Skip to main content

Kubernetes

Kubernetes

Cloud-native infrastructure and extension patterns

The Control Plane extensively uses Kubernetes and the Operator pattern to manage resources and implement business logic.

Kubernetes at the core

Kubernetes serves as the foundation for the Control Plane, providing a robust platform for deploying, scaling, and managing containerized services. The Control Plane extends Kubernetes with custom resources and operators to implement domain-specific functionality.

Overview

Kubernetes is an open-source container orchestration system for automating deployment, scaling, and management of containerized applications. The Control Plane uses Kubernetes as its foundation and extends it with custom resources and controllers to implement domain-specific functionality.

Kubernetes Logo

Why Kubernetes?

🚀 Container Orchestration

Automated deployment, scaling, and management of containerized applications.

⚖️ Workload Distribution

Efficient distribution of application instances across infrastructure.

🔄 Self-healing

Automatic recovery from failures with restart, replacement, and rescheduling capabilities.

📈 Horizontal Scaling

Automatic scaling based on resource usage and custom metrics.

🔌 Service Discovery

Built-in DNS for service-to-service communication.

🔧 Extensibility

Custom Resource Definitions (CRDs) and API extensions.

Kubernetes Operators

Control Plane Operators

The Control Plane implements the Kubernetes Operator pattern to extend the platform with domain-specific functionality. For comprehensive information about our operators, including architecture, custom resources, and examples, please refer to the dedicated Operators documentation.

Controller Runtime

Core library

The controller-runtime library provides the foundation for building Kubernetes operators in the Control Plane, offering high-level abstractions for interacting with the Kubernetes API.

The Control Plane uses the controller-runtime library (v0.21.0) to build Kubernetes operators. This library provides high-level APIs for:

🎮 Controllers

Creating and managing controllers that reconcile resources.

📋 Custom Resources

Working with custom resource definitions and instances.

🔄 Reconciliation

Implementing reconciliation loops for maintaining desired state.

📣 Events

Managing events, predicates, and webhooks for resource notifications.

🔌 Client-Go Integration

Seamless integration with Kubernetes client-go library.

📊 Metrics

Built-in metrics for monitoring controller performance.

Custom Resource Validation

Schema validation

The Control Plane uses OpenAPI v3 schemas to validate custom resources, ensuring that only valid configurations are accepted.

Schema-based Validation

CRDs include comprehensive schemas for:

  • Type validation (string, number, boolean, etc.)
  • Pattern matching with regular expressions
  • Enumeration of allowed values
  • Required fields and defaults
  • Maximum and minimum constraints

Admission Webhooks

For advanced validation beyond schemas:

  • Cross-field validation logic
  • Existence checks against other resources
  • Custom business rule enforcement
  • Defaulting of complex fields
  • Status calculation and updates

Deployment Model

Kubernetes-native deployment

The Control Plane components are deployed as standard Kubernetes resources, leveraging the platform's built-in capabilities for high availability and scaling.

The Control Plane components are deployed as standard Kubernetes resources:

Deployments

Used for controller managers and API servers with:

  • Multiple replicas for high availability
  • Rolling update strategy for zero downtime
  • Resource limits and requests
  • Health probes for reliability

Services

Expose APIs with:

  • ClusterIP for internal communication
  • LoadBalancer for external access
  • Named ports for clarity
  • Session affinity when needed

ConfigMaps

Store configuration data:

  • Controller settings
  • Feature flags
  • Environment-specific values
  • Template files

Secrets

Store sensitive data:

  • API keys
  • Credentials
  • TLS certificates
  • Encryption keys

NetworkPolicies

Secure network traffic with:

  • Pod-to-pod communication rules
  • Namespace isolation
  • Ingress/egress controls
  • Protocol and port restrictions

PodDisruptionBudgets

Ensure availability during disruptions:

  • Minimum available replicas
  • Maximum unavailable replicas
  • Protection during node maintenance
  • Controlled rollouts

High Availability Configuration

Resilience

Control Plane components are designed for high availability with multiple replicas, anti-affinity rules, and careful resource management.

Go Language

Learn about the programming language used to build the Control Plane operators.

Kubebuilder

Learn about the framework used to build Kubernetes operators and custom resources.

Infrastructure

Explore the infrastructure components of the Control Plane.