.svg)
.svg)
The concept of operators was introduced by CoreOs in the last quarter of 2016 and post the introduction of operator framework last year, operators are rapidly becoming the standard way of managing applications on Kubernetes especially the ones which are stateful in nature. In this blog post, we will learn what an operator is. Why they are needed and what problems do they solve. We will also create a helm based operator as an example.
This is the first part of our Kubernetes Operator Series. In the second part, getting started with Kubernetes operators (Ansible based), and the third part, getting started with Kubernetes operators (Golang based), you can learn how to build Ansible and Golang based operators.
Whenever we deploy our application on Kubernetes we leverage multiple Kubernetes objects like deployment, service, role, ingress, config map, etc. As our application gets complex and our requirements become non-generic, managing our application only with the help of native Kubernetes objects becomes difficult and we often need to introduce manual intervention or some other form of automation to make up for it.
Operators solve this problem by making our application first class Kubernetes objects that is we no longer deploy our application as a set of native Kubernetes objects but a custom object/resource of its kind, having a more domain-specific schema and then we bake the “operational intelligence” or the “domain-specific knowledge” into the controller responsible for maintaining the desired state of this object. For example, etcd operator has made etcd-cluster a first class object and for deploying the cluster we create an object of Etcd Cluster kind. With operators, we are able to extend Kubernetes functionalities for custom use cases and manage our applications in a Kubernetes specific way allowing us to leverage Kubernetes APIs and Kubectl tooling.
Operators combine crds and custom controllers and intend to eliminate the requirement for manual intervention (human operator) while performing tasks like an upgrade, handling failure recovery, scaling in case of complex (often stateful) applications and make them more resilient and self-sufficient.
For building and managing operators we mostly leverage the Operator Framework which is an open source tool kit allowing us to build operators in a highly automated, scalable and effective way. Operator framework comprises of three subcomponents:
Currently there are three different types of operator we can build:
| go get -d github.com/operator-framework/operator-sdk | |
| cd $GOPATH/src/github.com/operator-framework/operator-sdk | |
| git checkout master | |
| make dep | |
| make install |
Now we will have the operator-sdk binary in the $GOPATH/bin folder.
For building a helm based operator we can use an existing Helm chart. We will be using the book-store Helm chart which deploys a simple python app and mongodb instances. This app allows us to perform crud operations via. rest endpoints.
Now we will use the operator-sdk to create our Helm based bookstore-operator project.
| operator-sdk new bookstore-operator --api-version=velotio.com/v1alpha1 --kind=BookStore --type=helm --helm-chart=book-store | |
| --helm-chart-repo=https://akash-gautam.github.io/helmcharts/ |
In the above command, the bookstore-operator is the name of our operator/project. --kind is used to specify the kind of objects this operator will watch and --api-verison is used for versioning of this object. The operator sdk takes only this much information and creates the custom resource definition (crd) and also the custom resource (cr) of its type for us (remember we talked about high-level abstraction operator sdk provides). The above command bootstraps a project with below folder structure.
| bookstore-operator/ | |
| | | |
| |- build/ # Contains the Dockerfile to build the operator image | |
| |- deploy/ # Contains the crd,cr and manifest files for deploying operator | |
| |- helm-charts/ # Contains the helm chart we used while creating the project | |
| |- watches.yaml # Specifies the resource the operator watches (maintains the state of) |
We had discussed the operator-sdk automates setting up the operator projects and that is exactly what we can observe here. Under the build folder, we have the Dockerfile to build our operator image. Under deploy folder we have a crd folder containing both the crd and the cr. This folder also has operator.yaml file using which we will run the operator in our cluster, along with this we have manifest files for role, rolebinding and service account file to be used while deploying the operator. We have our book-store helm chart under helm-charts. In the watches.yaml file.
| --- | |
| - version: v1alpha1 | |
| group: velotio.com | |
| kind: BookStore | |
| chart: /opt/helm/helm-charts/book-store |
We can see that the bookstore-operator watches events related to BookStore kind objects and executes the helm chart specified.
