Cruise control: Kubernetes operators to simplify K8s management

Operators are software extensions to Kubernetes that make it easier to create, configure, manage and operate specific or complex applications and their components. Operators allow users to control custom resources utilizing Kubernetes APIs. This helps in the automation of several aspects of Kubernetes, including deployment, upgrades, and taking backups and recovery in a unified and efficient manner. For organizations, it is possible to develop their own custom operators from scratch that specifically meet their requirements. But before doing that, it is recommended to get a good idea about the key capabilities of the Kubernetes operators already available in the market. This blog post outlines five popular Kubernetes operators that every DevOps needs to know about.

1. RBAC Manager Operator

RBAC Manager is an open-source project that simplifies authorization in Kubernetes. RBAC Manager is used for managing the Role-based access control (RBAC) configuration on AWS and GKE clusters. This project has been released by Fairwinds for organizations to manage their current RBAC configuration and workflows in their Kubernetes implementations.

Instead of managing role bindings or service accounts directly, RBAC Manager supports binding users, groups, or service accounts to the desired combination of roles or cluster roles, at either a namespace or cluster level. This ability to assign multiple role bindings and cluster role bindings with a single custom resource is based on security and compliance requirements neatly packaged in a single RBAC Definition.

RBAC Definitions can be used to automate several aspects of role binding for effective cluster management. Any changes to RBAC Definitions can automatically trigger changes in the owned resources. The RBAC Manager deletes and recreates the appropriate role bindings based on requests it receives. If an RBAC Definition is deleted, all the associated role bindings and cluster role bindings will be automatically deleted as well. With this approach, RBAC configuration can be managed with a CI workflow, and deployments can be simplified as well.

2. MongoDB Kubernetes Operator

The MongoDB Kubernetes Operator is a tool that automates and manages MongoDB clusters. It helps in the creation, management, and configuration of stateful application instances. It provides an efficient way to deploy MongoDB instances across various environments, all manageable from a single Kubernetes control plane.

It is available in two flavors, Enterprise Edition and Community Edition. The Community Edition provides a wide range of management capabilities, like upgrading and downgrading MongoDB versions, creating replicas, and reporting the server state. The Enterprise Edition is available under the Enterprise Advanced license, and in addition to all the capabilities, it offers support from the MongoDB support team.

The Kubernetes Operator helps in managing and controlling the entire self-managed infrastructure owned by the company. MongoDB Kubernetes Operator uses the Kubernetes API and tools to manage the lifecycle events for a MongoDB cluster. As per the user-specified MongoDB cluster specifications, the operator tells Kubernetes how to configure the cluster. This includes the provisioning of storage and computing power, setting up the network connections, and configuring other resources. Working together with MongoDB Cloud Manager or Ops Manager gives it the ability to further configure MongoDB clusters. MongoDB tasks can be managed using Cloud Manager or Ops Manager after deploying MongoDB in Kubernetes.

MongoDB Operator for Kubernetes provides users granular control over their deployments, consistent monitoring, centralized logging infrastructure, and more. It can run on the majority of Kubernetes distributions, including implementations such as Amazon Elastic Container Service for Kubernetes, Google’s Kubernetes Engine, Pivotal Cloud Foundry, and RedHat OpenShift.

kubernetes operators
Freepik / Macrovector

3. ArgoCD Operator

Argo CD Operator is a Kubernetes operator that manages the full lifecycle for Argo CD clusters and automates tasks required when operating an Argo CD cluster.

Released under the Apache 2.0 license, the operator aims at providing deep insights into the Argo CD environment to aggregate, visualize and expose the metrics by configuring Prometheus and Grafana. Apart from easy configuration and installation of the Argo CD components, it helps automate the process of upgrading, backup, and restoring an Argo CD cluster from a point in time or on a recurring schedule. It also helps autoscale the Argo CD components as required to handle variability in demand.

The Argo CD operator supports high availability. It offers support for managing OpenShift routes and Ingress resources to access the Argo CD resources. Keycloak, an open-source software product, can be used as a single sign-on provider for ArgoCD if the operator is deployed in the OpenShift container platform. One can also login into ArgoCD using their OpenShift users if Keycloak acts as an identity broker between ArgoCD and OpenShift.

4. Istio Operator

Istio Operator is an automated operator that provides options to install, upgrade, and operate the Istio service mesh. It manages operational tasks like Istio installation, up-gradation, and uninstallation of Istio in a production environment. Istio is the most widely-used service mesh tool today that enables modern networking capabilities for cloud-native applications.

The Istio operator was created with the help of a combination of kubebuilder, operator framework, and several other frameworks. Earlier, Helm was being used to install and upgrade Istio. Now the istioctl tool is being used for Istio 1.4 and later versions. Istio’s new operator-based installation and control plane management features have been migrated from Helm.

The operator CLI is beta which is distributed to users as part of istioctl and the operator controller is alpha. Both share the same API and codebase for producing manifests from the API. The operator uses the IstioOperator API. It has three main components: MeshConfig, component configuration API, and the legacy Helm installation API.

The Istio operator’s custom resource implementation can simplify the common administrative tasks of installation, upgrade, troubleshooting, and complex configuration changes for Istio. To prevent common errors, the operator validates and checks for installation and upgrade with the tools. Istio’s operator uses a Kubernetes controller to monitor these custom resources continuously which apply the corresponding configuration changes. It uses a custom resource definition (CRD) to define its custom resources.
kubernetes operators

5. Grafana Operator

Grafana Operator is based on the Operator SDK. It is used to install and manage Grafana instances, dashboards, data sources, and plugins on Kubernetes and OpenShift. Grafana is a popular open-source platform typically used for data analytics and monitoring.

The Grafana Operator is available on Operator Hub. It supports several features. It can be used to install Grafana to a namespace. You can configure Grafana through the custom resource. It helps import Grafana dashboards from the same or other namespaces. It can also import data sources of Grafana from the same namespace. Moreover, it can be used to install plugins.

Grafana operator has been trusted by companies and teams such as Red Hat, Continental, Handelsbanken, and XENIT. This operator has a dedicated channel MeshConfigon the Kubernetes community Slack to address issues quickly. It facilitates discussion around developments, and bugs, and other queries about the operator.

Using the operator over a single Grafana deployment provides several advantages. It provides the ability to configure and manage Grafana deployments using Kubernetes resources such as CRDs and configMaps. In addition, it supports incoming changes to allow for multi-namespace support for the operator. It also allows for quick setup for Ingresses, Grafana product versions, Grafana dashboard plugins, and many others. The operator also enables users to manage dashboards more efficiently through jsonnet, plugins, and folder assignment, which can all be done through .yamls. It also offers periodic reconciliation of resources.

The operator supports Grafana resources such as Grafana, GrafanaDashboard, and GrafanaDatasource. However, it does not support provisioning for Grafana’s multiple channels (notifiers) of alerts.

Kubernetes operators: Good for an array of tasks

Operators from various vendors provide different levels of control and customization capabilities. These Kubernetes operators can be used to automate a variety of tasks like scaling a complex app, managing version upgrades, and managing kernel modules for nodes with specialized hardware. These should meet most of your Kubernetes automation-related requirements to streamline the workflows and reduce the pressure on the operations team.

Featured image: Shutterstock

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top