►
Description
OpenShift Commons Briefing
Operators For Ansible People
Michael Hrivnak Red Hat
Diane Mueller Red Hat
Carol Chen Red Hat
Daniel Messer Red Hat
A
Well,
hello,
everybody
and
welcome
again
to
another
openshift
Commons
briefing
and
this
time
because
we
are
on
such
an
operator,
an
operator
framework
and
operator
hub
do
kick
this
week.
We
thought
we
would
do
a
talk
on
operators
for
ansible
people.
There's
a
huge
community
of
folks
out
there
that
we're
really
thrilled
with
all
the
work
and
all
the
play
books
and
all
the
work
everybody
been
doing,
and
we
wanted
to
make
sure
that
we
properly
got
their
point
of
view
incorporated
in
the
operator
stuff.
B
Thank
You
Diane
and
thank
you
all
for
joining.
My
name
is
Michael
rhythmic
I've
been
at
Red
Hat
for
almost
seven
years
now,
based
in
the
Raleigh
North
Carolina
global
headquarters,
office
I've
been
working
on
a
variety
of
container
related
things,
since
the
very
earliest
days
of
Red
Hat,
getting
involved
in
the
whole
docker
ecosystem
and
shipping
docker
containers
and
then
through
the
transition
into
kubernetes
and
most
recently
have
been
working
on
the
operator
SDK
and
in
particular,
focusing
on
the
ansible
side
of
that.
B
So
today,
we're
gonna
dive
pretty
deep
into
not
just
how
operators
work,
but
how
to
use
ansible
to
make
an
operator
so
save
up
your
questions.
Ask
some
questions
in
chat.
We've
got
some
other
folks
on
this
call
notably
show
another
engineer:
who's
been
really
one
of
the
leading
engineers
on
the
operator
CKD
and
in
the
ansible
bits
there.
So
he
can
answer
your
hardest
questions
on
talking
away.
B
You
can
do
those
in
chat
and
then
at
the
end,
we'll
try
to
save
some
time
for
questions
then,
with
that,
let's,
let's
dive
right
in
so
what
does
kubernetes?
Obviously,
we're
not
going
to
answer
that
question
completely
right.
Now,
probably
you
already
have
an
idea
if
you're
on
this
call,
but
what
I
want
to
hi
about
what
kubernetes
is
is
that
it
is
a
declarative
system.
B
This
is
the
kind
of
thing
that
you
have
to
create,
either
by
hand
or
using
some
kind
of
templating
engine
or
other
tool
on
the
left.
We
have
a
pod
definition.
A
pod
is
the
primitive
for
running
a
container
in
kubernetes,
and
what
I
want
to
highlight
here
is
the
bottom.
Half
of
that
is
ace
is
the
spec.
That
is
your
opportunity
to
specify
what
you
want
the
state
of
the
world
to
be
so
here
we're
specifying
that
we
want
to
run
this
container.
B
We
give
this
yamo
to
the
Kerberos
API,
and
then
we
basis
walk
away
and
trust
that
kubernetes
is
going
to
make
it
so
kubernetes
will
then
through
the
course
of,
however
much
time
it
takes,
do
whatever
is
necessary
to
make
these
things
reality
now,
as
an
ansible
user,
you
may
be
looking
at
this
and
thinking
well,
that
sounds
a
little
familiar.
Ansible,
of
course,
is
something
you
interact
with
by
using
amal
and
also
the
idempotent
nature
of
antimony
want
to
every.
Can
you
run
some
ansible
code?
B
You
want
to
get
the
same
result
at
the
end
right,
regardless
of
what
your
starting
point
was
and
kubernetes
is
a
very
similar
kind
of
concept
and
experience,
let's
dive
now
into
how
to
use
ansible
to
interact
with
kubernetes
and
which
is
really
the
foundation
of
before
we
get
to
operators.
What
we
need
to
know
and
what
I
think
is
really
the
most
powerful
part
of
all.
B
Okay,
on
the
Left,
we
have
some
kubernetes
yeah
Mille,
similar
to
what
we
looked
at
just
a
moment
ago,
and
this
is
the
kind
of
thing
that
we
could
take
that
yamo
on
the
Left,
exactly
as
it
is
right
it
out
to
a
file
and
use
cube.
Ctl
cube
control,
cube
cuttle,
whatever
you
prefer
to
call
it
and
say
you
CTL,
create
f
and
give
it
a
path
that
file,
and
it
would
read
this
yam,
oh
and
then
go
create
a
resource
based
on
this
animal.
B
Well,
instead
of
using
that
command-line
utility
to
do
that,
we
can
use
ansible
and
do
this
thing
on
the
right,
but
all
right
we
have
an
ansible
task.
A
task
is
the
generally
smallest
amount
of
work
that
you
want
to
tell
ansible
to
do
so.
You
would
classically
have
tasks
in
a
collection
that
are
in
a
file
together.
B
Perhaps
that
do
things
in
some
order,
like
you'd,
have
a
task
to
install
some
rpms
or
Debian
packages,
then
you
might
have
a
task
to
enable
a
system
d-unit
file
or
something
like
that,
and
you
can
go
on
and
on.
Well
here's
a
task
that
just
creates
that
resource
and
it
uses
the
k8s
module
to
do
it.
As
you
can
see,
it's
super
easy
and
it's
exactly
the
same.
Gamal
here
in
red
as
I
have
on
the
left.
Now
the
one
change
I
did
make
just
to
kind
of
show
off
a
little
bit.
B
What,
if
you
don't
want
to
inline
that
yeah
mo,
but
you
want
to
use
your
manifests
from
the
disk
where
they
already
are,
or
you
want
to
use
templates
there
and
template
eyes
them
as
files
individual
files?
Well,
you
can
do
that
too,
and
just
with
this
free
line
task
here,
this
is
all
it
takes.
You
can
use
that
this
Fujiyama
file
as
your
template
and
put
as
many
resource
definitions
in
there
as
you
would
care
to
and
template
eyes
them.
