Kubernetes is an open-source orchestration system for deploying, managing, and scaling containerized applications in distributed environments. It provides a set of abstractions for defining your apps and their infrastructure.
Operators are one way in which Kubernetes simplifies the deployment experience. An operator is an app-specific Kubernetes extension that provides custom objects and control loops for managing particular software in your cluster.
In this article, we’ll explore what operators are and why they’re useful, before looking at some prominent examples you might already be using.
We will cover:
An operator is a Kubernetes extension that automates the deployment of an application. Operators typically provide controllers and Custom Resource Definitions (CRDs) that let you rapidly deploy new app instances without deep knowledge of their requirements or how they work.
Operators are intended to reflect the key aims of human administrators. Manually deploying complex systems to a Kubernetes cluster is often intensive because you have to create and connect the Pods, StatefulSets, Services, ConfigMaps, and Volumes that the app requires. Operators let you use custom app-specific object types like postgresql to automate the underlying Kubernetes configuration.
The operator provides the CRDs and accompanying controllers that make this behavior possible.
The complete Kubernetes architecture combines several components and concepts, but one characteristic binds them together: the system has a declarative state model managed by control loops that automatically apply actions to reconcile your cluster’s actual state with the desired one you configure.
Built-in controllers such as Deployments and ReplicaSets track your cluster’s objects and manage the lifecycle of their dependents. When you create a new 3-replica Deployment object using Kubectl, the Deployment controller will automatically start a ReplicaSet with three Pods, for example.
Controllers are a general pattern used throughout Kubernetes. They are often part of Operators, a term that describes custom code that integrates specific apps with Kubernetes.
Operators make it easier to deploy and maintain complex apps. The operator provisions the app’s objects for you based on the custom resource configuration you supply. This lets you deploy new apps without any knowledge of Kubernetes objects.
Managing the app’s entire lifecycle
In addition, operators usually manage the app’s entire lifecycle for you, including upgrades, backups, and monitoring integrations. The operator runs the app on your behalf, adding layers of automation that support human administrators as they carry out tedious or error-prone tasks.
Simplifying Kubernetes database deployments
Although you can write an operator for any component in your cluster, they’re most applicable to commonly used persistent systems that require high availability and have their own best practices and configuration requirements. Operators dramatically simplify Kubernetes database deployments, for example, but are unnecessary if you’re simply deploying stateless web servers.
Deploying an instance across many different clusters
Seek an operator when you’re deploying an instance of a general-purpose application that’s routinely used across many different clusters. Don’t create operators for your own codebase unless you’re writing software for others to use that has significant maintenance or configuration requirements. Offering a Helm chart with a sensible set of default values is a better alternative for most use cases.
The operator pattern has been widely adopted. Official or community-led operators are available for many popular open-source projects, making it easier to deploy commonly used software components in your stack. Let’s look at three more prominent examples.
Postgres Operator
For example, the Postgres Operator lets you apply the following manifest to start a Postgres deployment with 1 Gi of persistent storage, automatic service discovery, and a preconfigured database user account:
apiVersion: acid.zalan.do/v1
kind: postgresql
metadata:
name: postgres-cluster
spec:
volume:
size: 1Gi
numberOfInstances: 3
users:
demo-user:
- superuser
- createdb
databases:
demo-user: demo-db
postgresql:
version: "15"
The operator creates a StatefulSet, Service, and Volume the deployment, but the human administrator doesn’t need awareness of these details. They only have to supply the relevant parameters to configure the Postgres instance.
MySQL Operator
The MySQL Operator for Kubernetes is an official solution for deploying MySQL in Kubernetes. Similarly to the Postgres Operator shown above, it lets you provision new MySQL database instances by adding InnoDBCluster
objects to your cluster.
The operator automatically manages data persistence, network discovery, and traffic routing by creating appropriate Kubernetes objects such as StatefulSets and Services. It’s designed to accommodate the entire database lifecycle, including future MySQL upgrades and scheduled backups to external object storage systems.
After you’ve installed the operator, you can deploy a new MySQL instance by applying a three-line YAML manifest to your cluster:
apiVersion: mysql.oracle.com/v2
kind: InnoDBCluster
metadata:
name: demo-db
spec:
secretName: mysql-creds
tlsUseSelfSigned: true
instances: 3
router:
instances: 1
Before using this example, you should follow the guidance in the documentation to create the mysql-creds
secret with a database username and password.
Prometheus Operator
The Prometheus Operator deploys and manages instances of the Prometheus time series database, which is commonly used as a Kubernetes observability solution. Prometheus is a cloud-native system formed from several different components with complex configuration requirements.