If we take a look at the cr file under deploy/crds (velotio_v1alpha1_bookstore_cr.yaml) folder then we can see that it looks just like the values.yaml file of our book-store helm chart.
| apiVersion: velotio.com/v1alpha1 | |
| kind: BookStore | |
| metadata: | |
| name: example-bookstore | |
| spec: | |
| # Default values copied from <project_dir>/helm-charts/book-store/values.yaml | |
| # Default values for book-store. | |
| # This is a YAML-formatted file. | |
| # Declare variables to be passed into your templates. | |
| replicaCount: 1 | |
| image: | |
| app: | |
| repository: akash125/pyapp | |
| tag: latest | |
| pullPolicy: IfNotPresent | |
| mongodb: | |
| repository: mongo | |
| tag: latest | |
| pullPolicy: IfNotPresent | |
| service: | |
| app: | |
| type: LoadBalancer | |
| port: 80 | |
| targetPort: 3000 | |
| mongodb: | |
| type: ClusterIP | |
| port: 27017 | |
| targetPort: 27017 | |
| resources: {} | |
| # We usually recommend not to specify default resources and to leave this as a conscious | |
| # choice for the user. This also increases chances charts run on environments with little | |
| # resources, such as Minikube. If you do want to specify resources, uncomment the following | |
| # lines, adjust them as necessary, and remove the curly braces after 'resources:'. | |
| # limits: | |
| # cpu: 100m | |
| # memory: 128Mi | |
| # requests: | |
| # cpu: 100m | |
| # memory: 128Mi | |
| nodeSelector: {} | |
| tolerations: [] | |
| affinity: {} |
In the case of Helm charts, we use the values.yaml file to pass the parameter to our Helm releases, Helm based operator converts all these configurable parameters into the spec of our custom resource. This allows us to express the values.yaml with a custom resource (CR) which, as a native Kubernetes object, enables the benefits of RBAC applied to it and an audit trail. Now when we want to update out deployed we can simply modify the CR and apply it, and the operator will ensure that the changes we made are reflected in our app.
For each object of `BookStore` kind the bookstore-operator will perform the following actions:
The Dockerfile for building the operator image is already in our build folder we need to run the below command from the root folder of our operator project to build the image.
| operator-sdk build akash125/bookstore-operator:v0.0.1 |
As we have our operator image ready we can now go ahead and run it. The deployment file (operator.yaml under deploy folder) for the operator was created as a part of our project setup we just need to set the image for this deployment to the one we built in the previous step.
After updating the image in the operator.yaml we are ready to deploy the operator.
| kubectl create -f deploy/service_account.yaml | |
| kubectl create -f deploy/role.yaml | |
| kubectl create -f deploy/role_binding.yaml | |
| kubectl create -f deploy/operator.yaml |
Note: The role created might have more permissions then actually required for the operator so it is always a good idea to review it and trim down the permissions in production setups.
Verify that the operator pod is in running state.
Now we have the bookstore-operator running in our cluster we just need to create the custom resource for deploying our bookstore app.
First, we can create bookstore cr we need to register its crd.
| kubectl apply -f deploy/crds/velotio_v1alpha1_bookstore_crd.yaml |
Now we can create the bookstore object.
| kubectl apply -f deploy/crds/velotio_v1alpha1_bookstore_cr.yaml |
Now we can see that our operator has deployed out book-store app.
Now let’s grab the external IP of the app and make some requests to store details of books.
Let’s hit the external IP on the browser and see if it lists the books we just stored:
The bookstore operator build is available here.
Since its early days Kubernetes was believed to be a great tool for managing stateless application but the managing stateful applications on Kubernetes was always considered difficult. Operators are a big leap towards managing stateful applications and other complex distributed, multi (poly) cloud workloads with the same ease that we manage the stateless applications. In this blog post, we learned the basics of Kubernetes operators and build a simple helm based operator. In the next installment of this blog series, we will build an Ansible based Kubernetes operator and then in the last blog we will build a full-fledged Golang based operator for managing stateful workloads.
Related Reads:
Did you like the blog? If yes, we're sure you'll also like to work with the people who write them - our best-in-class engineering team.
