SlideShare a Scribd company logo

Building the TribefireOperator

Oliver Moser
Oliver Moser

a short intro to the main concepts, ideas and benefits that you get when you build your own Kubernetes native operator for your applications

Technology
1 of 25
Download to read offline
What we learned from building the TribefireOperator Oliver Moser
The Guy 2 - TU Wien PhD - Braintribe, Inc. - Cloud / Automation / SRE
The Talk 3 - Kubernetes Operators - TribefireOperator - Lessons Learned
The Basics
Kubernetes Operator 5 - Extend Kubernetes API with additional objects - Encapsulate operational know-how of your application - Manages your application as a Kubernetes native object - Your application is represented via a CustomResourceDefinition
More on Operators - Run inside K8S cluster (e.g. as a Deployment) - Implements an CRUD API for CustomResources (CR) - Asynchronously responds to changes to CRs _after_ they are written by the Kubernetes API server - Each change triggers a reconcile() run, where the operational know-how of your Operator lives - reconcile() tries to bring the current state of your application to the desired (as per spec) state
Kubernetes Operators and Resources Resource Schemas are seperated into three sections: - Spec. Defines the desired state of the resource as specified by user. - Status. Publishes the resource state as observed by the Operator. - Metadata. Contains information common to most resources about the object such as object name, annotations, labels and more. Operators usually only read the Spec, while they might both read and update Status and Metadata
Main Purpose: Reconciling Desired and Actual States - Operators create Watches for Resources they manage - For every CRUD operation on a watched Resource, reconcile() is triggered - Operator might create new Resources that are owned by the Operator - Those resources have metadata.ownerReferences Kubernetes API Operator watch v1.MyRes Create MyRes “demo” reconcile( ) triggeredFetch v1.MyRes “demo” check MyRes current state and desired stare Create v1.Pod “demoPod” update MyRes stateUpdate v1.MyRes “demo”
Popular Operators - prometheus-operator probably most widely adopted one - Many other Operators available for managing your applications on Kubernetes: - etcd-operator, mongodb-operator, confluent-operator - Awesome list: - https://github.com/operator-framework/awesome-operators
Tribefire Operator
Tribefire’s Application Deployment Model tribefire-master control-center modeler explorer custom-cartridges SQL DB ETCD ActiveMQ 3rd Party Services
Managing Tribefire on Kubernetes: TribefireOperator - Manages our Tribefire platform on Kubernetes - Tribefire is a model-driven application delivery platform - Consists of several components like master, control-center, etc - Tribefire is represented via TribefireRuntime CRD on K8S - TribefireOperator maps CRD to Kubernetes native resources such as Pods, Services, Ingresses etc.
TribefireOperator: Mapping K8S native resources Deployment Kubernetes Cluster Service Ingress Secrets tribefire-operator <<custom resource>> TribefireRuntime The operator watches CRUD of TribefireRuntime resources and acts accordingly by CRUD’ing the required Kubernetes native objects
Representing Tribefire as a CRD: TribefireRuntime apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: tribefireruntimes.tribefire.cloud spec: group: tribefire.cloud names: kind: TribefireRuntime plural: tribefireruntimes shortNames: - tf scope: Namespaced subresources: status: {} versions: - name: v1alpha1 storage: true served: true apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: name: infracoders namespace: tribefire spec: domain: tribefire.cloud databaseType: cloudSql backend: type: etcd components: - name: tribefire-master type: Services logLevel: FINE logJson: false env: - name: "TRIBEFIRE_HOST" value: "demo.svc" resources: requests: memory: "512Mi" cpu: "500m" limits: memory: "2048Mi" cpu: "2000m" - name: tribefire-control-center type: ControlCenter TribefireRuntime CRD: deployed “once” to K8S by cluster-admin. Declares a new CustomResource by describing its metadata and specification TribefireRuntime CR: deployed by Tribefire users, describing the specific Tribefire components and capabilites that are needed.
TribefireRuntime CRs are Kubernetes native objects apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: name: infracoders namespace: demo spec: domain: tribefire.cloud databaseType: cloudSql backend: type: etcd components: - name: tribefire-master type: Services logLevel: FINE logJson: false env: - name: "TRIBEFIRE_HOST" value: "demo.svc" resources: requests: memory: "512Mi" cpu: "500m" limits: memory: "2048Mi" cpu: "2000m" - name: tribefire-control-center type: ControlCenter > kubectl create -f tribefire-infracoders.yaml tribefireruntime.tribefire.cloud/infracoders created > kubectl get tf -n demo NAME STATUS AGE infracoders unavailable 10s tfdemo-dev available 2d datapedia available 2w > kubectl get tf -n demo -o wide NAME STATUS AGE DOMAIN DATABASE BACKEND UNAVAILABLE infracoders unavailable 18s tribefire.cloud cloudsql activemq tribefire-master tfdemo-dev available 2d tribefire.cloud cloudsql etcd Datapedia available 2w tribefire.cloud cloudsql etcd > kubectl edit tf -n demo infracoders tribefireruntime.tribefire.cloud/infracoders edited > kubectl delete tf -n demo infracoders tribefireruntime.tribefire.cloud "infracoders" deleted
