Skip to content

K8S Operators

← Back to all decks

16 cards — 🟢 3 easy | 🟡 4 medium | 🔴 3 hard

🟢 Easy (3)

1. What does a CRD (Custom Resource Definition) do in Kubernetes?

Show answer A CRD extends the Kubernetes API with your own resource types. After creating a CRD, you can use kubectl to get, describe, and manage your custom resources just like built-in resources such as pods or services.

Remember: CRD extends the K8s API. After registering: `kubectl get myresource` works.

2. What is the reconciliation loop in a Kubernetes operator?

Show answer A control loop where the controller: 1) watches for changes to custom resources, 2) compares desired state (CR spec) with actual state (cluster), 3) creates/updates/deletes resources to match desired state, 4) updates CR status, and 5) repeats.

Remember: Operator = custom controller + CRD. Encodes ops knowledge as code. "Robot SRE."

Example: PostgreSQL Operator handles failover, backups, scaling — automating DBA tasks.

3. What is a Kubernetes operator and what problem does it solve?

Show answer An operator is a controller that watches custom resources and reconciles actual state to desired state. It encodes operational knowledge (scaling, backup, failover) into software, replacing manual runbooks with automated lifecycle management.

Remember: Operator = custom controller + CRD. Encodes ops knowledge as code. "Robot SRE."

Example: PostgreSQL Operator handles failover, backups, scaling — automating DBA tasks.

🟡 Medium (4)

1. Name three operator-building frameworks and when you would choose each.

Show answer Kubebuilder (Go, production operators), Operator SDK (Go/Ansible/Helm, Red Hat ecosystem), and Kopf (Python, quick prototypes or Python shops). Kubebuilder and Operator SDK are for production use; Kopf is for lower complexity and faster development.

Remember: Operator SDK: Helm (easy), Ansible (medium), Go (powerful). Choose by complexity.

2. What are the five levels of the operator maturity model?

Show answer Level 1: Basic install (Helm wrapper). Level 2: Seamless upgrades (rolling updates, version migration). Level 3: Full lifecycle (backup, restore, scaling). Level 4: Deep insights (metrics, alerts, log analysis). Level 5: Auto-pilot (auto-scaling, auto-tuning, self-healing).

Remember: Operator = custom controller + CRD. Encodes ops knowledge as code. "Robot SRE."

Example: PostgreSQL Operator handles failover, backups, scaling — automating DBA tasks.

3. Why should an operator set owner references on child resources it creates?

Show answer Owner references enable Kubernetes garbage collection. When the parent custom resource is deleted, Kubernetes automatically deletes all child resources that have owner references pointing to it. Without owner references, child resources become orphaned.

Remember: Operators follow watch→diff→act. Reconcile custom resources like built-in controllers.

4. What are finalizers in the context of Kubernetes operators, and why are they needed?

Show answer Finalizers let an operator run cleanup logic before a CR is deleted. When deletion is requested, the operator detects the deletion timestamp, runs cleanup (e.g., take a final backup), removes the finalizer, and then Kubernetes completes the deletion. Without finalizers, external resources may be left behind.

Remember: Operator = custom controller + CRD. Encodes ops knowledge as code. "Robot SRE."

Example: PostgreSQL Operator handles failover, backups, scaling — automating DBA tasks.

🔴 Hard (3)

1. In a Go-based operator using Kubebuilder, what does returning ctrl.Result{RequeueAfter: 30 * time.Second} from the Reconcile function do?

Show answer It tells the controller to re-run reconciliation for this resource after 30 seconds, even if no changes are detected. This is useful for polling external state or ensuring periodic consistency checks. Without a bounded requeue, the operator only reconciles on watch events.

Remember: Operator = custom controller + CRD. Encodes ops knowledge as code. "Robot SRE."

Example: PostgreSQL Operator handles failover, backups, scaling — automating DBA tasks.

2. Why should operators use the status subresource for status updates instead of updating the entire CR?

Show answer The status subresource allows updating status independently from spec, preventing conflicts where a status update could overwrite spec changes made by users. It also enables RBAC separation so controllers can update status without permission to modify spec.

Remember: Operators follow watch→diff→act. Reconcile custom resources like built-in controllers.

3. Why must the Reconcile function in a Kubernetes operator be idempotent?

Show answer The reconciliation loop may be called multiple times for the same state due to watch events, requeues, or controller restarts. If Reconcile is not idempotent, it may create duplicate resources, send duplicate notifications, or produce inconsistent state. Every reconciliation must produce the same result regardless of how many times it runs.

Remember: Operators follow watch→diff→act. Reconcile custom resources like built-in controllers.