We're looking for talented developers who are passionate about new emerging technologies. If that's you, get in touch with us.
The concept of operators was introduced by CoreOs in the last quarter of 2016 and post the introduction of operator framework last year, operators are rapidly becoming the standard way of managing applications on Kubernetes especially the ones which are stateful in nature. In this blog post, we will learn what an operator is. Why they are needed and what problems do they solve. We will also create a helm based operator as an example.
This is the first part of our Kubernetes Operator Series. In the second part, getting started with Kubernetes operators (Ansible based), and the third part, getting started with Kubernetes operators (Golang based), you can learn how to build Ansible and Golang based operators.
Whenever we deploy our application on Kubernetes we leverage multiple Kubernetes objects like deployment, service, role, ingress, config map, etc. As our application gets complex and our requirements become non-generic, managing our application only with the help of native Kubernetes objects becomes difficult and we often need to introduce manual intervention or some other form of automation to make up for it.
Operators solve this problem by making our application first class Kubernetes objects that is we no longer deploy our application as a set of native Kubernetes objects but a custom object/resource of its kind, having a more domain-specific schema and then we bake the “operational intelligence” or the “domain-specific knowledge” into the controller responsible for maintaining the desired state of this object. For example, etcd operator has made etcd-cluster a first class object and for deploying the cluster we create an object of Etcd Cluster kind. With operators, we are able to extend Kubernetes functionalities for custom use cases and manage our applications in a Kubernetes specific way allowing us to leverage Kubernetes APIs and Kubectl tooling.
Operators combine crds and custom controllers and intend to eliminate the requirement for manual intervention (human operator) while performing tasks like an upgrade, handling failure recovery, scaling in case of complex (often stateful) applications and make them more resilient and self-sufficient.
For building and managing operators we mostly leverage the Operator Framework which is an open source tool kit allowing us to build operators in a highly automated, scalable and effective way. Operator framework comprises of three subcomponents:
Currently there are three different types of operator we can build:
| go get -d github.com/operator-framework/operator-sdk | |
| cd $GOPATH/src/github.com/operator-framework/operator-sdk | |
| git checkout master | |
| make dep | |
| make install |
Now we will have the operator-sdk binary in the $GOPATH/bin folder.
For building a helm based operator we can use an existing Helm chart. We will be using the book-store Helm chart which deploys a simple python app and mongodb instances. This app allows us to perform crud operations via. rest endpoints.
Now we will use the operator-sdk to create our Helm based bookstore-operator project.
| operator-sdk new bookstore-operator --api-version=velotio.com/v1alpha1 --kind=BookStore --type=helm --helm-chart=book-store | |
| --helm-chart-repo=https://akash-gautam.github.io/helmcharts/ |
In the above command, the bookstore-operator is the name of our operator/project. --kind is used to specify the kind of objects this operator will watch and --api-verison is used for versioning of this object. The operator sdk takes only this much information and creates the custom resource definition (crd) and also the custom resource (cr) of its type for us (remember we talked about high-level abstraction operator sdk provides). The above command bootstraps a project with below folder structure.
| bookstore-operator/ | |
| | | |
| |- build/ # Contains the Dockerfile to build the operator image | |
| |- deploy/ # Contains the crd,cr and manifest files for deploying operator | |
| |- helm-charts/ # Contains the helm chart we used while creating the project | |
| |- watches.yaml # Specifies the resource the operator watches (maintains the state of) |
We had discussed the operator-sdk automates setting up the operator projects and that is exactly what we can observe here. Under the build folder, we have the Dockerfile to build our operator image. Under deploy folder we have a crd folder containing both the crd and the cr. This folder also has operator.yaml file using which we will run the operator in our cluster, along with this we have manifest files for role, rolebinding and service account file to be used while deploying the operator. We have our book-store helm chart under helm-charts. In the watches.yaml file.
| --- | |
| - version: v1alpha1 | |
| group: velotio.com | |
| kind: BookStore | |
| chart: /opt/helm/helm-charts/book-store |
We can see that the bookstore-operator watches events related to BookStore kind objects and executes the helm chart specified.