B
However,
you
like
and
when
you
run
ansible,
of
course,
when
you
run
ansible,
you
provided
some
kind
of
input
to
or
some
way
to
know
the
values
of
the
variables
that
you're
gonna
have
in
your
template.
That's
all
very
easy
if
you're
not
familiar
danceable,
but
in
this
case
those
values
get
passed
straight
through
very
seamlessly
into
that
template.
The
template
gets
rendered
and
whatever's
in
that
template
gets
created.
So
here
again,
Ansel
is
just
a
very
convenient,
very
easy
to
use
kubernetes
client,
and
this
is
an
animal
roll.
B
We
can't
really
talk
about
using
ansible
without
talking
about
a
roll
now.
This
is
for
ansible
people
this
session
right
now,
but
I
suspect
there
might
be
a
few
of
you
who
aren't
that
familiar
danceable
anyway.
So
an
answerable
roll
is
a
way
of
packaging
up
related
and
simple
code
for
reuse,
so
you
might
make
a
roll
that
deploy
is
a
database.
So
you
have
your
my
sequel,
roll,
perhaps
and
use
that
my
sequel
roll
to
deploy
a
database
on
your
your
infrastructure.
B
B
So
what
we're
gonna
focus
on
today
is
creating
a
roll
that
knows
how
to
deploy
and
manage
a
specific
application
in
kubernetes,
using
that
k8s
module
that
we
were
just
looking
at
in
ansible
galaxy
I,
want
to
point
out
is
a
central
location
on
the
internet
that
you
can
use
to
share
roles
with
the
world.
So
it's
a
little
bit
like
the
Python
package
index,
for
example,
or
puppet
Forge
or
other
similar
things
and
down
here
highlighted
in
yellow,
are
the
two
things
that
you
need
to
know
about.
B
In
order
to
successfully
create
a
role
for
your
application
to
deploy
in
kubernetes.
The
first
one
is
so
remember:
some
tool
is
going
to
scaffold
this
out,
for
you
and
I'll
show
you
one
of
those
tools
in
a
little
bit.
You're
gonna
get
this
skeleton
and
you're
gonna
go
into
that
templates
directory
and
just
drop
whatever
yamo
files
you
want
in
there
that
are
your
kubernetes
manifests.
B
Then
you're
gonna
go
into
that
main
Yama
file
in
the
tasks
directory,
and
that's
where
you
define
those
tasks
that
we
were
looking
at
just
a
moment
ago,
and
that's
really
it
that's
all.
You
have
to
do
to
use
ansible
as
a
very
powerful
kubernetes
client
all
right.
So
why
use
ansible
with
kubernetes?
Let's
tie
this
together,
at
least
so
we
have
similar
patterns
of
writing,
declarative
or
idempotent
yamo.
It
I
think,
is
a
very
similar
mindset
that
you're
in
using
one
system
or
the
other,
so
they
go
very
well
together.
B
A
lot
of
ops
teams,
of
course,
and
even
a
lot
of
developers,
are
already
very
familiar
with
ansible.
You
may
have
existing
investments
in
ansible.
You
might
be
deploying
things
today
using
ansible,
but
not
in
a
containerized
environment,
so
it
can
be
a
natural
step
to
to
use
or
even
reuse,
some
of
that
existing
ansible
investment
in
order
to
deploy
those
same
things
in
a
kubernetes
environment
and
even
if
you're
not
already
familiar
danceable,
it's
very,
very
easy
to
learn
and
there's
a
wonderful
tool,
I
think
very
competitive
with
really
any
other
tool
out
there.
B
That
helps
you
to
interact
with
kubernetes
and
it's
very
easy
to
learn.
We've
already
covered
this
to
some
extent
and
it
uses
familiar
Jinja
templating,
that's
very
familiar
to
many
already,
and
it's
capable
of
full
day
to
management
so
right
now,
because
this
is
a
briefing
we
have
to
try
to
keep
this
somewhat
brief,
we're
just
looking
at
the
very
basic
way
to
interact
with
kubernetes
from
ansible
by
creating
resources,
you
can
do
similar
things
to
remove
those
resources
or
update
those
resources,
but
it
is
very
powerful.
B
You
can
do
all
kinds
of
advanced
things,
so
Anza
Bowl
is
a
very
complete
way
to
interact
with
kubernetes
okay.
This
is
what
we've
all
been
waiting
for.
Operators,
if
you
haven't
heard
nothing
about
operators,
we're
gonna,
talk
some
more
about
operators
and
specifically
how
to
make
one
with
ansible
right
now
so,
first
off.
B
Now
an
operator
is
a
special
kind
of
controller
that
is
purpose-built
to
deploy
and
manage
an
application,
so
that
application
could
be
something
like
a
wiki
or
a
database
or
some
micro
service
or
some
large
service.
Whatever
kind
of
workloads
you
need
to
deploy
into
your
kubernetes
cluster
could
be
used
in
this
pattern
as
the
target
that's
being
managed
by
an
operator
in
the.
B
We
have
to
take
actions
in
order
to
establish
trust
and
maybe
repartition
something
and
introduce
a
new
container
into
an
existing
collection
of
running
containers.
There's
anything
advancing.
You
do
like
that
in
terms
of
scaling
operators
perfect,
for
that
backups
of
course
often
require
some
kind
of
multi-step
process
of
quiescing
a
service
or
turning
it
to
read-only,
or
something
like
that.
That
whole
workflows
is
a
great
fit
for
an
operator
and
then,
of
course,
everybody's
favorite.
B
Nobody
wants
to
get
paged
in
the
middle
of
the
night,
so
if
you
can
automate
common
failure,
scenarios
or
even
non
common
ones,
but
ones
that
you
could
perhaps
anticipate
your
operator
can
automatically
repair
your
application
for
you.
So
hopefully
you'll.
