Show HN: Package Operator – Kubernetes application packaging and management
package-operator.runHey HN :)
I just saw the post about Glasskube - an open source package manager for kubernetes [1] and would like to throw package-operator in the ring for y'all to look at and get some feedback on it.
Disclaimer up front: I'm an engineer working on package-operator as part of my SRE work in Red Hat's service delivery org. Opinions are my own, though. :)
Package-Operator is a multi component ecosystem to tackle the package management story for kubernetes in a slighly novel- (and not so novel- when compared with OLM [2]) way:
- `package-operator-manager` is an actual operator running inside your kube-like cluster to control the rollouts and status reporting of your packages
- `kubectl package` is a kubectl cli-extension that helps you build package images and validate beforehands.
- packages are built into and distributed as very small regular OCI images, which let's you re-use the container registry you probably already use as part of your delivery pipeline.
If you're into kube: the really interesting part of package-operator is the way it handles packages within the kubernetes api:
1. Packages get extracted and the containing manifest templates get rendered into an `ObjectDeployment` (or a `ClusterObjectDeployment` if you're installing a cluster wide / non-namespaced `ClusterPackage`)
2. The `ObjectDeployment` in turn creates and manages an immutable `ObjectSet`.
3. The ObjectSet is ordered into reconciliation phases, which can be guarded by probes on status condition or field of objects, to serve as stopgaps before the next phase begins.
4. The ObjectSet uses this phased approach to create and manage the objects contained within the `Package` and also uses specified probes to report the workload status.
5. Status reporting bubbles back up to the `Package` object as you'd expect.
6. When rolling out an updated image by changing `.spec.image` on the parent `Package`, new objects get rendered and the `ObjectDeployment` gets updated.
7. The `ObjectDeployment` then creates a new `ObjectSet` and uses the phased approach again to roll forward from the old to the new `ObjectSet` (similar to how `Deployments` use `ReplicaSets` to manage `Pods`).
We took a lot of inspiration from `Deployments`/`ReplicaSets` for this project. There's still a lot of documentation missing, but if you're interested in playing around, there's a couple of example manifests in the folder `config` [3] in the main repo of PKO [4].
You don't need `Package` images and objects at all and you can directly write `ObjectDeployment` objects as well. Look into `config/examples/nginx` [5] to find some playground inspiration.
As of today, we're successfully using package-operator to deploy and operate managed workloads on top of managed OpenShift. :)
Here's a one-liner to install the latest version package-operator: `kubectl create -f https://github.com/package-operator/package-operator/release...`
[1] https://news.ycombinator.com/item?id=40789862
[2] https://olm.operatorframework.io/
[3] https://github.com/package-operator/package-operator/tree/df...
[4] https://github.com/package-operator/package-operator
[5] https://github.com/package-operator/package-operator/tree/df...
Edit: slightly fixed formatting (or made it worse?).