Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Small Update to "Writing a Kubernetes Operator" #104

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Small Update to "Writing a Kubernetes Operator" #104

wants to merge 2 commits into from

Conversation

DmitryDodzin
Copy link
Member

Change article a bit to clarify the difference between api-service and controller

@DmitryDodzin DmitryDodzin marked this pull request as ready for review October 30, 2024 09:50
eyalb181
eyalb181 requested changes Oct 31, 2024
View reviewed changes
content/en/blog/kubernetes-operator/index.md Outdated Show resolved Hide resolved
content/en/blog/kubernetes-operator/index.md Outdated Show resolved Hide resolved
content/en/blog/kubernetes-operator/index.md

A **controller** is a software component that tracks Kubernetes objects and interacts with them. The objects themselves are managed by Kubernetes itself. For example, Admission Controllers watch new objects being created and enforce policies on them. The objects the controller manages can be existing objects. Note that the controller is a pattern. It doesn’t dictate how the controller should run - it can be from a desktop, server, cluster, or anywhere else where it can interact with the Kubernetes API.

An **operator** is a controller that tracks new resources you can add by using CustomResourceDefinition.
An operator can use the Kubernetes API to manage these resources; alternatively, a third component called APIService can be leveraged for handling requests to these resources to the Kubernetes API.
An **APIService** is an extension to actual kubelet-api that allows you to create virtual CustomResourceDefinitions that don't exist in etcd and allows you to implement more advanced verbs manualy or use the kubernetes api to expose more advanced api's like `kubectl auth can-i` api that uses `SelfSubjectAccessReview` (it's a `create` only api that expects no or an empty `metadata` field).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
An **APIService** is an extension to actual kubelet-api that allows you to create virtual CustomResourceDefinitions that don't exist in etcd and allows you to implement more advanced verbs manualy or use the kubernetes api to expose more advanced api's like `kubectl auth can-i` api that uses `SelfSubjectAccessReview` (it's a `create` only api that expects no or an empty `metadata` field).
An **APIService** is an extension to actual Kubelet API that allows you to:
- Create virtual CustomResourceDefinitions that don't exist in etcd
- Implement more advanced verbs manually
- Use the Kubernetes API to expose more APIs like `kubectl auth can-i` api that uses `SelfSubjectAccessReview` (a `create` only api that expects no or an empty `metadata` field).

content/en/blog/kubernetes-operator/index.md

A **controller** is a software component that tracks Kubernetes objects and interacts with them. The objects themselves are managed by Kubernetes itself. For example, Admission Controllers watch new objects being created and enforce policies on them. The objects the controller manages can be existing objects. Note that the controller is a pattern. It doesn’t dictate how the controller should run - it can be from a desktop, server, cluster, or anywhere else where it can interact with the Kubernetes API.

An **operator** is a controller that tracks new resources you can add by using CustomResourceDefinition.
An operator can use the Kubernetes API to manage these resources; alternatively, a third component called APIService can be leveraged for handling requests to these resources to the Kubernetes API.
An **APIService** is an extension to actual kubelet-api that allows you to create virtual CustomResourceDefinitions that don't exist in etcd and allows you to implement more advanced verbs manualy or use the kubernetes api to expose more advanced api's like `kubectl auth can-i` api that uses `SelfSubjectAccessReview` (it's a `create` only api that expects no or an empty `metadata` field).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DmitryDodzin wdym by "expects no"?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

like create the request doesn't even have the metadata field like only the apiVersion, kind and spec this usually will result in an error because metadata is mandatory for most resources

content/en/blog/kubernetes-operator/index.md Outdated Show resolved Hide resolved
content/en/blog/kubernetes-operator/index.md Outdated Show resolved Hide resolved
@cloudflare-workers-and-pages Cloudflare Workers and Pages
Copy link

cloudflare-workers-and-pages bot commented Nov 4, 2024
edited
Loading

Deploying metalbear-co with  Cloudflare Pages  Cloudflare Pages

Latest commit: b300918
Status:🚫  Build failed.

View logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eyalb181 eyalb181 eyalb181 requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DmitryDodzin @eyalb181