Altinity ClickHouse Operator at Red Hat’s OperatorHub.io
Oct 18, 2019
CoreOS introduced operators for Kubernetes in 2016. A Kubernetes Operator is an application that integrates into Kuberentes and manages other applications. It significantly simplifies deployment and management of cloud native apps by leveraging application specific operational knowledge. Since then operators have been developed for many applications in Kubernetes, including some databases. As a result, operators became a successful pattern for managing cloud native applications.
This success led to a problem. If you need to run a particular Kubernetes application, how do you find and load the appropriate operator?
In 2018 Red Hat acquired CoreOS and shortly after OperatorHub.io was launched. OperatorHub.io is a ‘marketplace’ for operators: a standardized way to build, discover and install operators. The concept looks promising, and we submitted the Altinity ClickHouse operator to OperatorHub.io. In this article, we will review what it means and how users can benefit from the operator registry.
OperatorHub.io overview
Red Hat uses OperatorHub.io as part of the OpenShift 4.x platform, which is based on Kubernetes (https://www.openshift.com). OperatorHub.io is not just a simple catalog. It requires and enforces operators to implement the Operator Lifecycle Manager API (OLM, see https://github.com/operator-framework/operator-lifecycle-manager).
OLM extends Kubernetes to enable management of operators in a declarative way. It is operator of operators. Under OLM, each operator becomes a managed resource. Operators can be added to the catalog for particular Kubernetes cluster, and become available for users to install easily by name using standardised resource definitions and kubectl utility.
Here is a diagram showing relevant components.
OLM imposes some important requirements on the operators it manages:
-
An operator and the resources it operates must be restricted to one namespace due to difficulties to enforce RBAC in multi-tenant environments.
-
Operator configuration should be represented as Kubernetes as CRD (Custom Resource Definition)
-
The operator needs to clearly specify its dependencies for resolution.
There are some other requirements and considerations. You can read the details about the OLM philosophy in this article: https://github.com/operator-framework/operator-lifecycle-manager/blob/master/Documentation/design/philosophy.md
Important note: There is an Operator SDK providing a standardised toolset for operator developers that is somewhat limited. Fortunately OLM does not require you to use it.
Installing Operator Lifecycle Manager (OLM)
Let’s take a look on how Altinity clickhouse-operator can be installed from OperatorHub.io. The OLM model implies that administrators are responsible for making operators to be available for end users. So we have to install OLM and add the ClickHouse operator to the OLM catalog. OperatorHub.io provides good instructions on how to do so. Just navigate to https://operatorhub.io/operator/clickhouse and click “Install”.
You will see step-by-step installation instructions. Let’s look at and discuss them in more detail. We assume that the Kubernetes cluster is available, and kubectl is already properly configured for access.
The first step is to run an install script to deploy OLM.
pre, code {
font-family: monospace, monospace;
font-size: 75%;
margin-left: 30px;
word-break: normal;
word-spacing: normal;
line-height: 1.5;
}
$ curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.12.0/install.sh | bash -s 0.12.0
This takes a while and installs all necessary resources into two namespaces: olm and operators. Let’s see if there is anything interesting inside. In particular, we can find that there is a catalog of community operators:
# kubectl get catsrc --all-namespaces NAMESPACE NAME DISPLAY TYPE PUBLISHER AGE olm operatorhubio-catalog Community Operators grpc OperatorHub.io 7m5s</pre
Another interesting resource is packagemanifest. It can be used in order to find the name of appropriate operators:
# kubectl get packagemanifests -n olm NAMESPACE NAME CATALOG AGE olm akka-cluster-operator Community Operators 14m olm appsody-operator Community Operators 14m olm aqua Community Operators 14m olm atlasmap-operator Community Operators 14m olm aws-service Community Operators 14m olm awss3-operator-registry Community Operators 14m olm banzaicloud-kafka-operator Community Operators 14m olm camel-k Community Operators 14m olm cassandra-operator Community Operators 14m olm clickhouse Community Operators 14m olm cockroachdb Community Operators 14m olm cos-bucket-operator Community Operators 14m olm couchdb-operator Community Operators 14m
‘kubectl describe packagemanifest clickhouse -n olm’ shows additional info that matches information on OperatorHub.io itself.
Installing clickhouse-operator using OLM
Now let’s Install clickhouse-operator from operatorhub.io with the help of OLM.