If we take a look at the cr file under deploy/crds (velotio_v1alpha1_bookstore_cr.yaml) folder then we can see that it looks just like the values.yaml file of our book-store helm chart.
| apiVersion: velotio.com/v1alpha1 | |
| kind: BookStore | |
| metadata: | |
| name: example-bookstore | |
| spec: | |
| # Default values copied from <project_dir>/helm-charts/book-store/values.yaml | |
| # Default values for book-store. | |
| # This is a YAML-formatted file. | |
| # Declare variables to be passed into your templates. | |
| replicaCount: 1 | |
| image: | |
| app: | |
| repository: akash125/pyapp | |
| tag: latest | |
| pullPolicy: IfNotPresent | |
| mongodb: | |
| repository: mongo | |
| tag: latest | |
| pullPolicy: IfNotPresent | |
| service: | |
| app: | |
| type: LoadBalancer | |
| port: 80 | |
| targetPort: 3000 | |
| mongodb: | |
| type: ClusterIP | |
| port: 27017 | |
| targetPort: 27017 | |
| resources: {} | |
| # We usually recommend not to specify default resources and to leave this as a conscious | |
| # choice for the user. This also increases chances charts run on environments with little | |
| # resources, such as Minikube. If you do want to specify resources, uncomment the following | |
| # lines, adjust them as necessary, and remove the curly braces after 'resources:'. | |
| # limits: | |
| # cpu: 100m | |
| # memory: 128Mi | |
| # requests: | |
| # cpu: 100m | |
| # memory: 128Mi | |
| nodeSelector: {} | |
| tolerations: [] | |
| affinity: {} |
In the case of Helm charts, we use the values.yaml file to pass the parameter to our Helm releases, Helm based operator converts all these configurable parameters into the spec of our custom resource. This allows us to express the values.yaml with a custom resource (CR) which, as a native Kubernetes object, enables the benefits of RBAC applied to it and an audit trail. Now when we want to update out deployed we can simply modify the CR and apply it, and the operator will ensure that the changes we made are reflected in our app.
For each object of `BookStore` kind the bookstore-operator will perform the following actions:
The Dockerfile for building the operator image is already in our build folder we need to run the below command from the root folder of our operator project to build the image.
| operator-sdk build akash125/bookstore-operator:v0.0.1 |
As we have our operator image ready we can now go ahead and run it. The deployment file (operator.yaml under deploy folder) for the operator was created as a part of our project setup we just need to set the image for this deployment to the one we built in the previous step.
After updating the image in the operator.yaml we are ready to deploy the operator.
| kubectl create -f deploy/service_account.yaml | |
| kubectl create -f deploy/role.yaml | |
| kubectl create -f deploy/role_binding.yaml | |
| kubectl create -f deploy/operator.yaml |
Note: The role created might have more permissions then actually required for the operator so it is always a good idea to review it and trim down the permissions in production setups.
Verify that the operator pod is in running state.
Now we have the bookstore-operator running in our cluster we just need to create the custom resource for deploying our bookstore app.
First, we can create bookstore cr we need to register its crd.
| kubectl apply -f deploy/crds/velotio_v1alpha1_bookstore_crd.yaml |
Now we can create the bookstore object.
| kubectl apply -f deploy/crds/velotio_v1alpha1_bookstore_cr.yaml |
Now we can see that our operator has deployed out book-store app.
Now let’s grab the external IP of the app and make some requests to store details of books.
Let’s hit the external IP on the browser and see if it lists the books we just stored:
The bookstore operator build is available here.
Since its early days Kubernetes was believed to be a great tool for managing stateless application but the managing stateful applications on Kubernetes was always considered difficult. Operators are a big leap towards managing stateful applications and other complex distributed, multi (poly) cloud workloads with the same ease that we manage the stateless applications. In this blog post, we learned the basics of Kubernetes operators and build a simple helm based operator. In the next installment of this blog series, we will build an Ansible based Kubernetes operator and then in the last blog we will build a full-fledged Golang based operator for managing stateful workloads.
Related Reads:
.svg)
.svg)
