiosk.sh/v1alpha1
kind: TemplateInstance
metadata:
name: network-isolation-instance
namespace: some-namespace
spec:
sync: true
template: network-isolation

Create TemplateInstance using kubectl:

kubectl apply -f template-instance.yaml

Delete Instances

Deleting template instances is only possible via kubectl:

# IMPORTANT: Make sure to switch to the context of the connected cluster!
kubectl delete templateinstance -n [NAMESPACE] [TEMPLATE_INSTANCE_NAME]

Sync Template <> Instance

Template instances keep track of the Helm charts and manifests they are creating. When the underlying template changes, the instance will automatically update the Helm chart or the modified manifests to keep everything in sync with the template.