Accessing the TribefireRuntime CR via Kubernetes API /apis/tribefire.cloud/v1alpha1/namespaces/infracoders/ /apis/ tribefire.cloud/v1alpha1/ namespaces/infracoders/ tribefireruntimes/demo spec.version spec.group metadata.namespace spec.names.plural metadata.name spec.scope: Namespaced > kubectl proxy --port=8080 Starting to serve on 127.0.0.1:8080... > curl localhost:8080/apis/tribefire.cloud/v1alpha1/namespaces/infracoders/tribefireruntimes/demo … huge json response here…
CustomResource and RBAC - Managing deployments manually requires that every user has privileges to create Deployments, Services etc - With operators, you only need permission to deploy your CustomResource kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: tribefire-runtime-admin namespace: demo rules: - apiGroups: - tribefire.cloud resources: - "*" verbs: - "*" Users that want to manage TribefireRuntimes only need permissions for the tribefire.cloud APIs
Beyond the Basics
CustomResource and Default Values - There is no way to specify defaults in a CRD - OpenAPI spec does allow that but Kubernetes doesn’t - Setting defaults via the first Reconcile run inside the operator might work, but can introduce race conditions - Setting defaults via (mutating) Webhooks is the only safe way to handle defaults in a CR. API HTTP Handler API Request Authn/Authz Mutating Admission Controllers Object Validator Etcd Persistence Handler Validating Admission Controllers Mutating Webhook Handler The handler receives Admission request including the object under admission. It can either directly admit or decline the request, or return a set of JSON patches to mutate the object under admission.
Running pre-delete hooks via Finalizers - Used to trigger cleanup logic such as de-provisioning databases or storage - Resource deletion cannot proceed until finalizers are gone - metadata.deletionTimestamp as a marker that the resource handled by the Operator is being deleted apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: creationTimestamp: 2019-01-14T09:33:46Z finalizers: - default.finalizers.tribefire.cloud generation: 2 labels: stage: staging name: infracoders namespace: demo When the Operator has finished cleanup task, it has to remove the finalizer(s) accordingly in order to release the resource and let Kubernetes delete the resource
Provide feedback to users via /status subresource - Show the current state of your custom resource - Use observedGeneration to check if the .spec of your resource has changed - Implement status.conditions to support synchronous tasks via kubectl wait --for=condition=available status: components: - name: tribefire-services status: available urls: - https://ic.staging.tribefire.cloud/services - name: tribefire-demo-cartridge status: available conditions: - lastTransitionTime: 2019-01-14T09:39:08Z lastUpdateTime: 2019-01-14T09:39:08Z message: TribefireRuntime fully available reason: TribefireRuntimeBecameAvailable status: "True" type: Available observedGeneration: 2 status: available
Using OpenAPI for Validation apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition ... subresources: status: {} validation: openAPIV3Schema: spec: properties: backend: properties: parameters: items: properties: name: type: string value: type: string required: - name - value type: object type: array type: enum: - etcd - activemq type: string type: object apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: name: infracoders namespace: tribefire spec: domain: tribefire.cloud databaseType: cloudSql backend: parameters: - name: url value: http://tf-etcd-cluster-client.etcd:2379 type: etcd components: - name: tribefire-master type: Services logLevel: FINE logJson: false … Use the OpenAPI section in your CRD to enforce a schema on your custom resources. For instance you might want to restrict backend.type to have etcd and activemq as the only valid inputs
Using Events to trace appliction state changes - Emitted via EventRecorder in k8s.io/client-go - Records important information about state changes - Visibility via kubectl describe tf - Useful for monitoring (checkout heptio-eventrouter or bitnami’s kubewatch) Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ComponentDeployment 22m tribefire Created tribefire-cartridge tribefire-demo-cartridge Normal SecretBootstrap 22m tribefire Created database secret Normal SecretBootstrap 22m tribefire Created database service account Normal SecretBootstrap 22m tribefire Created image pull secret Normal ComponentDeployment 22m tribefire Created tribefire-master Normal ComponentDeployment 22m tribefire Created control-center Normal ComponentDeployment 22m tribefire Created explorer Normal DatabaseBootstrap 22m tribefire Created database tfdemo-dev-operator-demo Normal RuntimeReconciled 22m tribefire TribefireRuntime reconciled Normal ComponentAvailable 21m tribefire Status for 'control-center' switched: 'unavailable' to 'available' Normal ComponentAvailable 21m tribefire Status for 'explorer' switched: 'unavailable' to 'available' Normal ComponentAvailable 21m tribefire Status for 'tribefire-master' switched: 'unavailable' to 'available'
Outlook on Future Topics - Deploying and Managing Operators - Handling multiple CRD versions - Metrics
The End 25 Thank You

