Giter Club home page Giter Club logo

kubernetes-operators's Introduction

Kubernetes Openstack Operators

This repository holds operators that automate common tasks for managing Openstack on Kubernetes.

We define an operator as piece of software that uses Kubernetes primitives to model domain specific operational tasks. It extends Kubernetes using best practices and controller concepts to remote control the system through the API on behalf of a Kubernetes user. Using the third party resource mechanismm, this allows us to detangle configuration changes and offloads the burden of generating and reconfiguring the system into a dynamic runtime component.

See also: CoreOS - Introducing Operators

Example

As an example, a ThirdPartyResource BuildingBlock drives the creation of a set of Nova-Agents through a DeploymentSpec. The operator will watch for changes on BuildingBlock events and create/update the specs for the nova agents. Additionally, it could remote control auxiliary systems, like sending a status notification when a builing block goes into maintenance mode.

Now that building block configuration can be manages as Kubernetes spec, we have a standarized way of changing the system's configuration - through Kubernetes. This decoupling reduces the churn on the redeployment of the whole system and makes changes easy and documentable.

Additionally, "change" is now easy to compose even across system boundaries. A new building block can be onboarded with an automated process, directly from a build pipeline, triggered by a Git commit. Even auto-registration is a thinkable scenario now. The building block could come with an agent that talks directly to Kubernetes.

Design Principles

Operators are build in Go. They use kubernetes/client-go to interface with the Kubernetes API. They follow the Kubernetes controller best practices and programatically manage resources.

Operators have one job and do that job well. They are easy to reason about.

Prior Art

kubernetes-operators's People

Contributors

auhlig avatar bugroger avatar carthaca avatar chuan137 avatar databus23 avatar defo89 avatar dependabot[bot] avatar fwiesel avatar galkindmitrii avatar grandchild avatar jknipper avatar kayrus avatar majewsky avatar notandy avatar notque avatar renovate[bot] avatar ruvr avatar shparker1977 avatar stefanhipfel avatar tretkowski avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

jchanam stackdocker pvdvreede-forked dewet22 huokedu crimsonfaith91 huzhengchuan etsangsplk sts0mrg0 ppouliot moosh3 cleverlzc kubekit99 kayrus

kubernetes-operators's Issues

[vice-president] Concurrent Certificate Renewals

It seems that here the same cert is queued twice. The concurrent enrolments get confused with their internal state until the president face-plants.