OperatorHub.io provides a ready-to-use manifest that does all the necessary preparation.
# kubectl create -f https://operatorhub.io/install/clickhouse.yaml
Once this manifest is applied clickhouse-operator will be installed in the “my-clickhouse” namespace and will be usable from this namespace only. OLM will make sure that clickhouse-operator has the latest version using Subscription resource mechanism. Namespace and subscription settings can be obviously changed, and we can look inside clickhouse.yaml to see how we can do it:
apiVersion: v1 kind: Namespace metadata: name: my-clickhouse --- apiVersion: operators.coreos.com/v1alpha2 kind: OperatorGroup metadata: name: operatorgroup namespace: my-clickhouse spec: targetNamespaces: - my-clickhouse --- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: my-clickhouse namespace: my-clickhouse spec: channel: latest name: clickhouse source: operatorhubio-catalog sourceNamespace: olm
So, if clickhouse-operator needs to be installed in another namespace, it can be done with a new Subscription resource. Note also the subscription channel source — it is the same community catalog that we observed above. In general, installing an operator looks very simple with OLM. The manifest is much simpler than the one without OLM. (See https://github.com/Altinity/clickhouse-operator/blob/master/docs/quick_start.md or https://raw.githubusercontent.com/Altinity/clickhouse-operator/master/manifests/operator/clickhouse-operator-install.yaml for examples.)
After applying the above manifest, we can check that the operator is available by examining yet another OLM custom resource ClusterServiceVersion:
# kubectl get csv -n my-clickhouse
We should see something like the following:
NAME DISPLAY VERSION REPLACES PHASE clickhouse-operator.v0.6.0 Altinity ClickHouse Operator 0.6.0 clickhouse-operator.v0.5.0 Succeeded
Now we have clickhouse-operator up and running in the “my-clickhouse” namespace. ClickHouse clusters must be created within the same namespace. If one wants to have ClickHouse in a different namespace, another operator needs to be installed there as described above.
With clickhouse-operator up and running, we can now proceed to install ClickHouse clusters. There are many examples available at the clickhouse-operator github.com page (link to https://github.com/Altinity/clickhouse-operator/tree/master/docs/examples). But we can craft a special one for OLM installations. olm-ch-cluster.yaml 3 shard cluster with persistent storage:
apiVersion: "clickhouse.altinity.com/v1" kind: "ClickHouseInstallation" metadata: name: olm-ch-cluster spec: defaults: templates: volumeClaimTemplate: default configuration: clusters: - name: default layout: shardsCount: 3 templates: volumeClaimTemplates: - name: default spec: accessModes: - ReadWriteOnce resources: requests: storage: 500Mi
Let’s apply this manifest and check ClickHouseInstallation is up and running:
# kubectl apply -f olm-ch-cluster.yaml -n my-clickhouse clickhouseinstallation.clickhouse.altinity.com/olm-ch-cluster created # kubectl get chi -o wide -n my-clickhouse NAME VERSION CLUSTERS SHARDS HOSTS STATUS UPDATED ADDED DELETED DELETE ENDPOINT olm-ch-cluster 0.6.0 1 3 3 Ready 0 0 0 0 clickhouse-olm-ch-cluster.clickhouse.svc.cluster.local
Conclusion
OperatorHub.io provides a transparent way to manage different operators using OLM and make them accessible to kubernetes cluster users. It requires you to learn some new custom resources but is not very complicated. We have only recently begun to use it and anticipate there may be pitfalls, but the approach looks promising. Having clickhouse-operator at OperatarHub.io makes it easy to find and download by ClickHouse users.
Note, however, that clickhouse-operator has a lot of configuration capabilities that allow you to customize its behavior and simplify clickhouse deployment. Those are not used when operator is installed via OLM due to OLM limitations. For advanced configuration capabilities clickhouse-operator needs to be installed from Altinity github. See the Quick Start Guide and the Operator Configuration Guide for more details.
The ClickHouse operator is an important step for ClickHouse. Kubernetes popularity is increasing rapidly and managing databases in Kubernetes is transitioning from a challenging exercise to a mainstream practice. Several companies are already using ClickHouse operator in test and production environments. They are providing valuable feedback and helping us to improve the operator. Please join! ClickHouse is fun, and ClickHouse in Kubernetes is fun^2!