Recommended

Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
 
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarScaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarAmrit Sarkar
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes APIStefan Schimanski
 
Using Docker For Development
Using Docker For DevelopmentUsing Docker For Development
Using Docker For DevelopmentLaura Frank Tacho
 
Phil Basford - machine learning at scale with aws sage maker
Phil Basford - machine learning at scale with aws sage makerPhil Basford - machine learning at scale with aws sage maker
Phil Basford - machine learning at scale with aws sage makerAWSCOMSUM
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Jacopo Nardiello
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 

Recommended

Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
 
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarScaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarAmrit Sarkar
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes APIStefan Schimanski
 
Using Docker For Development
Using Docker For DevelopmentUsing Docker For Development
Using Docker For DevelopmentLaura Frank Tacho
 
Phil Basford - machine learning at scale with aws sage maker
Phil Basford - machine learning at scale with aws sage makerPhil Basford - machine learning at scale with aws sage maker
Phil Basford - machine learning at scale with aws sage makerAWSCOMSUM
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Jacopo Nardiello
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with KubernetesCarlos Sanchez
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
Kube Overview and Kube Conformance Certification OpenSource101 Raleigh
Kube Overview and Kube Conformance Certification OpenSource101 RaleighKube Overview and Kube Conformance Certification OpenSource101 Raleigh
Kube Overview and Kube Conformance Certification OpenSource101 RaleighBrad Topol
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with DockerStefan Schimanski
 
Rex gke-clustree
Rex gke-clustreeRex gke-clustree
Rex gke-clustreeRomain Vrignaud
 
Philipp Krenn, Elastic. From Containers to Kubernetes Operators
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsPhilipp Krenn, Elastic. From Containers to Kubernetes Operators
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsIT Arena
 
CN Asturias - Stateful application for kubernetes
CN Asturias - Stateful application for kubernetes CN Asturias - Stateful application for kubernetes
CN Asturias - Stateful application for kubernetes Cédrick Lunven
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Megan O'Keefe
 
Kubernetes Java Operator
Kubernetes Java OperatorKubernetes Java Operator
Kubernetes Java OperatorAnthony Dahanne
 
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...Quinton Hoole
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summits
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructuredAmi Mahloof
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSStefan Schimanski
 