2017/10/10 18:43:54 ERROR: Neither certificate nor private key found in secret: kubernikus-eu-nl-1/kubernikus-api
2017/10/10 18:43:54 INFO: Enrolling certificate for host kubernikus-eu-nl-1.admin.cloud.sap
2017/10/10 18:43:57 ERROR: Neither certificate nor private key found in secret: kubernikus-eu-nl-1/kubernikus-api
2017/10/10 18:43:57 INFO: Enrolling certificate for host kubernikus-eu-nl-1.admin.cloud.sap
2017/10/10 18:44:10 INFO: Approving certificate for host kubernikus-eu-nl-1.admin.cloud.sap using TID 1540787452
2017/10/10 18:44:12 ERROR: Couldn't enroll new certificate using CSR "-----BEGIN CERTIFICATE REQUEST-----\nMIIDGTCCAgECAQAwgZMxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN\nBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGU0FQIFNFMSQwIgYDVQQLExtJbmZyYXN0\ncnVjdHVyZSBBdXRvbWl6YXRpb24xKzApBgNVBAMTImt1YmVybmlrdXMtZXUtbmwt\nMS5hZG1pbi5jbG91ZC5zYXAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\nAQDVFSLXEyCG85o3HSybfDUX30c4NZna5dHY9Ow0oTCZhES2BdF7NFIjSp66+t3z\nA+ZX5u36RSyBkWzSfuStxJ0kBCTOJbn5NwQJRzrtnJmeCjB7MgwK9eBvp/x0PTgx\n7TcfVa3I/Rpy92hOdzT0iAnwZp/gi7CuoYSsPOb3BXsCdTA++1EYT+bBhmRZgwBQ\nOC3xUWF1wYMRCHAyB6ljqeFC+o5oPkqC300VeMjq03DRyMvwG3P+Wgj9w2ks4SjF\nSghiiflFhSZrsOnIJK7GvnxaTes5d9m+564nPxHnexKJrHgOrA45zPJ/bTFZfAwL\npwNLfcPKwKDxHD3lUM8Kw/PdAgMBAAGgQDA+BgkqhkiG9w0BCQ4xMTAvMC0GA1Ud\nEQQmMCSCImt1YmVybmlrdXMtZXUtbmwtMS5hZG1pbi5jbG91ZC5zYXAwDQYJKoZI\nhvcNAQELBQADggEBAMIATn5xKt+ap8RAr7fKcMNCIcgNbV7+HJGAGxUaadNMwOpp\nOVOp/vIoKltdPpDgVnxq7F5Uyk0jaPWsyEiwiSFTRLl7hglJPobZ8oZzxektGK4R\nU88NaE1iVGrLiMeLy2QKeUMOzZZPzS+luoqBBeGFd2SWoz9EdyTjJym/x2PK+pPC\ncRZk69l0DoZOF3gAhexjEgs4RL7DxyhncFdYhaAEH0rwb20VV5HHi/aeGsB1wkcH\nrrtY3CXTDBidEdqr9T79+AA5E1W2Lncr/7+WoD1UHeXVJS7QVdJNDOMXJUidsTjs\nU4xhPblpKH1pRQZFauWwFF039FrMrBcK3GI3XjQ=\n-----END CERTIFICATE REQUEST-----\n": POST https://certmanager-webservices.websecurity.symantec.com/vswebservices/rest/services/enroll: Status: 0x1005 Message: Duplicate certificate
2017/10/10 18:44:12 ERROR: Couldn't enroll certificate for host kubernikus-eu-nl-1.admin.cloud.sap: POST https://certmanager-webservices.websecurity.symantec.com/vswebservices/rest/services/enroll: Status: 0x1005 Message: Duplicate certificate
2017/10/10 18:44:12 INFO: Couldn't enroll new certificate for ingress kubernikus-eu-nl-1/kubernikus-api and host kubernikus-eu-nl-1.admin.cloud.sap: POST https://certmanager-webservices.websecurity.symantec.com/vswebservices/rest/services/enroll: Status: 0x1005 Message: Duplicate certificate
2017/10/10 18:44:12 ERROR: &Ingress{ObjectMeta:k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta{Name:kubernikus-api,GenerateName:,Namespace:kubernikus-eu-nl-1,SelfLink:/apis/extensions/v1beta1/namespaces/kubernikus-eu-nl-1/ingresses/kubernikus-api,UID:45fca62f-adc1-11e7-bb1f-5a70d50ee276,ResourceVersion:11484212,Generation:1,CreationTimestamp:2017-10-10 13:45:27 +0000 UTC,DeletionTimestamp:<nil>,DeletionGracePeriodSeconds:nil,Labels:map[string]string{},Annotations:map[string]string{vice-president: true,},OwnerReferences:[],Finalizers:[],ClusterName:,Initializers:nil,},Spec:IngressSpec{Backend:nil,TLS:[{[kubernikus-eu-nl-1.admin.cloud.sap] kubernikus-api}],Rules:[{kubernikus-eu-nl-1.admin.cloud.sap {HTTPIngressRuleValue{Paths:[{/ {kubernikus-api {0 1234 }}}],}}}],},Status:IngressStatus{LoadBalancer:k8s_io_kubernetes_pkg_api_v1.LoadBalancerStatus{Ingress:[{10.46.36.116 } {10.46.36.12 } {10.46.36.36 }],},},} failed with : POST https://certmanager-webservices.websecurity.symantec.com/vswebservices/rest/services/enroll: Status: 0x1005 Message: Duplicate certificate
2017/10/10 18:44:22 INFO: Next check in 1m0s
2017/10/10 18:44:22 INFO: Certificate for host prometheus.admin.cloud.sap is valid until 2018-09-28 23:59:59 +0000 UTC
2017/10/10 18:44:22 INFO: Certificate for host prometheus-collector.admin.cloud.sap is valid until 2018-09-28 23:59:59 +0000 UTC
2017/10/10 18:44:22 INFO: Certificate for host kubernikus-staging.admin.cloud.sap is valid until 2018-10-05 23:59:59 +0000 UTC
2017/10/10 18:44:27 ERROR: Neither certificate nor private key found in secret: kubernikus-eu-nl-1/kubernikus-api
2017/10/10 18:44:27 INFO: Enrolling certificate for host kubernikus-eu-nl-1.admin.cloud.sap
2017/10/10 18:44:32 INFO: Add/Update certificate and key in secret kubernikus-eu-nl-1/kubernikus-api
E1010 18:44:32.541494       7 runtime.go:66] Observed a panic: "invalid memory address or nil pointer dereference" (runtime error: invalid memory address or nil pointer dereference)
/go/src/github.com/sapcc/kubernetes-operators/vice-president/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:72
/go/src/github.com/sapcc/kubernetes-operators/vice-president/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:65
/go/src/github.com/sapcc/kubernetes-operators/vice-president/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:51
/usr/local/go/src/runtime/asm_amd64.s:514
/usr/local/go/src/runtime/panic.go:489
/usr/local/go/src/runtime/panic.go:63
/usr/local/go/src/runtime/signal_unix.go:290
/go/src/github.com/sapcc/kubernetes-operators/vice-president/pkg/president/util.go:100
/go/src/github.com/sapcc/kubernetes-operators/vice-president/pkg/president/operator.go:539