Never
have
to
deal
with
that
and,
of
course
that's
how
you
really
scale
out
your
human
operational
knowledge
by
automating
it
and,
of
course,
since
I
know
this
is
for
ansible
people
unappreciative
the
choir,
alright,
so
kubernetes
is
a
little
bit
unique
in
its
API.
B
In
that
not
only
does
it
have
the
kind
of
rest
ich.
I
restitch
a
p.
I
that
you
can
imagine
so
there's
a
whole
bunch
of
endpoints
that
represent
the
different
resources
like
pods
and
services
and
secrets
config
knives
all
this
stuff,
but
kubernetes
invites
you
and
me
to
extend
its
own
api
and
add
your
own
endpoints
into
its
api,
and
this
idea
of
custom
resources
is
what
enables
that.
So
here,
what
we
have
is
an
example
of
a
memcache
D
resource.
B
Now
the
kubernetes
api
has
all
these
extra
endpoints
that
understand
how
to
create
an
update
and
delete
and
do
some
other
specific
kind
of
things
with
that
new
resource
pipe.
So
it's
very
easy
to
do,
and
this
is
central
to
the
operator
pattern
whenever
you're
making
an
operator
we're
using
the
kubernetes
api
to
interact
with
that
operator
and
we're
doing
so
by
creating
a
custom
resource.
So
a
few
minutes
ago
we
were
talking
about
we're
gonna
create
an
Ansel
that
knows
how
to
deploy
some
specific
application
in
kubernetes.
B
Okay,
and
speaking
of
that,
here's
an
illustration
of
how
that
fits
together
and
how
that
works.
We
have
this.
This
smiling
little
face
on
the
top
left
of
this
screen
and
that
client
is
interacting
with
the
kubernetes
api,
and
so
imagine
we
have
some
custom
resource
like
let's
say
it
was
memcache
d
that
that
client
creates
a
memcache
key
resource
and
I'm
hearing
somebody
else's
audio,
so
maybe
you're
out
there
unmuted.
B
It
would
help
to
mute
yourself
so
you're
this
smiling
face
and
you've
got
this
API
that
you're
interacting
with
Kirby's
API
you've
created
your
resource.
Now
what
so?
We
have
this
orange
controller
in
the
middle
here
in
the
bottom.
So
again,
this
controller
is
itself
just
another
container
running
in
your
cluster.
It's
an
application
sitting
there
running
like
any
else,
but
it's
it's
talking
to
the
kubernetes
api
and
using
this
watch
feature
it's
able
to
watch
for
events
that
happen
that
are
related
to
a
particular
resource
type.
B
So,
in
our
case,
our
controller
is
watching
for
events
related
to
this
particular
resource
and
when
it
sees
one
of
those
events
come
in
all
it
does
is
it
runs
reconciliation,
most
controllers,
most
operators
end
up
having
one
large
function,
call
to
reconcile
and
that
reconcile
function
gets
called
every
time
when
these
events
happens
and
that
reconcile
function
does
what
you
might
expect.
It's
job
is
to
look
at
the
resource,
look
at
the
spec
and
and
see
what
has
been
specified
there.
B
What
is
the
desired
state
of
the
world
and
then
go
look
at
the
real
state
of
the
world
and
try
to
move
it
closer
to
that
desired
state.
So
here
in
our
case,
because
we're
talking
about
operator
pattern,
what
that
reconcile
function
is
going
to
do
is
ensure
that
these
pieces,
the
required
pieces
of
your
application,
exist
if
they're
healthy,
that
they're
talking
to
each
other
and
so
on,
and
that
they
meet
all
of
the
parameters
that
you
have
specified
in
your
custom
resource.
B
So
how
do
we
make
one
of
these
things?
Well,
we
have
the
operator
SDK
and
there's
good
chance
if
you're
on
this
call
you've
heard
of
this
thing
before
so.
The
operator
SDK
helps
you
to
not
just
create
an
operator
of
your
own,
but
also
it
helps
you
with
testing
and
especially
with
packaging,
so
that
you
can
make
your
operator
available
to
others.
We're
gonna
look
in
detail
at
that
in
just
a
few
minutes.
B
Now
you
can
create
an
operator
by
using
go,
that's
a
very
natural
way
to
do
it
or,
of
course
you
can
do
it
in
an
spool.
That's
what
we're
looking
at
today
and
you
can
create
an
operator
using
helm,
helm
based
operators
are
not
quite
they
don't
have
quite
the
potential
as
go
or
ansible
in
terms
of
to
management
like
really
advanced
kind
of
patterns,
of
doing
that
day,
to
scaling
and
back
up
and
repairing
and
all
that
sort
of
stuff.
B
But
home
can
be
a
very
effective
way
to
get
an
operator
and
get
a
functioning
operator
make
your
application
kubernetes
native,
at
least
from
a
deployment
standpoint
very
quickly,
if
you
already
have
existing
home
charts
and,
of
course,
here's
a
link
to
where
you
can
find
the
operator
sdk.
Now
the
operators
DK
itself
is
part
of
the
operator
framework
Gumpert.
Your
framework
includes
the
operators
DK.
B
It
includes
operator
metering,
which
is
a
project
to
track
resource
consumption
of
an
operator
and
generate
reports
on
that
useful
for
all
kinds
of
exciting
things,
and
then
the
operator
lifecycle
manager,
which
will
be
probably
the
most
exciting
thing
to
most
people
on
this
call.
That
is
the
thing
that
manages
it's
kind
of
like
an
installer
for
operators
themselves,
so
it
it
manages
what
operators
are
available
and
running
in
your
cluster
right
now.
B
Last
week's
briefing
I
just
wanted
to
get
a
shout
out
to
this
was
called
state
of
the
operators
with
Daniel
Messer.
There's
a
youtube
link
here,
highly
recommend
you
check
that
out.
He
have
a
very
nice
overview
of
just
the
total
picture
of
operators.