Kubernetes Architecture - beyond a black box - Part 2
Kubernetes Architecture - beyond a black box - Part 2Kubernetes Architecture - beyond a black box - Part 2
Kubernetes Architecture - beyond a black box - Part 2Hao H. Zhang
 
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka Mario Ishara Fernando
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with KubernetesCarlos Sanchez
 
Introduction of kubernetes rancher
Introduction of kubernetes rancherIntroduction of kubernetes rancher
Introduction of kubernetes ranchercyberblack28 Ichikawa
 
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinDeploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinQiming Teng
 
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scale
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleMonitoring microservices: Docker, Mesos and Kubernetes visibility at scale
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleAlessandro Gallotta
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetesLiran Cohen
 

More Related Content

What's hot

Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with KubernetesCarlos Sanchez
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
Kube Overview and Kube Conformance Certification OpenSource101 Raleigh
Kube Overview and Kube Conformance Certification OpenSource101 RaleighKube Overview and Kube Conformance Certification OpenSource101 Raleigh
Kube Overview and Kube Conformance Certification OpenSource101 RaleighBrad Topol
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with DockerStefan Schimanski
 
Philipp Krenn, Elastic. From Containers to Kubernetes Operators
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsPhilipp Krenn, Elastic. From Containers to Kubernetes Operators
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsIT Arena
 
CN Asturias - Stateful application for kubernetes
CN Asturias - Stateful application for kubernetes CN Asturias - Stateful application for kubernetes
CN Asturias - Stateful application for kubernetes Cédrick Lunven
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Megan O'Keefe
 
Kubernetes Java Operator
Kubernetes Java OperatorKubernetes Java Operator
Kubernetes Java OperatorAnthony Dahanne
 
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...Quinton Hoole
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summits
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructuredAmi Mahloof
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSStefan Schimanski
 
Kubernetes Architecture - beyond a black box - Part 2
Kubernetes Architecture - beyond a black box - Part 2Kubernetes Architecture - beyond a black box - Part 2
Kubernetes Architecture - beyond a black box - Part 2Hao H. Zhang
 
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka Mario Ishara Fernando
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with KubernetesCarlos Sanchez
 
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinDeploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinQiming Teng
 
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scale
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleMonitoring microservices: Docker, Mesos and Kubernetes visibility at scale
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleAlessandro Gallotta
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
 

What's hot (20)

Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with Kubernetes
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Kube Overview and Kube Conformance Certification OpenSource101 Raleigh
Kube Overview and Kube Conformance Certification OpenSource101 RaleighKube Overview and Kube Conformance Certification OpenSource101 Raleigh
Kube Overview and Kube Conformance Certification OpenSource101 Raleigh
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with Docker
 
Rex gke-clustree
Rex gke-clustreeRex gke-clustree
Rex gke-clustree
 
Philipp Krenn, Elastic. From Containers to Kubernetes Operators
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsPhilipp Krenn, Elastic. From Containers to Kubernetes Operators
Philipp Krenn, Elastic. From Containers to Kubernetes Operators
 
CN Asturias - Stateful application for kubernetes
CN Asturias - Stateful application for kubernetes CN Asturias - Stateful application for kubernetes
CN Asturias - Stateful application for kubernetes
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
 
Kubernetes Java Operator
Kubernetes Java OperatorKubernetes Java Operator
Kubernetes Java Operator
 
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructured
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOS
 
Kubernetes Architecture - beyond a black box - Part 2
Kubernetes Architecture - beyond a black box - Part 2Kubernetes Architecture - beyond a black box - Part 2
Kubernetes Architecture - beyond a black box - Part 2
 
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
Microservices , Docker , CI/CD , Kubernetes Seminar - Sri Lanka
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with Kubernetes
 
Introduction of kubernetes rancher
Introduction of kubernetes rancherIntroduction of kubernetes rancher
Introduction of kubernetes rancher
 
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinDeploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with Senlin
 
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scale
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleMonitoring microservices: Docker, Mesos and Kubernetes visibility at scale
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scale
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
 

Similar to Building the TribefireOperator

Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetesLiran Cohen
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB
 
