感觉比较全面,涉及到很多k8s的基本概念,可以深入看也可以粗略有个印象
资料来源:https://github.com/cloud-ark/kubeplus/blob/master/Guidelines.md
这家公司:https://cloudark.io/operator-maturity-model
相关知识
- kubernetes extensions一般指的是operators:
- 扩展k8s的资源集以及增加一些具体应用的自动化工作流
- 比如数据库、key-value store、api网关等
- 企业级别的devops团队会建立自己的k8s native stacks
operator maturity model(具体每个小部分可以深入链接看)
- 作用:help calibrate an Operator’s readiness to work alongside other Operators in Kubernetes native stacks
- model的 six categories
- consumability(适用性)
- 设计custom resource作为声明式API
- 声明式API兼容kube OpenAPI
- 使用kubectl作为主要的交互机制
- 有用户手册
- configurability
- 为custom resource设计:Document labels, annotations or spec property based dependencies
- 定义custom resource的resource limits和resource requests
- 通过Use ConfigMap or Custom Resource Annotation or Custom Resource Spec definition配置软件
- security
- Define Service Account for Operator Pod
- Define Service Account for Custom Resources
- Define SecurityContext and PodSecurityPolicies for Custom Resources
- Make Custom Controllers Namespace aware
- 定义自定义资源Node Affinity rules
- 定义自定义资源Pod Affinity rules
- 定义自定义资源的网络策略
- robustness
- Set OwnerReferences for underlying resources owned by your Custom Resource
- Define Custom Resource Spec Validation rules as part of Custom Resource Definition YAML
- Design for robustness against side-car injection into Custom Resource Pods
- Define Custom Resource Anti-Affinity rules
- Define Custom Resource Taint Toleration rules
- Define PodDisruptionBudget for Custom Resources
- debuggability
- 启动审计日志
- 设计资源指标收集策略
- 公开custom resource composition信息
- portability(可移植性)
- 打包operator为helm chart
- Register CRDs as YAML Spec in Helm chart rather than in Operator code
- 在helm chart中包含crd 安装提示
- consumability(适用性)