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

  • WARN: Error obtaining docker token

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • Update module k8s.io/utils to v0.0.0-20240502163921-fe8a2dddb1d0
  • Update module github.com/getsentry/raven-go to v0.2.0
  • Update module github.com/onsi/gomega to v1.33.1
  • Update module github.com/pkg/errors to v0.9.1
  • Update module github.com/prometheus/client_golang to v1.19.1
  • Update module github.com/stretchr/testify to v1.9.0
  • Update module golang.org/x/crypto to v0.23.0
  • Update module gopkg.in/alecthomas/kingpin.v2 to v2.4.0
  • Update module gopkg.in/yaml.v2 to v2.4.0
  • Update module k8s.io/component-helpers to v0.30.0
  • Update module sigs.k8s.io/controller-runtime to v0.18.2
  • Update dependency oslo.config to v9
  • Update dependency oslo.serialization to v5
  • Update dependency pyparsing to v3
  • Update module github.com/golang/glog to v1
  • Update module gopkg.in/yaml.v1 to v3
  • Update module gopkg.in/yaml.v2 to v3
  • Update module k8s.io/client-go to v11
  • Update module k8s.io/kubernetes/pkg/util/dbus to v1
  • ๐Ÿ” Create all rate-limited PRs at once ๐Ÿ”

Warning

Renovate failed to look up the following dependencies: Failed to look up docker package keppel.eu-de-1.cloud.sap/ccloud/ccloud-shell.