The
operator
framework
you
have
nice
demo
of
the
operator
hub,
which
we're
gonna
see
again
here
for
a
bit
of
a
repeat
appearance
in
a
few
minutes,
but
you're
interested
just
to
get
a
broad
overview
of
what
the
current
operator
framework
and
operator
landscape
is
highly
recommend
you
go
there.
B
If
you
don't
catch
this
link
here,
I
found
it
pretty
easy
to
find
just
on
the
openshift
youtube
channel
from
about
a
week
ago.
So
definitely
check
that
out.
Ok,
so
this
is
the
pattern
we
were
looking
at
just
a
minute
ago.
So,
just
refresh
we've
got
our
controller
in
the
middle
of
got
an
application
that
popped
out
of
it
on
the
top
right
and
we've
got
this
custom
resource
on
the
left.
So
what
does
this
look
like
if
we
introduce
ansible
into
this
pattern
in
implement
this
controller
using
ansible?
B
Here's
what
we
have
in
the
middle?
Now
we
have
this
ansible
operator,
so
we
have
the
operators
DK
box
here
inside
the
operator
box.
So
basically,
what
that
is
is
we
have.
As
the
operator
scape
team
already
built
an
operator,
we
built
that
operator
using
go
and
it's
a
generic
operator
that
will
run
ansible
for
you
based
on
how
its
configured.
So
what
you
tell
that
that
ansible
based
operator
is
for
any
given
resource
type
when
you
see
an
event
for
this
resource
type
I
want
you
to
run
this
ansible
playbook
or
role.
B
So
that's
where
this
watch
file
in
the
very
middle
comes
into
play.
Look
at
an
example
that
in
I
think
the
next
slide
or
a
couple
slides
from
now.
It's
a
mapping
between
a
resource
type
and
a
roller
of
play
book,
and
that's
that's
pretty
much
it
in
terms
of
what
you
need
to
provide
is
just
the
act,
the
actual
ansible
code
itself
and
then
this
mapping
and
the
answer
will
operate
itself.
Does
all
the
other
operator
type
things
it
takes
care
of
all
those
nitty-gritty
details
for
you.
B
This
is,
of
course,
you
know
both
both
good
and
bad
I
mean
it's
all
good
stuff,
there's
some
very
advanced
and
powerful
caching
and
queue
management
features
that
are
built
into
kubernetes
client
go
so
we're
very
fortunate
that
all
that
is
done
for
us
and
and
it's
there
available
to
use,
but
it
does
take.
You
know
quite
a
bit
of
knowledge
and
in
learning
and
just
time
to
get
some
experience
to
get
comfortable
with
that
stuff.
B
So
if
you
don't
have
that
time
or
don't
want
to
take
that
time
right
now,
especially
to
learn
all
those
those
specific
things
and
client
those
specific
things,
the
ansible
operator
uses
all
of
that
itself.
So
you
can
take
advantage
of
all
of
those
things,
but
not
have
to
worry
so
much
about
them
and
focus
on
writing
your
ansible.
B
So
if
there
were
perhaps
any
error
conditions
with
you're
associated
with
your
application,
those
you
think
those
might
get
represented
in
the
status
section
of
your
resource
or,
let's
say
you've
requested
that
there
be
ten
of
something
like
ten
copies
of
your
process
running,
but
only
seven
of
them
are
currently
running.
The
status
is
somewhere
that
you're
your
operator
might
put
that
information
and
say:
okay,
there's
actually
seven
in
the
world
right
now
that
I
know
about
that's
how
you
know.
B
What's
going
on
now,
the
ansible
operator
will
write
a
generic
status
for
you
and
put
some
reasonable
things
in
there
about
what
happened
on
the
most
recent
run
of
ansible.
Many
of
you.
If
you're
ansible
users
are
familiar
with
the
kind
of
information
ansible
itself
will
show
you
as
a
summary.
At
the
end
of
it,
run
its
run,
things
like
how
many
things
changed,
or
how
many
things
had
an
error
condition
of
some
kind,
that
same
data
gets
aggregated
and
represented
onto
the
status
of
your
resource
automatically
by
the
ansible
operator.
B
Now
on
the
right
side
of
this
yellowish
box,
here,
we've
got
handsome
runner,
which
appears
here.
Ansible
runner
is
a
a
tool
that
came
out
of
the
awx
project,
which
is
also
known
as
ansible
tower
downstream.
Ansible
runner
is
really
a
vehicle
for
running
ansible
code
in
a
programmatic
way,
in
a
way
that
a
is
machine
parsable
and
machine
drivable,
though
we
found
that
to
be
very,
very
useful.
In
just
the
perfect
fifth,
what
we're
doing
here
ant
will
runner
itself
as
it's
running.
B
The
ant
will
code
for
each
task,
that
happens
and
for
other
cases
to
potentially
it
sends
events,
it
emits
its
own
type
of
events
over
HTTP
back
to
whoever's,
listening-
and
in
this
case
our
operator
is
listening.
So
the
ants
will
operator
already
set
up
to
receive
these
events.
Parse
them
make
some
sense
of
them
and
use
that
information
to
not
just
manage
running
ansible
Runner
itself,
but
also
to
then
represent
what
did
ansible
do
onto
the
status
of
your
resource
now.
B
B
So
when
you
run
your
ansible
code
well,
when
ansel
runner
runs
your
ansible
code,
it
does
so
in
an
environment
that
is
configured
to
use
this
proxy
for
kubernetes
api
access.
So
any
standard,
kubernetes
client,
whether
it's,
whether
you're
shelling
out
with
cube
CTL
or
using
the
ansible
kubernetes
module
or
something
else
any
standard.
B
Your
average
like
standard
kubernetes
cluster
can
have
well
over
a
hundred
different
controllers
running
in
it,
maybe
hundreds,
potentially,
depending
what
you're
doing
with
it.
If
all
of
those
are
are
hammering
away
at
the
API
server
all
the
time,
we
really
could
bring
that
thing
down
just
from
the
the
like
standard,
low
level,
almost
idle
state
of
these
controllers
so
having
a
good,
solid,
reliable
caching
system
in
place
is
important,
and
this
proxy
allows
the
the
your
ansible
code
or
anything
else
take
advantage
of
the
same
cache
that
the
ants
will
operator
is
using.
