Ansible no.4: Operator SDK


The recent meetup held at MSD on Monday 2019/04/15 brought elementary insight into the ansible as an operator and in particular ansible K8s module.

The story has begun with reference requirement to deploy NextCloud which is a rebirth of NAS software for Linux.

The first step was apply Ansible role nextcloud to an existing server. The server could be acquired in the cloud at AWS, DigitalOcean or at own premises via virsh, Vagrant/virsh, MaaS, Openstack whichever applies to your setup.

Big Fat Warning: Software downloaded from internet might contain bugs, features, malware, ransomware and other goodies of today. Do not trust anything you download without own check, scans or review. Please take care of your safety and security!

And as we are K-native aka geeks willing to take any cloud as long as it is based on Kubernetes then the straight next step was let us do it via operator and on K8s.

The original option has quite a few potential flaws like:

  • no backup
  • no scaling
  • no upgrade path
  • no rollback
  • no layers

Those concerns should be pretty much handled by any orchestration, automation and monitoring. So we are container-minded thus we follow that path.

For all necessary steps please have look at README in the meetup folder.

The principle is pretty simple. We use CRDs to extend the K8s which in turn gets processed (consumed) by the ansible operator. This operator takes the CRD yaml and makes an ansible value tree out of it. These values are passed into the ansible playbook. The playbook utilizes ansible templates to make K8s definitions of required resources (deployment, service and ingress). These resources are fed back to the K8s to setup and run necessary containers and respective routing.

That is in short all the magic. During the session the original and simple NextCloud was scalled little bit up by adding MySQL option instead of SQLite.

Note: for the simplicity the Persistent Volume Claims and Persistent Volumes for the actual NextCloud storage were completely omitted.

Jakub has also mentioned that he was thinking of intermediate step which should have done the start of bare OS container and installing NextCloud using the original ansible role. Unfortunately the use of ssh into k8s was not viable.

Could it be even done, could other mean of attaching to container used like exec?

And the last thing to mention during the workshop also topic of re-using the existing playbooks surfaced (which Jakub has tried to unsuccessfully exploit).

There was also a short note on immutable infrastructure vs. flexible deployments. The issue of immutable infrastructure is that every change requires new snapshot of the installed software and there is a little room for modifications and/or debugging. While flexible deployment taken to the extreme means that you start with bare OS image and configure and setup everything upon every start of the container. The second approach sounds like VMish way and also could remarkably slowdown the bootstrap of running app (time to use/login). Therefore each and everybody be warned, there is no Holly Grail and as many consultants say It depends (before issuing invoice for consulting services).

Some past K8s operator related talks or workshops: