5.1. Custom Resources and Operators

By the end of this lab, you will understand how to create and manage Custom Resource Definitions (CRDs) and Custom Resources (CRs) within a Kubernetes namespace where you have limited permissions. Additionally, you will be introduced to Kubernetes operators and how they leverage CRDs to manage resources, with a specific example using Azure Service Operator (ASO).

Kubernetes Operators and CRDs

Operators in Kubernetes extend its functionality by automating the management of complex applications. They use CRDs to define custom resources (CRs), allowing users to manage infrastructure components as native Kubernetes objects. Some common use cases include:

• Cloud Resource Management: Operators like Azure Service Operator and Crossplane manage cloud resources via CRDs.
• Database Operators: Solutions such as the PostgreSQL Operator and MongoDB Operator enable declarative database management.
• Security and Policy Enforcement: Tools like Kyverno and Gatekeeper enforce security policies through CRDs.

Azure Service Operator (ASO)

Azure Service Operator enables Kubernetes to manage Azure resources as Kubernetes objects. Instead of provisioning Azure resources manually, you can declare them using Kubernetes CRDs.

In this lab, we will define a CR for an Azure Redis Cache . Since this lab does not include Azure credentials, the operator will not create the resource, but we will install the CRD and define a Redis cache resource.

Task 5.1.1: Install the Redis Cache CRD

To use Azure Service Operator, an administrator must install it in the cluster. However, since installing it without proper Azure credentials is impractical, we will only install the CRD for the Redis Cache.

Run the following command to install the CRD:

kubectl apply -f https://raw.githubusercontent.com/Azure/azure-service-operator/refs/tags/v2.12.0/charts/azure-service-operator/crds/apiextensions.k8s.io_v1_customresourcedefinition_rediscaches.azure.microsoft.com.yaml

Verify that the CRD is installed:

kubectl get crd rediscaches.azure.microsoft.com

Task 5.1.2: Create a Redis Cache Custom Resource

Now, define a RedisCache resource within your namespace. Create a file named redis.yaml, you can use vim or nano for that:

apiVersion: azure.microsoft.com/v1alpha1
kind: RedisCache
metadata:
  name: azure-redis
spec:
  location: eastus2
  resourceGroup: my-redis-cache
  properties:
    sku:
      name: Basic
      family: C
      capacity: 1
    enableNonSslPort: true

Apply the resource using:

kubectl apply -f redis.yaml

Task 5.1.3: Verify the Custom Resource

Check if your resource was created:

kubectl get rediscache

Example output:

NAME              AGE
azure-redis       10s

To view details:

kubectl describe rediscache azure-redis

Summary

This lab demonstrated how Kubernetes CRDs and operators enable declarative management of infrastructure components. Even without full access to Azure, you can experiment with defining resources via CRDs. For further learning, explore how to build your own operators to manage custom workloads.