The NSM Operator

Operating Infrastructure in a Cloud Native Way

Alexandre Menezes

SRE

Operator Enablement Team

Matt Dorn

Principal SRE

Operator Enablement Team

1

What we’ll �discuss today

Agenda

What is a Kubernetes Operator?

Introduction to Operator Framework

What can an Operator add to NSM?

A Quick Demo

2

Kubernetes Operators

An Operator is a method of packaging, deploying and managing a Kubernetes application by taking human operational knowledge and encoding it into software.

What is a Kubernetes Operator?

3

How could we define kubernetes operators in simple words?

What are Kubernetes Operators?

The controller has the watchers and reconcilers. It's capable of observing the running state of objects and reconcile it to its desired state.

It's also a Deployment

It's a Controller

Normally runs as a pod in a chosen namespace watching target namespaces in behalf of your application.

It's an API extension

4

It's an extension to the kubernetes API implementing CRDs or Custom Resource Definitions

Kubernetes Resources

What are kubernetes Operators?

They are an endpoint in kubernetes API.

Here is where we can find Api Group, the version and the kind our objects belong to

Type Metadata

This is where we may see something like red, yellow or green as a state. Or things much more sophisticated such as phases etc.

Status Field

This is where the desired state goes. Every detail on what's expected from that object is declared here.

Spec Field

Important information about the object like: name, namespace, annotations, labels etc.

Object Metadata

5

Common Kubernetes API features

Source:

https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/

6

Kubernetes Controllers

• The controller is an infinite loop

• Tracks at least one Kubernetes object type

• Reconciles the current object state based on the desired state from the Spec field

• For reconciling it can interact with the Kubernetes API

• Or it can control the objects directly - Ex: external cloud resources

Kubernetes CRDs and Controllers combined

Deployments

DaemonSets

StatefulSets

ConfigMaps

MY CRD - Primary Resource

Owned Resources - Secondary Resources

The controller watches and reconciles all resources

How could we define kubernetes operators in simple words?

What are Kubernetes Operators?

The controller has the watchers and reconcilers. It's capable of observing the running state of objects and reconcile it to its desired state.

It's also a Deployment

It's a Controller

Normally runs as a pod in a chosen namespace watching target namespaces in behalf of your application.

It's an API extension

9

It's an extension to the kubernetes API implementing CRDs or Custom Resource Definitions

Operator Framework Key Projects

Introduction to Operator Framework

It's an open source framework to make building operators easier providing high level APIs, abstractions and code generation to quickly bootstrap new projects.

10

Operator Framework Key Projects

Operator SDK�https://github.com/operator-framework/operator-sdk

Operator Lifecycle Manager�https://github.com/operator-framework/operator-lifecycle-manager

Community Operators�https://github.com/operator-framework/community-operators

Operator SDK Website�https://sdk.operatorframework.io

Operator Framework Key Projects

Operator SDK

• Based on the controller-runtime library and kubebuilder
• Scaffolds a nice project directory layout with generated code
• Helps adding one or more resource APIs as CRDs
• Generates the basic core reconcile loop and controller for your primary custom resources.
• Facilitates watching resources by allowing us to list the owned secondary resources
• Helps development by running locally against a cluster (self-installs CRDs and starts controllers automatically)
• Build and publish a container from the provided Dockerfile
• Adds a set of testing tools that helps with operator publishing
• And generates operator metadata in order to publish it to the operator hubs

Operator Framework Key Projects

Operator Lifecycle Manager

• Provides a catalog that allows granular control of updates and deployment of new versions
• Takes care of all dependencies that need to be installed
• Advertises installed operators and the services available on them
• Enables discovery of available operators to install
• Ensure cluster stability by preventing operator conflicts owning the same API
• Empowers each operator to behave like a service provider since the user interface is an API
• It can go further by automating the creation of graphical consoles with rich interfaces and forms for users to interact with

Operator Framework Key Projects

Community Operators

• The canonical source for the operator hubs
• Operatorhub.io
• OpenShift embedded operator hub
• The operator lifecycle manager integrates with it to pull the operators published to its catalog

Operator Framework - Workflow

Operator Development

Community Operators Github

Your Container Registry

Op. Image

Op. Metadata

OLM

catalog

Op. Metadata

Op. Image

A.k.a Operator Bundle

The Operator Maturity Model

What can the operator add to NSM?

An operator can go from basic install, just deploying your apps to auto-pilot. Everything in between can be achieved. For instance, concerns like upgrades, downgrades, backups, restores, high availability, deep insights etc.

16

https://github.com/operator-framework/operator-sdk

The Operator Maturity Model

Source:

Ihttps://docs.openshift.com/container-platform/4.4/operators/olm-what-operators-are.html

17

Possible Operator Interactions

18

Multiple external applications

Gateways and Routers

Network Appliances

Load Balancers

Firewalls

IDS

Cloud Services

On Prem

Datacenters

External block or object Storage

Identity Providers

Quick Demo

Wrapping Up

19

Thank you

Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make �Red Hat a trusted adviser to the Fortune 500.

20

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHat