SOAR technologies strive to automate some of the repetitive human effort required to maintain a strong security posture. Here's how SOAR tools fit into an enterprise security strategy.
How to explain Kubernetes Operators in plain English
What are Kubernetes Operators, and why are they so valuable to organizations working with containers? Here’s a primer for IT leaders – and anyone needing to demystify the concept
2. Operators systematize human knowledge as code
If you had to sum up Kubernetes in a word, the best choice might not be “orchestration” but “automation.” That’s really what it’s all about: Kubernetes enables the automation of the infrastructure (and corresponding operational burden of managing that infrastructure) necessary for running containerized applications – a must when running these apps at scale in production environments.
Essentially, automation in an IT context means translating human knowledge and effort – often painful effort – into software.
“Kubernetes Operators take all of that knowledge about an application’s lifecycle that a DevOps team practices manually, and systematize it so that everything that can be automated is handled elegantly by Kubernetes, and what human interactions remain can be done via standard Kubernetes tooling,” says Thompson from Solodev. “The promise of Kubernetes is automation. Operators are a giant stride toward its full realization.”
[ What is a Kubernetes Secret and how does it boost security? Read also: How to explain Kubernetes Secrets in plain English. ]
3. Operators do this in a scalable, repeatable, standardized fashion
The value of automation is inextricably linked to its scalability and repeatability – if you need to “re-automate” a process every time it’s needed elsewhere, that’s not going to cut it.
Katz from Crunchy Data illustrates this idea within the context of a database: “Data that is written to a database needs to exist well after a pod is terminated. Additionally, in a database like PostgreSQL that supports multi-version concurrency control, there are a variety of snapshots of the data that are available to a user based upon the current state of the data,” Katz says. “Operations such as creating backups or standbys of the data require a little bit of extra knowledge of how the system works, and this is where an Operator can help.”
The value begins cascading when you put this into a production context.
“The Operator really showcases its power when applying these commands en masse. For instance, with PostgreSQL, there are a variety of steps you need to take in order to provision a replica copy of a database. Imagine you have to do this hundreds, if not thousands, of times,” Katz says. “An Operator allows you to perform these complex administrative tasks easily and in a standardized way.”
This is a key benefit: Operators are akin to reusable templates for various tasks in an application’s lifecycle.
“Operators can simplify how you run Kubernetes applications, removing the complexity of managing the nuts and bolts of Kubernetes, and allowing you to do so in a repeatable manner,” says Amir Jerbi, CTO at Aqua Security. “They’re like templates that can be reused and adapted to automate application management, with no need to reinvent the wheel every time.”
[ Related read: What is an Ansible Operator? ]
4. Operators ultimately improve resiliency while reducing the burden on IT teams
Operators ultimately help pay off on the promise of containers (and container orchestration) without running your teams into the ground. Simply put, they reduce complexity.
“Operators are simplifying the process highly complex distributed database management by defining the installation, scale, updates, and management lifecycle of a stateful clustered application,” says Yossi Jana, DevOps team leader at AllCloud.
From another vantage point, consider life without Operators.
“Without Operators, many applications need intervention to deploy, scale, reconfigure, upgrade, or recover from faults,” Thompson says. “If your app – or apps that you depend on, such as your database management system – [requires] DevOps engineers hovering over a keyboard in these critical moments, hoping they get the steps correctly, you’re almost certain to have greater downtime and more stress in your team.”
5. Operators prove particularly useful in multi-cloud and hybrid cloud environments
The importance of Operators is underlined by the increasingly distributed nature of multi-cloud and hybrid cloud environments. Operators allow, for example, a developer to do what she does best without necessarily needing domain expertise in a particular infrastructure environment.
“Operators allow developers to create some immensely powerful tools that can be used on any infrastructure where Kubernetes is installed,” says Leo Shemesh, CTO at Jackpocket. "As opposed to using one-off installations on a specific application, an Operator can be used to provision multiple applications in a consistent manner while adhering to best practices for that particular installation.
Once an Operator is installed, Shemesh notes, devs and others can utilize kubectl and other Kubernetes-native tools to manage the Operator’s applications.
“Creating a new application can be as easy as using kubectl to create an instance of the custom resource definition defined by the Operator,” Shemesh says. “In the past, humans had to have multiple-domain knowledge to manage an infrastructure. With Operators in play, they can focus on the Kubernetes side and let the Operator handle the intricacies of managing the other domains.”
[ Want to learn more about building and deploying Operators? Get the free eBook: O'Reilly: Kubernetes Operators: Automating the Container Orchestration Platform. ]