What is a Kubernetes Operator?
In Kubernetes, an operator is an application-specific controller that can help you package, deploy, and manage a Kubernetes application.
Ordinarily, you run and manage Kubernetes applications via the Kubernetes application programming interface (API) and kubectl tooling. Operators lets you extend the functionality of the Kubernetes API, enabling it to configure, create, and manage instances of applications automatically using a structured process.
Operators use the basic capabilities of Kubernetes controllers and resources, but add application-specific or domain knowledge to automate the entire lifecycle of the application it manages.
In this article, you will learn:
Why are Kubernetes Operators Important?
Operators Extend Kubernetes Functionality
A Kubernetes operator is designed to extend the capabilities of Kubernetes, and also simplify application management. This is especially useful for stateful applications, which include persistent storage and other elements external to the application, and may require extra work to manage and maintain.
Kubernetes operators enable you to easily extend Kubernetes capabilities for specific software and use cases. For example, database operators let a Kubernetes user securely deploy and manage specific databases.
Related content: Read our guide to Kubernetes architecture ›
Improve Management of Hybrid Environments
Operators allow developers to create powerful tools that can be used on any infrastructure with Kubernetes installed. This is very important for organizations running Kubernetes both on-premises and on one or more public clouds. An operator can provision applications in a consistent manner, across multiple environments, while adhering to the best practices for each installation.
Applications based on operators retain flexibility, and can be managed using kubectl and other Kubernetes native tools. Creating a new instance of an application is as simple as using kubectl to create an instance of an operator-defined custom resource.
In the past, Kubernetes administrators had to have a detailed understanding of each application to manage it. By moving this domain knowledge into the operator and automating it, administrators can focus on the Kubernetes side and treat every application as a standard workload.
Making Kubernetes Automation Seamless
Kubernetes lets you automate the infrastructure required to run containerized applications as well as management and operational tasks. This level of automation is a must if you want to run containerized applications at scale in a production environment.
Automating an IT environment means converting human knowledge and effort (usually a painful effort) into software. This is what Kubernetes operators do, taking all known information and the application lifecycle and then systematizing the info into an automated form. Kubernetes can then handle these tasks for you.
How Does a Kubernetes Operator Work?
Operators use controllers that monitor Kubernetes objects. These controllers are slightly different from regular Kubernetes controllers, because they track custom objects, known as custom resource definitions (CRDs). A CRD is an extension of the Kubernetes API that provides a place to store and retrieve structured data (the desired application state).
Operators track cluster events related to specific types of custom resources. These custom resources can track three types of events—add, update, and delete.
When the operator receives the information, it takes action to bring the Kubernetes cluster or external system to the desired state as part of the custom controller scaling cycle.
To summarize a Kubernetes operator’s workflow:
- User makes changes to a CRD
- The operator tracks the CRD and identifies change events
- The operator reconciles the CRD state with the desired state
- The operator adjusts cluster state to the desired state
Top 6 Kubernetes Operators
Following are some of the most common operators used by Kubernetes administrators. For an extensive list of important operators, see the awesome operators list maintained by the Operator Framework.
RBAC Manager Operator
This Kubernetes operator was designed by Fairwinds to simplify the use of RBAC on Kubernetes. RBAC Manager can help you easily set up and manage RBAC configurations with minimal manual work.
HPA Kubernetes Operator
This operator was designed by Banzai cloud to help you add pod autoscaling functionalities to your Helm charts. The Horizontal Pod Autoscaler (HPA) operator tracks Deployments or StatefulSets, and then automatically deletes, updates, or creates HPAs according to predefined annotations located in the configuration file.
This is a popular mesh tool that can help you orchestrate, secure, monitor, and manage communications across all microservices deployed on Kubernetes. The Istio operator simplifies tasks related to the installation, upgrading, and troubleshooting of Istio. The operator API supports all six built-in installation configuration profiles, including demo, default, and remote.
Elastic Cloud on Kubernetes (Elastic Kubernetes Operator)
Elastic Cloud on Kubernetes (ECK) is an official open source operator designed especially for the Elastic Stack (ELK). It lets you automatically deploy and manage ECK, including features like Elasticsearch, Kibana, and Logstash. ECK provides features like monitoring clusters, automated upgrades, scheduled backups, and dynamic scalability of local storage.
The Grafana operator is designed by RedHat to help you create, configure, and manage Grafana instances on Kubernetes. In addition to simplifying Grafana deployments, the operator offers many other features. For example, you can use it to make Grafana available via ingress, automate dashboard creation and data source discovery.
Starboard integrates security tools into the Kubernetes environment, allowing users to natively find and view risks associated with various resources in Kubernetes.
This operator automatically updates the security report resource in response to Kubernetes cluster workloads and other changes. For example, starting a new pod initiates a vulnerability scan and configuration audit.