Kustomize generators let you create Kubernetes resources on the fly, avoiding the need to write repetitive YAML by hand.
Let’s see one in action. Imagine you need to create a ConfigMap for every environment you deploy to. Instead of copying and pasting, you can use a generator.
Here’s a kustomization.yaml:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- base/
generators:
- generators/configmap-generator.yaml
And here’s the generators/configmap-generator.yaml:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: ConfigMapGenerator
metadata:
name: environment-config
namePrefix: env-
literals:
- ENVIRONMENT=development
- LOG_LEVEL=debug
- DB_HOST=localhost
When you run kustomize build ., this generator will produce a ConfigMap named env-environment-config with the specified key-value pairs. If you had another generator for staging or production, Kustomize would create distinct ConfigMaps for each, all from this single definition.
The real power comes from how generators integrate with Kustomize’s core functionality. They’re not just for creating static data; they can be used to generate entire resource manifests based on templates or external data. This means you can dynamically provision resources like ConfigMaps, Secrets, or even more complex objects like Deployments or StatefulSets without ever touching the individual YAML files.
Internally, Kustomize parses the kustomization.yaml file and identifies resources and generators. When it encounters a generator, it executes the logic defined within that generator. For ConfigMapGenerator, this involves taking the literals (or other data sources like files) and packaging them into a Kubernetes ConfigMap object. The namePrefix is then prepended to the generated ConfigMap’s name. Kustomize then includes this generated ConfigMap in the final output alongside any other resources specified in the resources field.
The ConfigMapGenerator is just one type. You also have SecretGenerator (which works similarly but for secrets), and more importantly, the kustomize.config.k8s.io/v1beta1.Generator kind. This generic generator allows you to use external plugins, often written in Go, to create arbitrary Kubernetes resources. You can write a plugin that reads from a database, calls an external API, or performs complex templating to generate resources that are impossible with the built-in generators.
The kustomize.config.k8s.io/v1beta1.Generator kind takes a name and a command field. The command specifies the executable and arguments to run. Kustomize pipes the generator’s configuration (the YAML block itself) to the plugin’s standard input, and the plugin is expected to output valid Kubernetes YAML to its standard output. This makes it incredibly flexible, allowing you to use any scripting language or compiled binary as a generator.
A common pattern is to use a Go plugin that leverages the kustomize/api/krusty library to build resources programmatically. You can define complex logic within the Go code, such as iterating over a list of hosts to create Service entries or generating NetworkPolicy resources based on application topology.
When Kustomize processes a Generator of type kustomize.config.k8s.io/v1beta1.Generator, it first finds the specified executable. It then launches this executable, passing the generator’s configuration as JSON on its stdin. The executable performs its logic and writes the resulting Kubernetes manifest(s) to stdout. Kustomize then captures this output and merges it into the final build. This decouples the generation logic from the Kustomize build process, allowing for sophisticated custom resource creation.
One aspect that trips people up is how environment variables are handled. If your generator plugin needs access to environment variables, they are not automatically inherited from the shell where you run kustomize build. You must explicitly pass them to the plugin execution. This is typically done by setting the env field within the Generator definition in your kustomization.yaml, like so:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Generator
metadata:
name: dynamic-config
command: ["./my-generator-plugin"]
env:
- name: MY_API_KEY
value: "supersecretkey123"
- name: TARGET_ENVIRONMENT
value: "production"
This ensures your plugin has the necessary context to perform its generation task, making your dynamic resource creation more robust.
Understanding how to leverage Kustomize generators can drastically reduce boilerplate and enable more sophisticated, dynamic deployments in Kubernetes.
The next step in mastering Kustomize is exploring how to overlay and patch these dynamically generated resources.