B
The
second
thing
is
that
kubernetes
has
this
idea
of
garbage
collection
in
resource
ownership,
so
we
can
say
that
for
these
these
pieces
of
your
applications,
these
little
triangles
and
such
in
the
top
right
for
each
one
of
those
pieces
of
your
application.
We
can
say
that
it
is
owned
by
that
custom
resource
that
green
custom
resource
on
the
left.
B
What
this
gets
you
is
that
say
you
create
a
memcache
deere
resource
and
then
your
memcache,
the
operator
goes
off
and
creates
a
bunch
of
ODS
and
service
and
and
maybe
persistent
volume
claims
and
who
knows
what
else
all
these
other
resources,
each
of
them
can
be
owned
by
that
original
memcache.
The
resource
that
you
created
and
the
real
advantage
here
is
that
when
you
later
at
some
point,
go
and
delete
your
resource,
the
kubernetes
garbage
collector
will
automatically
then
go
in
and
delete
those
other
owned
resources
too.
B
Rather
than
make
you
as
a
person,
writing
the
ansible
figure
out
how
to
add
those
resource,
references
yourself
as
owner
references
yourself
and
make
you
remember
to
do
it
for
each
one.
We
just
do
it
for
you,
so
this
proxy
automatically
adds
those
resources
to
every
resource
that
you
create,
and
then
it
just
becomes
a
seamless
experience.
So
there's
a
lot
here
just
built
in
and
doing
a
lot
for
you
under
the
hood
okay.
So
we
talked
about
that
watches
file.
So
let's
look
at
an
example
of
that
watches
file.
B
This
is
a
very
basic
example.
This
is
the
kind
of
watches
file
you
would
be
looking
at
when
you
first
gaff
'old
out
your
skeleton
operator,
the
any
given
resource
in
kubernetes
any
resource
type
is
identified
by
a
group
version,
a
kind.
So
here
we're
saying
for
this
group
version
and
kind
run
this
playbook,
that's
it.
So
it's
very
simple
concept.
So
this
is
something
that
you,
as
the
ansible
operator
author
will
provide,
but,
like
I
said,
we
have
a
tool.
B
B
So
what
that
effectively
means
is
the
bottom
line.
Is
these
key
value
pairs
you
put
into
your
resource
on
the
left
are
seamlessly
passed
into
ansible
and
available
for
you
to
reference
inside
of
a
template,
so
the
end-to-end
is
very
easy.
It's
very
intuitive
and
you
can
just
make
your
ansible
based
templates
and
then
put
the
key
values
in
your
source,
and
the
operator
in
the
middle
takes
care
of
all
the
details
for
you
and
then
the
status
we
talked
about
already
a
little
bit.
This
status
is
automatically
generated
by
our
operator.
Now.
B
That
said,
what
I
should
have
pointed
out
earlier?
Is
it
you
have
the
option
to
put
your
own
information
in
that
status?
If
you
would
like
to
as
a
starting
point
for
most
people,
it
makes
sense
to
let
the
ansible
operator
create
its
generic
status,
and
you
know
see
how
far
that
gets.
You
see
how
useful
that
is,
and
if
you
find
that
you
have
a
need
to
put
your
own
custom
information
into
that
status,
you
can
do
so.
The
ansible
operator
provides
some
mechanisms
to
enable
you
to
put
your
own
information
into
that
status.
B
Okay
and
what
does
an
ansible
operator
image?
Look
like
so
on
the
on
the
bottom
here,
the
green
stuff
is
what
we
provide.
The
green
stuff
is
the
base
danceable
operator
image.
Of
course
it
includes
ansible
itself.
It
includes
ansible
Runner,
and
it
includes
the
the
ants
will
operator
binary,
which
is
that
generic
operator
that
we
we've
already
written
for
you,
that's,
is
itself
written
and
go
takes
advantage
of
all
the
client
go
features.
What
you
add
on
top
of
that
base
image
is
pretty
minimal.
It's
just
that
stuff
in
yellow
here.
B
So
a
watch
is
yamo
file
that
we
looked
at
a
minute
ago
and
then
one
or
more
ansible
roles
or
playbooks
potentially,
and
then
that
watch
was
the
ammo
file.
You
just
tell
it
for
what
for
this
given
resource,
you
need
to
create
this
ansible
role.
That's
really
the
only
stuff
you
provide
our
tooling
add
some
other
stuff
in
there
for
you,
but
in
terms
of
your
your
role
to
overload
that
word
in
this
whole
thing.
This
is
what
you
need
to
provide
in.
How
do
you
provide
that?
B
Well,
we
talked
about
the
operators
2k
before,
but
here's
what
it
looks
like
in
action.
But
if
I
was
gonna
start
a
brand
new
operator
right
now
and
do
it
in
ansible
I
could
run
this
command
operator
operator.
Sdk
new
memcache,
the
operator
gives
it
a
name.
We
tell
it
about
the
group
version
and
kind
for
the
resource
that
we're
going
to
create,
and
then
at
the
the
end
of
this
command
we
say
dash
dash
type
equals
ansible,
and
what
does
that
do
for
us?
What
creates
a
skeleton
ansible
role
for
us?
B
So
we
can
already
have
that
tasks,
file
that
we
can
go
in
and
start
adding
things
to
it
creates
that
mapping
file
already
populated.
So
it's
already
correct
and
ready
to
go.
You
don't
even
have
to
do
anything
to
it
by
default,
it
already
references
this
resource
type
and
it
already
references
that
role
that
got
scaffolded
out
for
you.
B
It
also
creates
the
custom
resource
definition
for
you,
which
is
another
ya,
know
file
another
resource
that
you
need
to
create
new
Brunetti
so
that
all
just
gets
created
for
you
and
is
available
for
you
to
use,
and
then
it
creates
the
deployment
manifest
for
your
new
operator
and
all
the
other
related
things
to
establish.