The official operator provisions a functioning installation for you while offering a useful built-in configuration that scrapes metrics from your cluster environment. You can reconfigure your Prometheus instance by editing custom objects provided by the operator. Without the operator, you’d have to manually synchronize changes to the stack’s components each time a new Prometheus release is issued.
Istio Operator
Istio is one of the most popular service mesh implementations for traffic management, observability, and app-aware proxying. Configuring and maintaining an Istio mesh in a Kubernetes cluster can be challenging, but the official Istio Operator allows you to make changes by editing a dedicated configuration object.
After installing the operator, create an IstioOperator object to add a service mesh to your cluster. Configure the mesh’s settings using fields within the object’s spec. The operator will detect your object and start a new Istio control plane to reconcile your cluster’s state. If you edit the object in the future, the operator will automatically reconfigure Istio with your new changes.
Check out: What is a Service Mesh? Introduction, Benefits & Demo.
Operators can be authored using any programming language or runtime environment that can interface with the Kubernetes API. Official client libraries are available for languages including C, Go, Java, Python, and Ruby, with community-supported options offered for most other popular choices.
Because operators are a pattern, not a specific set of characteristics, there are several ways in which they can be implemented. Most operators register CRDs that allow users to declaratively express their configuration for the managed app. You then code controllers which use the Kubernetes API to track instances of the CRDs and perform tasks in response.
The operator model has spawned its own set of tools and best practices designed to simplify this process. The Operator Framework is an open-source kit that helps you quickly write stable operators with support for over-the-air updates, dependencies, and simple UI controls. It also provides an SDK for building, testing, and packaging operators, without having to manually call the Kubernetes API. Operator Framework can be used in Go, Ansible, and Helm projects.
The Kubernetes Operator SDK (Software Development Kit) is a toolkit for building Kubernetes Operators. It aims to simplify the process of creating operators for developers without them needing deep knowledge of Kubernetes API complexities.
It supports different languages for creating operators, such as:
- Go – allows developers to leverage the Go programming language and its ecosystem.
- Ansible – Utilizes Ansible playbooks for Operator logic, making it accessible to a broader range of users, especially those already familiar with Ansible automation.
- Helm – Integrates with Helm charts, enabling developers to build Operators based on existing Helm charts with minimal additional coding
The Operator SDK helps manage the Operator’s entire lifecycle, including installation, upgrades, and management of the application state while allowing the definition of custom resource definitions (CRDs) to the application itself.
It is a part of the Cloud Native Computing Foundation (CNCF), benefiting from a strong community and ecosystem that encourages best practices and collaboration.
When you are creating Kubernetes Operators, there are a couple of best practices that you have to take into account:
1. Define clear CRDs
CRDs should be well-defined with clear specifications as they are the stepping stones of your Operator.
2. Follow K8s API conventions
Adhere to K8s conventions and follow the declarative API model that K8s uses.
3. Handle state properly
Properly manage the state and provide accurate status updates. The status should provide meaningful information that can be used to troubleshoot in case errors occur.
4. Incorporate error handling
Implement error handling wherever possible, as operators should be resilient to failures.
5. Leverage K8s client libraries
This will ensure compatibility and reduce the effort needed to handle Kubernetes object interactions.
6. Optimize for performance
Avoid excessive API calls, watch for resource leaks, and ensure it scales well with the number of managed resources.
7. Secure your Operator
Secure communications with the Kubernetes API server, handling sensitive information (like secrets) appropriately and adhering to the principle of least privilege.
8. Document your Operator
Document how to install, configure, and use the Operator, as well as its limitations and how it handles edge cases.
Operators extend Kubernetes with application-specific functionality. They’re created as external components that use the Kubernetes API to manage objects in your cluster. Operators abstract away the complexities of deploying large stateful applications in Kubernetes, letting you focus on your app’s configuration instead of low-level Kubernetes objects.
In this article, you’ve learned what operators are, the situations where they’re useful, and where to go to get started building your own. Try installing an operator in your cluster to manage the apps you depend on, or head to the Spacelift blog for more Kubernetes guides.
You can also take a look at how Spacelift helps you manage the complexities and compliance challenges of using Kubernetes. Anything that can be run via kubectl can be run within a Spacelift stack. Find out more about how Spacelift works with Kubernetes, and get started on your journey by creating a free trial account.
The Most Flexible CI/CD Automation Tool
Spacelift is an alternative to using homegrown solutions on top of a generic CI. It helps overcome common state management issues and adds several must-have capabilities for infrastructure management.