Kubernetes Operators ❤Ansible

Shawn HurleyPrincipal Software Engineer

Share your automation story

1. How did you get started with Ansible?

2. How long have you been using it?

3. What's your favorite thing to do when you Ansible?

What is Kubernetes?An open source orchestration system for implementing a microservices architecture as containerized applications run and are coordinated across a cluster of nodes.

Manage how containerized apps interact with other apps or the outside world

Run distributed systems resiliently across a cluster of nodes

Perform health checks

Scale your services up or down

Perform graceful rolling updates

Networking and routing of traffic

Manages ephemeral and persistent storage volumes

Level based reconciliation

K8S API Resource WATCH EVENTS

RECONCILE Action/s in cluster

Controller

● Encode human operational knowledge

● Automatically patch, upgrade, recover, and tune container-based apps and services

● Kubernetes-native

● Purpose-built for a specific application or service

● Enable “day 2” management

Kubernetes Operators

Operators simplify management of complex applications on Kubernetes

K8S API

CUSTOM RESOURCE

MY K8S APPLICATION

automatically updates resource

status

OPE

RATO

R SD

K BI

NARY

K8s Operator with Ansible

WATCHES.YML

ANSIBLERUNNER

executes & reports

Reconciliation with K8s Cluster

event monitoring

manages

Kubernetes Operators ❤ Ansible

REVERSE PROXY

reads

Developing your first Operator with Ansible

● Initialize Your Operator With Ansible○ $ operator-sdk new foo-operator

--api-version=cache.example.com/v1alpha1 --kind=Foo --type=ansible

● Automate With Ansible○ Create new roles and playbooks or reuse an existing one

● Define a watches file○ Map a Kubernetes object to your Ansible content

● Build Your Operator○ $ operator-sdk build foo-operator:v0.0.1

● Deploy Your Operator to a Kubernetes Cluster

Mapping Kubernetes events to Ansible

# watches.yaml---version: v1alpha1group: cache.example.comkind: Memcachedplaybook: /path/to/playbook

The “watches” file (watches.yaml) maps a Kubernetes object to your Ansible automation

Associates the Kubernetes Group, Version, Kind (GVK) to an Ansible Role or Playbook

The Operator SDK binary watches the cluster for matching events defined in the watches.yml

Executes the associated Ansible content when an event occurs

Custom resource to Ansible extra variables

apiVersion: <Group/Version>kind: <kind>metadata: name: <name>spec: <key>: <value> ….status: <key>: <value> ….

spec: values will be translated to Ansible extra_vars .

status: will have a generic status recorded by the Ansible Operator. This will use ansible-runner output to generate meaningful information for the user.

Demo Time!

Future Enhancements ● Tower Integration● Open API Generation for structural

schema in the custom resource● Using ansible during webhooks● Features to allow for more garbage

collection, cache, and dependent watches control

● And more!

If you would like to contribute:

https://github.com/operator-framework/operator-sdk

File Issues if you come across a problem or if you would like a feature.

We are always looking for contributors and would love to have you!

Explore Operators

OperatorHub.io is a home for the Kubernetes community to share Operators.

Find an existing Operator or list your own today.

etcd OperatorA great example of a sophisticated Kubernetes Operator using Ansible:github.com/water-hole/etcd-ansible-operator

Memcached OperatorSimple walkthrough for building an Operators using the Ansible Operator SDK and Kubernetes CRDs github.com/operator-framework/operator-sdk-samples/tree/master/memcached-operator

More resources