The
right
are
back
permissions
for
your
operator
when
it's
running
and
to
actually
run
your
operator
in
in
a
kubernetes
cluster,
and
then
we
have
this
hybrid
use
case.
B
That
is
developing
it's
a
little
bit
in
the
early
phase
right
now,
but
it
is
available
and
you
can
use
it
and
actually
we'd
really
like
some
input
from
folks
about
how
they
would
like
to
use
this
and
what
we
can
do
to
make
it
even
more
usable
for
you.
But
basically
the
idea
here
is
say
that
you're
creating
an
operator
using
ansible,
but
at
some
point
you
just
find
that
you
need
to
write
some
logic
and
go
could
be
a
lot
of
different
reasons.
B
Maybe
you
want
to
take
advantage
of
a
very
specific
feature
in
in
client
go
or
some
other
part
of
kubernetes
code.
Maybe
you
want
to
use
some
other
criminis
library.
In
my
case,
I
had
to
do
this
recently
because
I
needed
to
implement
an
interface
and
actually
the
way
that
I
needed
to
create.
My
operator
was
to
implement
an
interface
that
this
other
sort
of
generic
kubernetes
controller
was
going
to
use
so
to
go
interface.
They
got
to
do
that.
B
B
Okay,
so
next
up,
let's
talk
about
operator
hub,
so
back
for
a
repeat
appearance
is
none
other
than
Daniel
Messer
himself.
Who
was
on
last
week.
He
is
a
senior
product
manager
at
Red,
Hat,
he's
really
the
guy
to
demo
operator
hub
and
in
its
integration
into
openshift,
so
I
think
Daniel
is
on
now
I'm
going
to
unshare
and
turn
it
over
for
a
couple
minutes
to
Daniel
to
really
show
off
your
how
that
you
can
consume
these
operators
thanks.
C
Leica
I
suddenly
feel
very
old,
being
called
also
senior.
So
let's
do
something
fun
and
go
to
operator
hop
that
I
of
an
application.
My
screen
here
to
get
this
introduced
to
you
so
hopefully
you've
all
seen
acknowledged
as
well.
How
easy
it
actually
is
now
to
write
an
operator
write
it
only
to
be
able
to
basically
write
an
offer
and
go.
You
don't
need
to
be
familiar
with
all
the
nitty-gritty
details
of
how
to
connect
to
the
cube,
API
and
consume
things
like
listeners
and
watches
there
with
the
operator
is
DK.
C
You
can
basically
just
scaffold
almost
everything
that's
needed
for
that
out,
except
obviously
for
your
hands
will
play
upright
and,
as
you
know,
what
oh
no
ansible
is
fairly
easy
to
get
up
to
speed
with,
even
if
you
having
familiar
with
it
yet
and
using
the
quite
mighty
KS
module,
you
would
be
able
to
quickly
orchestrate
on
kubernetes
using
the
answer
wallpaper
now,
let's
say
you've
done
that
our
printers
will
works.
It's
awesome
and
has
all
this
nice
functionality.
What
do
you
do
with
it
right?
You
want
to
publish
this
somewhere.
C
You
want
to
push
this
out
to
the
world
and
have
people
use
it
and
test
it
and,
as
it
happened
to
be,
we
actually
released
such
a
place
last
week
on
Thursday
aiming
to
be
a
central
core.
Infiniti
communities
community
comes
together
and
shares
operators
and
that's
believe
what
offered
a
hub
that
IO
is
about.
C
So
we
have
an
operator
hub
in
open
ships,
which
is
basically
a
curated
set
of
community
operators,
RedHat
maintain
operators
and
certified
operators
on
purpose
with
commercial
support
that
you
can
directly
deploy
on
the
cluster,
but
we've
also
stood
out
offered
a
hub
that
io
aiming
for
the
same
experience
but
for
general
kubernetes
clusters.
So
the
operas
that
we
start
together
here
are
not
limited
to
OpenShift,
OCP
or
lkd,
but
should
work
basically
on
any
kubernetes
cluster
right.
C
So
on
the
side,
you
have
an
index
of
all
the
operators
that
we
that
we
are
currently
curated.
So
this
is
basically
coming
off
a
github
repository
that
you
can
find
under
the
operator
framework
organization.
It's
called
community
operators
and
essentially
all
that
you
need
to
do
and
on
to
contribute.
There
is
simply
create
a
pull
request,
but
the
pull
request
will
contain
your
operator,
primarily
its
metadata
formatted,
in
a
certain
way,
so
it
can
be
used
and
picked
up
by
the
operator.
C
Lifecycle
manager
Michael
hinted
on
that
before
this
is
the
component
in
the
cluster
that
centrally
governs
all
your
operators.
So
that's
how
you
install
operators,
that's
how
you
do
dependency
resolution.
Should
your
operator,
for
instance,
require
other
operators,
and
it
also
sets
of
all
the
kubernetes
artifacts
that
are
required
to
run
an
operator
like
most
prominently,
its
own
custom
resources
of
emissions,
as
well
as
a
fair
portion
of
role
based
access
control
in
order
to
enable
the
operator
to
work
on
your
behalf.
C
C
The
nice
thing
about
the
SDK
is
that
it
gives
you
a
couple
of
shortcuts
right
so
primarily
to
generate
the
metadata
that
it's
required
to
have
the
operator
both
displayed
nicely
on
the
embedded
offer
dahab
and
over
adopted
io,
but
also
to
be
installed
with
producer
cleaver
OLM.
You
need
the
metadata
file,
which
we
call
cluster
service
version,
so
the
CSV
is
something
you
can
generate
directly
from
the
SDK.
C
Look
at
that
CD
is
an
example
and
see
there
is
always
a
package
GMO
a
couple
of
CDs
and
then
one
or
more
versions
of
the
cluster
service
version
metadata
file
and
this
file
you
basically
put
in
information
that
is
showcased
eventually
on
the
hub
when
you
click
on
such
a
detail,
pane
here
right.