Kubernetes @ Nanit
Kubernetes @ NanitKubernetes @ Nanit
Kubernetes @ NanitChen Fisher
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with TerraformPedro J. Molina
 
Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdfssuser9b44c7
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with ComponentsAjeet Singh
 
Federated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingFederated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingBob Killen
 
Operator Lifecycle Management
Operator Lifecycle ManagementOperator Lifecycle Management
Operator Lifecycle ManagementDoKC
 
Operator Lifecycle Management
Operator Lifecycle ManagementOperator Lifecycle Management
Operator Lifecycle ManagementDoKC
 
Kubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdfKubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdfArzooGupta16
 
Kubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen FisherKubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen FisherDoiT International
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelpurpleocean
 
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB
 
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...Cloud Native Day Tel Aviv
 
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor VolkovKuberton
 
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel AvivOfir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel AvivOfir Makmal
 
A brief study on Kubernetes and its components
A brief study on Kubernetes and its componentsA brief study on Kubernetes and its components
A brief study on Kubernetes and its componentsRamit Surana
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibilityDocker, Inc.
 
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on KubernetesAthens Big Data
 

Similar to Building the TribefireOperator (20)

Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetes
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
 
Kubernetes @ Nanit
Kubernetes @ NanitKubernetes @ Nanit
Kubernetes @ Nanit
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
 
Kubernetes From Scratch .pdf
Kubernetes From Scratch .pdfKubernetes From Scratch .pdf
Kubernetes From Scratch .pdf
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
 
Federated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingFederated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific Computing
 
Operator Lifecycle Management
Operator Lifecycle ManagementOperator Lifecycle Management
Operator Lifecycle Management
 
Operator Lifecycle Management
Operator Lifecycle ManagementOperator Lifecycle Management
Operator Lifecycle Management
 
Kubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdfKubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdf
 
Kubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen FisherKubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen Fisher
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannel
 
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
 
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...
 
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov
 
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel AvivOfir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
Ofir Makmal - Intro To Kubernetes Operators - Google Cloud Summit 2018 Tel Aviv
 
A brief study on Kubernetes and its components
A brief study on Kubernetes and its componentsA brief study on Kubernetes and its components
A brief study on Kubernetes and its components
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibility
 
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
 

Recently uploaded

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Building the TribefireOperator