Files affected: openstack-seeder/Dockerfile

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

dockerfile
disco/Dockerfile
  • golang 1.22
externalip/Dockerfile
  • alpine 3.18
kube-fip-controller/Dockerfile
openstack-seeder/Dockerfile
  • keppel.eu-de-1.cloud.sap/ccloud/ccloud-shell 20201009092514
prometheus-fusion/Dockerfile
  • golang 1.9-alpine3.7
  • alpine 3.7
sentry/Dockerfile
  • alpine 3.8
vice-president/Dockerfile
  • golang 1.12.9-alpine3.10
  • alpine 3.10
gomod
disco/go.mod
  • go 1.22
  • github.com/go-logr/logr v1.4.1
  • github.com/gophercloud/gophercloud v1.11.0
  • github.com/onsi/ginkgo/v2 v2.17.1
  • github.com/onsi/gomega v1.32.0
  • github.com/pkg/errors v0.9.1
  • gopkg.in/yaml.v2 v2.4.0
  • k8s.io/api v0.29.3
  • k8s.io/apimachinery v0.29.3
  • k8s.io/client-go v0.29.3
  • k8s.io/utils v0.0.0-20230726121419-3b25d923346b@3b25d923346b
  • sigs.k8s.io/controller-runtime v0.17.3
externalip/go.mod
  • go 1.22
  • github.com/golang/glog v1.2.1
  • github.com/spf13/pflag v1.0.5
  • k8s.io/api v0.29.4
  • k8s.io/apimachinery v0.29.4
  • k8s.io/client-go v0.29.4
  • k8s.io/api v0.29.4
  • k8s.io/apiextensions-apiserver v0.29.4
  • k8s.io/apimachinery v0.29.4
  • k8s.io/apiserver v0.29.4
  • k8s.io/cli-runtime v0.29.4
  • k8s.io/client-go v0.29.4
  • k8s.io/cloud-provider v0.29.4
  • k8s.io/cluster-bootstrap v0.29.4
  • k8s.io/code-generator v0.29.4
  • k8s.io/component-base v0.29.4
  • k8s.io/component-helpers v0.29.4
  • k8s.io/controller-manager v0.29.4
  • k8s.io/cri-api v0.29.4
  • k8s.io/csi-translation-lib v0.29.4
  • k8s.io/kube-aggregator v0.29.4
  • k8s.io/kube-controller-manager v0.29.4
  • k8s.io/kube-proxy v0.29.4
  • k8s.io/kube-scheduler v0.29.4
  • k8s.io/kubectl v0.29.4
  • k8s.io/kubelet v0.29.4
  • k8s.io/kubernetes/pkg/util/dbus v0.29.4
  • k8s.io/legacy-cloud-providers v0.29.4
  • k8s.io/metrics v0.29.4
  • k8s.io/mount-utils v0.29.4
  • k8s.io/pod-security-admission v0.29.4
  • k8s.io/sample-apiserver v0.29.4
kube-fip-controller/go.mod
  • go 1.22
  • github.com/go-kit/kit v0.9.0
  • github.com/gophercloud/gophercloud v1.11.0
  • github.com/pkg/errors v0.9.1
  • github.com/prometheus/client_golang v1.19.0
  • gopkg.in/alecthomas/kingpin.v2 v2.2.6
  • gopkg.in/yaml.v2 v2.4.0
  • k8s.io/api v0.28.8
  • k8s.io/apimachinery v0.28.8
  • k8s.io/client-go v0.28.8
openstack-seeder/go.mod
  • go 1.22.0
  • github.com/getsentry/raven-go v0.0.0-20180517221441-ed7bcb39ff10@ed7bcb39ff10
  • github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b@23def4e6c14b
  • github.com/spf13/pflag v1.0.2-0.20180601132542-3ebe029320b2@3ebe029320b2
  • gopkg.in/yaml.v2 v2.0.0-20170721113624-670d4cfef054@670d4cfef054
  • k8s.io/apiextensions-apiserver v0.0.0-20180417153807-718d845dac8d@718d845dac8d
  • k8s.io/apimachinery v0.0.0-20180302183549-c44b40f648ea@c44b40f648ea
  • k8s.io/client-go v0.0.0-20180111073159-0cdf7ac6ed10@0cdf7ac6ed10
sentry/go.mod
  • go 1.17
  • github.com/atlassian/go-sentry-api v0.0.0-20180801221835-72979af954a6@72979af954a6
  • github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b@23def4e6c14b
  • github.com/spf13/pflag v1.0.5
  • k8s.io/api v0.21.13
  • k8s.io/apiextensions-apiserver v0.21.13
  • k8s.io/apimachinery v0.21.13
  • k8s.io/client-go v0.21.13
  • k8s.io/code-generator v0.21.13
vice-president/go.mod
  • go 1.12
  • github.com/go-kit/kit v0.9.0
  • github.com/pkg/errors v0.8.1
  • github.com/prometheus/client_golang v1.1.0
  • github.com/sapcc/go-vice v0.0.0-20190821082040-e4ca123d1d42@e4ca123d1d42
  • github.com/spf13/pflag v1.0.3
  • github.com/stretchr/testify v1.4.0
  • golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7@227b76d455e7
  • gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0@9f9df34309c0
  • k8s.io/api v0.0.0-20181204000039-89a74a8d264d@89a74a8d264d
  • k8s.io/apimachinery v0.0.0-20181127025237-2b1284ed4c93@2b1284ed4c93
  • k8s.io/client-go v10.0.0+incompatible
kustomize
disco/deploy/kustomize/config/manager/kustomization.yaml
pip_setup
openstack-seeder/python/setup.py
  • python-keystoneclient >=3.20.0
  • python-novaclient >=14.2.0
  • python-neutronclient >=6.12.0
  • python-designateclient >=2.11.0
  • python-swiftclient >=3.8.0
  • python-manilaclient >=1.27.0
  • python-cinderclient >=6.0.0
  • osc-placement >=1.4.0
  • zipp ==3.0.0
  • pyyaml >=4.2b4
  • pyparsing ==2.1.0
  • oslo.serialization ==2.29.2
  • oslo.config ==7.0.0
  • python-dateutil >=2.7.0
  • Check this box to trigger a request for Renovate to run again on this repository

BackUp OPerator

Hi, is there something behind this README.md of the backup Operator, or was this just an Idea back then?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.