So
every
operator
here
has
a
description
that
describes
the
features
it
has,
how
to
use
it
and
also
which
resources
this
operator
introduces.
C
In
your
cluster
alright,
so
the
idea
is
to
basically
provide
these
custom
resources
as
the
single
user
facing
interface
for
the
application
that
you
operate
and
managers
right.
So
as
a
developer,
I
don't
want
to
deal
with.
You
know
and
that's
the
cluster
that's
made
out
court
of
you
know.
Twelve
parts
like
twelve
PVCs
and
and
and
and
free
services
I
want
to
look
this
at
this
as
a
single
cluster
right
and
it's
exactly
what
the
usage
of
customer
resources
Commission's
here
provides.
C
So
on
over
adopted
I'll,
you
can
do
the
operate,
which
operators
emits
and
owns
which
customer
resource
definition,
and
you
can
also
see
by
example,
llamo
code.
How
you
would
use
that
on
the
cluster.
So
you
can
see
here
standing
of
an
sed
cluster
with
the
use
of
the
the
operator
is
almost
exactly
similar
as
standing
up
a
deployment
or
a
build
config
or
a
config
map
on
OpenShift
or
kubernetes
right.
C
So
it's
a
very
native
integration
into
the
communities,
look
and
feel
so
to
say,
and
here
operate
out,
that
I
always
show
you
how
to
do
this.
We
also
gives
you
some
data
about
the
operator
itself,
for
instance
who's,
maintaining
it
where
to
find
documentation,
source
code,
who
would
be
a
contact
if
you
have
suggestions
for
that,
and
we
also
allow
containers
and
publishers
of
operators
on
override
a
pareo
to
subsequently
update
the
version
of
the
opportunity
they
have
published
here.
In
order
to
have
people
always
get
the
newest
version.
5
the
fasiq.
C
Here,
it's
like
going
back
in
time
and
considered
an
old
or
for
the
version
and
see
that,
for
instance,
zero.
Six
one
didn't
have
the
LCD
backup
and
restore
functionality
in
there,
as
we
have
today.
A
another
important
thing
that
we
denote
here
is
the
capability
or
maturity
level
of
an
operator.
So
we've
introduced
this
notion
to
basically
convey
to
users
of
operators
what
the
operator
can
do
and
cover
in
terms
of
the
overall
lifespan
of
an
application
right.
C
If
you
click
here,
you
kind
of
get
an
overview
of
what
this
maturity
model
looks
like
and
you
can
see
ends
will
operator
span
the
entire
set
so
using
sophisticated
playbooks.
You
could
not
only
cover
the
basic
installation.
You
can
also
handle
orchestration
between
upgrades,
primarily
aimed
at
state
for
applications
to
extend
the
life
of
operations
like
backup,
restore
pain
over
feedback
and
use
components
from
the
operator
framework
that
operate
a
metering
to
generate
metrics
and
alerts
from
the
application
that
you're
offering
our
managers.
C
If
you
want
to
completely
make
the
application
available
to
as
a
managed
service
in
an
ultra
pilot
fashion,
as
we
call
it
here,
you
would
even
then
use
the
metrics
and
honor
together
from
the
application
to
react
dynamically
on
this,
for
instance,
to
do
auto
scaling
or
altar
tuning
or
recovery
from
abnormal
behavior
right.
So
this
is
the
operator
maturity
model,
and
we
use
this
to
continue
to
users
what
kind
of
abilities
they
can
expect
from
an
operator.
C
One
of
the
thing
that
we
are
able
to
do
because
we
basically
pass
all
the
C's
B's.
We
have
all
the
cluster
service
version,
metadata
files
that
we
have
the
community
repo
to
render
this
page
and
give
you
all
this
data.
We
can
actually
give
you
a
little
bit
of
a
shortcut
to
install
this
operator
directly
from
the
operator.
C
In
a
previous
section,
it
tells
you
to
deploy
the
offer
to
that
circuit
manager,
because
these
operators
are
packaged
in
the
faster
service
version
format
and
are
essentially
deployed
and
updated
the
same
way
as
in
an
open
shift
in
order
to
get
started
with
all
I'm
in
a
in
a
test.
Setting
I
would
just
copy
and
paste
this
command
run
it,
and
this
would
instantiate
our
all
the
resources
that
are
needed
and
all
them
and
then,
in
order
to
install
your
offering
itself,
you
run
this
command.
C
So
behind
this
end
point
here,
we
basically
generate
all
the
artifacts
that
are
necessary
to
get
all
and
to
install
that
all
further
for
you,
depending
on
how
the
offer
is
written,
you
will
get
different
behavior
here.
Some
operators,
like
HD,
are
written
in
a
way
that
they
expect
to
watch
a
certain
namespace
for
its
custom
resource
definitions.
So
let's
say
you
deploy
Etsy
in
the
same
space
that
we
create
for
you
here.
C
When
you
are
you
see
I
command,
you,
you
would
get
the
operator
instantiated
in
that
namespace
and
once
you
start
creating
custom
resource
of
custom
resources
that
this
offering
that
watches
for,
like
HDD
cluster
or
as
a
backup,
the
operator
would
start
to
react
on
this.
There
are
also
operators
that
can
do
this
on
a
cluster
wide
fashion,
so
they
can
basically
be
installed
in
the
namespace
that
you
don't,
as
usual,
normally
have
access
to.
C
So
this
would
be
something
that
an
admin
does,
but
still
since
the
operator
watches
for
its
custom
resources
in
your
airspace
as
well,
you
can
still
use
it
right
depending
on
whether
or
not
the
operator
can
do.
This
can
be
installed
cluster
wild
or
can
only
be
installed
in
the
South
namespace.
You
would
see
operators
that
basically
give
you
a
different
name
space
here.
So
I
may
just
take
an
example.
C
B
Great
Thank
You
Daniel
for
that
overview.