  • 1. What we learned from building the TribefireOperator Oliver Moser
  • 2. The Guy 2 - TU Wien PhD - Braintribe, Inc. - Cloud / Automation / SRE
  • 3. The Talk 3 - Kubernetes Operators - TribefireOperator - Lessons Learned
  • 5. Kubernetes Operator 5 - Extend Kubernetes API with additional objects - Encapsulate operational know-how of your application - Manages your application as a Kubernetes native object - Your application is represented via a CustomResourceDefinition
  • 6. More on Operators - Run inside K8S cluster (e.g. as a Deployment) - Implements an CRUD API for CustomResources (CR) - Asynchronously responds to changes to CRs _after_ they are written by the Kubernetes API server - Each change triggers a reconcile() run, where the operational know-how of your Operator lives - reconcile() tries to bring the current state of your application to the desired (as per spec) state
  • 7. Kubernetes Operators and Resources Resource Schemas are seperated into three sections: - Spec. Defines the desired state of the resource as specified by user. - Status. Publishes the resource state as observed by the Operator. - Metadata. Contains information common to most resources about the object such as object name, annotations, labels and more. Operators usually only read the Spec, while they might both read and update Status and Metadata
  • 8. Main Purpose: Reconciling Desired and Actual States - Operators create Watches for Resources they manage - For every CRUD operation on a watched Resource, reconcile() is triggered - Operator might create new Resources that are owned by the Operator - Those resources have metadata.ownerReferences Kubernetes API Operator watch v1.MyRes Create MyRes “demo” reconcile( ) triggeredFetch v1.MyRes “demo” check MyRes current state and desired stare Create v1.Pod “demoPod” update MyRes stateUpdate v1.MyRes “demo”
  • 9. Popular Operators - prometheus-operator probably most widely adopted one - Many other Operators available for managing your applications on Kubernetes: - etcd-operator, mongodb-operator, confluent-operator - Awesome list: - https://github.com/operator-framework/awesome-operators
  • 11. Tribefire’s Application Deployment Model tribefire-master control-center modeler explorer custom-cartridges SQL DB ETCD ActiveMQ 3rd Party Services
  • 12. Managing Tribefire on Kubernetes: TribefireOperator - Manages our Tribefire platform on Kubernetes - Tribefire is a model-driven application delivery platform - Consists of several components like master, control-center, etc - Tribefire is represented via TribefireRuntime CRD on K8S - TribefireOperator maps CRD to Kubernetes native resources such as Pods, Services, Ingresses etc.
  • 13. TribefireOperator: Mapping K8S native resources Deployment Kubernetes Cluster Service Ingress Secrets tribefire-operator <<custom resource>> TribefireRuntime The operator watches CRUD of TribefireRuntime resources and acts accordingly by CRUD’ing the required Kubernetes native objects
  • 14. Representing Tribefire as a CRD: TribefireRuntime apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: tribefireruntimes.tribefire.cloud spec: group: tribefire.cloud names: kind: TribefireRuntime plural: tribefireruntimes shortNames: - tf scope: Namespaced subresources: status: {} versions: - name: v1alpha1 storage: true served: true apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: name: infracoders namespace: tribefire spec: domain: tribefire.cloud databaseType: cloudSql backend: type: etcd components: - name: tribefire-master type: Services logLevel: FINE logJson: false env: - name: "TRIBEFIRE_HOST" value: "demo.svc" resources: requests: memory: "512Mi" cpu: "500m" limits: memory: "2048Mi" cpu: "2000m" - name: tribefire-control-center type: ControlCenter TribefireRuntime CRD: deployed “once” to K8S by cluster-admin. Declares a new CustomResource by describing its metadata and specification TribefireRuntime CR: deployed by Tribefire users, describing the specific Tribefire components and capabilites that are needed.
  • 15. TribefireRuntime CRs are Kubernetes native objects apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: name: infracoders namespace: demo spec: domain: tribefire.cloud databaseType: cloudSql backend: type: etcd components: - name: tribefire-master type: Services logLevel: FINE logJson: false env: - name: "TRIBEFIRE_HOST" value: "demo.svc" resources: requests: memory: "512Mi" cpu: "500m" limits: memory: "2048Mi" cpu: "2000m" - name: tribefire-control-center type: ControlCenter > kubectl create -f tribefire-infracoders.yaml tribefireruntime.tribefire.cloud/infracoders created > kubectl get tf -n demo NAME STATUS AGE infracoders unavailable 10s tfdemo-dev available 2d datapedia available 2w > kubectl get tf -n demo -o wide NAME STATUS AGE DOMAIN DATABASE BACKEND UNAVAILABLE infracoders unavailable 18s tribefire.cloud cloudsql activemq tribefire-master tfdemo-dev available 2d tribefire.cloud cloudsql etcd Datapedia available 2w tribefire.cloud cloudsql etcd > kubectl edit tf -n demo infracoders tribefireruntime.tribefire.cloud/infracoders edited > kubectl delete tf -n demo infracoders tribefireruntime.tribefire.cloud "infracoders" deleted
  • 16. Accessing the TribefireRuntime CR via Kubernetes API /apis/tribefire.cloud/v1alpha1/namespaces/infracoders/ /apis/ tribefire.cloud/v1alpha1/ namespaces/infracoders/ tribefireruntimes/demo spec.version spec.group metadata.namespace spec.names.plural metadata.name spec.scope: Namespaced > kubectl proxy --port=8080 Starting to serve on 127.0.0.1:8080... > curl localhost:8080/apis/tribefire.cloud/v1alpha1/namespaces/infracoders/tribefireruntimes/demo … huge json response here…
  • 17. CustomResource and RBAC - Managing deployments manually requires that every user has privileges to create Deployments, Services etc - With operators, you only need permission to deploy your CustomResource kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: tribefire-runtime-admin namespace: demo rules: - apiGroups: - tribefire.cloud resources: - "*" verbs: - "*" Users that want to manage TribefireRuntimes only need permissions for the tribefire.cloud APIs
  • 19. CustomResource and Default Values - There is no way to specify defaults in a CRD - OpenAPI spec does allow that but Kubernetes doesn’t - Setting defaults via the first Reconcile run inside the operator might work, but can introduce race conditions - Setting defaults via (mutating) Webhooks is the only safe way to handle defaults in a CR. API HTTP Handler API Request Authn/Authz Mutating Admission Controllers Object Validator Etcd Persistence Handler Validating Admission Controllers Mutating Webhook Handler The handler receives Admission request including the object under admission. It can either directly admit or decline the request, or return a set of JSON patches to mutate the object under admission.
  • 20. Running pre-delete hooks via Finalizers - Used to trigger cleanup logic such as de-provisioning databases or storage - Resource deletion cannot proceed until finalizers are gone - metadata.deletionTimestamp as a marker that the resource handled by the Operator is being deleted apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: creationTimestamp: 2019-01-14T09:33:46Z finalizers: - default.finalizers.tribefire.cloud generation: 2 labels: stage: staging name: infracoders namespace: demo When the Operator has finished cleanup task, it has to remove the finalizer(s) accordingly in order to release the resource and let Kubernetes delete the resource
  • 21. Provide feedback to users via /status subresource - Show the current state of your custom resource - Use observedGeneration to check if the .spec of your resource has changed - Implement status.conditions to support synchronous tasks via kubectl wait --for=condition=available status: components: - name: tribefire-services status: available urls: - https://ic.staging.tribefire.cloud/services - name: tribefire-demo-cartridge status: available conditions: - lastTransitionTime: 2019-01-14T09:39:08Z lastUpdateTime: 2019-01-14T09:39:08Z message: TribefireRuntime fully available reason: TribefireRuntimeBecameAvailable status: "True" type: Available observedGeneration: 2 status: available
  • 22. Using OpenAPI for Validation apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition ... subresources: status: {} validation: openAPIV3Schema: spec: properties: backend: properties: parameters: items: properties: name: type: string value: type: string required: - name - value type: object type: array type: enum: - etcd - activemq type: string type: object apiVersion: tribefire.cloud/v1alpha1 kind: TribefireRuntime metadata: name: infracoders namespace: tribefire spec: domain: tribefire.cloud databaseType: cloudSql backend: parameters: - name: url value: http://tf-etcd-cluster-client.etcd:2379 type: etcd components: - name: tribefire-master type: Services logLevel: FINE logJson: false … Use the OpenAPI section in your CRD to enforce a schema on your custom resources. For instance you might want to restrict backend.type to have etcd and activemq as the only valid inputs
  • 23. Using Events to trace appliction state changes - Emitted via EventRecorder in k8s.io/client-go - Records important information about state changes - Visibility via kubectl describe tf - Useful for monitoring (checkout heptio-eventrouter or bitnami’s kubewatch) Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ComponentDeployment 22m tribefire Created tribefire-cartridge tribefire-demo-cartridge Normal SecretBootstrap 22m tribefire Created database secret Normal SecretBootstrap 22m tribefire Created database service account Normal SecretBootstrap 22m tribefire Created image pull secret Normal ComponentDeployment 22m tribefire Created tribefire-master Normal ComponentDeployment 22m tribefire Created control-center Normal ComponentDeployment 22m tribefire Created explorer Normal DatabaseBootstrap 22m tribefire Created database tfdemo-dev-operator-demo Normal RuntimeReconciled 22m tribefire TribefireRuntime reconciled Normal ComponentAvailable 21m tribefire Status for 'control-center' switched: 'unavailable' to 'available' Normal ComponentAvailable 21m tribefire Status for 'explorer' switched: 'unavailable' to 'available' Normal ComponentAvailable 21m tribefire Status for 'tribefire-master' switched: 'unavailable' to 'available'
  • 24. Outlook on Future Topics - Deploying and Managing Operators - Handling multiple CRD versions - Metrics