This
is
for
me
one
of
the
most
exciting
parts
of
this
whole
thing
is
it's
very
easy,
as
we've
seen
using
ansible,
to
make
an
operator
to
begin
with
and
and
give
your
application,
this
kubernetes
native
presence
and
then
get
access
to
this
whole
ecosystem.
Now
this
whole
set
of
tooling
for
managing
what
operators
are
are
in
your
cluster
and
then
being
able
to
interact
with
those
operators.
So,
let's
wrap
things
up
here,
got
a
we've
got
a
couple
more
exciting
things
to
show.
B
We
have
this
idea
of
finalized
errs
that
we
support
kubernetes
finalizar
czar,
a
way
that
you
can
run
some
code
before
an
object
gets
deleted.
The
ants
popper
absolutely
has
great
support
for
that
and
will
enable
you
to
run
your
own
ansible
code
before
your
resource
gets
deleted
in
case
you
need
to
do
some
kind
of
custom,
cleanup
things
or
perhaps
interact
with
off
cluster
resources,
which
is
another
thing.
Ansel's
graded,
interacting
with
before
your
resource
gets
deleted.
B
Upgrade
upgrades
are
pretty
straightforward
to
manage
in
ansible.
Ansible
is
a
very
powerful
tool.
What
I
really
want
to
highlight
here
and
and
I'll
I'll,
just
preface
this
with
I'm
doing
some
hand
waving
here.
Those
of
you
who
know
ansible
know
that
this
version
expression
here
is
gonna,
certainly
be
more
complicated
than
than
what
I've
actually
written
here,
but
that
this
is
the
effect
you
can
and
ansible
create.
B
These
blocks
run
them
in
certain
conditions
when
in
expression,
matches
and
evaluates
the
truth,
so
you
can
say
when
the
current
version
is
less
than
something
do
some
stuff
that'll
get
you
to
that
version,
and
then
back
up
and
restore
is
another
thing
that
we
can
do.
There's
an
example
that
you
can
see
in
github.
B
B
Just
just
though
there
the
bottom
left
here
building
on
operators
on
open
shift,
you
can
click
into
there
pick
an
exercise,
there's
an
answerable,
related
ones,
there's
go
ones,
and
it
will
give
you
your
own
openshift
environment,
a
real
running,
openshift
environment
that
you
can
interact
with,
and
it
will
guide
you
through
some
exercises
to
make
an
operator
yourself,
there's
one
that
will
introduce
you
to
just
working
with
the
k8s
ansible
module,
for
example,
there's
really
good
stuff.
There
definitely
check
it
out
totally
free
and
a
very
nice
learning
tool.
B
D
Right,
thank
you.
So
much
Michael
we're
very
excited
about
the
awfulest
framework.
I
actually
remember
when
I
first
heard
about
it,
we
was
from
you
michael
half
a
year
ago
in
Raleigh
North
Carolina,
as
we
were
walking
to
dinner
after
my
ansible
training.
So
I
really
excited
about
how
how
much
has
grown
since
then
and
what
we
were
doing
with
it,
and
also
how
well
as
the
board
position
to
be
part
of
this
creation
process,
making
it
so
to
create
operators
dispensable.
D
So,
for
example,
through
there
you
can
have
some
references
on
other
operators
that
have
been
created
as
you
build
your
own.
You
can
have
that
as
a
reference.
So
besides
the
online
learning
tool
that
Michael
just
mentioned
learned,
OpenShift,
comm
I'm,
also
working
with
Diane,
Daniel
and
Michael
to
bring
this
type
of
talk
or
even
workshop
format
to
ansible
meetups.
So
if
there's
something
you're
interested
in,
please
contact
me,
I
actually
I
need
to
add
my
contact
information
to
the
slides,
so
I
think
HIC,
probably
Michael,
be
doing
that
after
other.
D
D
A
B
A
B
Is
Carol
Carol's
named
her
or
email
address,
and
thank
you
so
much
for
all
that
support,
quick
to
things
tomorrow
at
scale
in
Pasadena,
California,
we'll
be
doing
some
operator
training
tomorrow
afternoon.
So
myself
and
one
other
personal
Matt
Dorn
will
be
doing
that.
There
will
also
be
some
other
operator.
Experts
present
at
the
conference,
I'll
be
at
the
Red.
Hat
booth
a
whole
bunch.
B
So
if
you're
in
the
area
highly
highly
recommend
this
event
in
general
plus
on
great
great
chance
to
continue
the
operator
discussion
and
then
immediately
following
that
on
Monday,
we
have
a
no
bunch
of
Commons
gathering
in
Santa
Clara.
That
Diane
mentioned
the
beginning
of
the
call
there's
a
link
here
for
how
you
can
find
out
about
that
the
details
and
how
to
join
us
for
that,
and
we
will
be
at
that
event
as
well
doing
some
operator
training.
In
addition
to
the
other
usual
events.
A
All
right,
thank
you,
Michael
for
on
great
a
great
talk
and
thanks
Daniel
for
jumping
in
and
Carol
as
well,
and
this
from
from
ice
perspective,
I'm
waiting
and
patiently
to
hear
about
people's
operators
that
they're
building
with
from
ansible
as
a
basis.
So
if
you
have
them,
if
you
can
let
Carol
or
myself
know
or
reach
out
to
Michael
whomever
and
just
let
us
know
so,
we
can
get
you
on
the
google
group.
A
If
you
have
any
questions
as
a
google
group
for
the
operator
framework,
and
there
is
in
kubernetes
plan,
there's
a
kubernetes
operator
black
channel
as
well,
so
we'll
post
this
video
and
the
next
day
or
so,
along
with
a
whole
list
of
resources
and
down.
It
is
the
end
of
the
hour.
There
are
a
few
questions
that
have
been
answered
in
the
chat.
I
will
try
and
endeavor
to
get
those
in
a
sort
of
FAQ
section
in
the
blog
post
and
cleaned
up
a
little
bit,
but
I
think
on.