Skip to main content

SKE Operator

The SKE Operator provides full lifecycle support for Syntasso Kratix Enterprise (SKE) and is the recommended approach for installing and managing your SKE installation.

The operator has its own releases and it manages instances of SKE as defined by a Kratix Custom Resource.

info

While SKE is can be installed directly via the released SKE distribution manifests, we highly recommend that you use the SKE Operator.

Using the Operator will reduce the workload of maintaining SKE, and all future operational features will only be available via the Operator.

Features

The SKE Operator will:

  • Install a Kratix instance into your cluster, including dependencies
  • Prevent drift of Kratix resources by continuously reconciling them against the declared SKE distribution
  • Validate SKE is in a healthy state before upgrading with pre-upgrade checks
  • Roll out an upgrade to the next minor version at the latest patch
  • Validate an upgrade works with post-upgrade checks
  • Provide information about the status of the upgrade

The Kratix Custom Resource Definition (CRD)

The Kratix CRD is the resource definition corresponding to a Kratix installation. This resource is managed by the SKE Operator.

apiVersion: platform.syntasso.io/v1alpha1
kind: Kratix
metadata:
  name: my-kratix
spec:
  version: vX.Y.Z # The desired version of SKE, can be set to latest

The Kratix resource is the owner of all resources installed as part of the SKE distribution, and ensures that their state always matches the definition in the distribution manifest.

Managing Kratix via the SKE Operator

Install

Syntasso Kratix Enterprise supports many ways of installing a Kratix instance. See Configuring SKE for details.

Upgrade

To upgrade the SKE instance, you can apply a new version to the Kratix CRD:

apiVersion: platform.syntasso.io/v1alpha1
kind: Kratix
metadata:
  name: my-kratix
spec:
  version: v0.100.0 # New desired version

By default, the SKE Operator will perform the following steps:

  1. Run the pre-upgrade checks to check that Kratix is safe to upgrade in its current state.
  2. Upgrade your Kratix Deployment to the new version.
  3. Wait for the Kratix Deployment to become healthy (ready and available).
  4. Trigger post-upgrade-checks and wait for them to complete.

Pre-upgrade checks

The following pre-upgrade checks will run by default:

  1. Check that the current Kratix installation is in Ready state.
  2. Check that there are no Kratix workflows in progress.
  3. Check that all Promises are in an Available state.
info

An additional check that the desired version is an allowed upgrade path is always performed.

This check passes when the new version is:

  • On the same major version as the current version
  • At most 1 minor version ahead of the current version

Patch versions on the same minor can be upgraded without restrictions.

Post-upgrade checks

The following post-upgrade checks will run by default:

  1. Retrigger Promise Configure workflows and check they run successfully.
  2. Retrigger Resource Configure workflows and check they run successfully.
info

All Promises and Resources which are installed at the time the upgrade starts will have their Configure workflows retriggered during the post-upgrade checks.

The status of the post-upgrade checks can be monitored via the Kratix status, under the .status.postUpgradeStatus key:

apiVersion: platform.syntasso.io/v1alpha1
kind: Kratix
metadata:
  name: my-kratix
  ...
spec:
  version: v0.10.0
status:
  conditions:
  - lastTransitionTime: "2024-12-04T23:00:22Z"
    message: ""
    reason: AllReplicasAvailable
    status: "True"
    type: KratixDeploymentReady
  lastAppliedVersion: v0.10.0
  postUpgradeStatus:
    lastTransitionTime: "2024-12-04T23:00:53Z"
    promiseConfigureWorkflowsCheck:
      status: Succeeded
    resourceConfigureWorkflowsCheck:
      resourceConfigureWorkflows:
      - promiseName: cicd
        resourceGVK: marketplace.kratix.io/v1alpha1, Kind=Jenkins
        resourceName: first-jenkins
        resourceNamespace: default
        status: Succeeded
      - promiseName: cicd
        resourceGVK: marketplace.kratix.io/v1alpha1, Kind=Jenkins
        resourceName: second-jenkins
        resourceNamespace: default
        status: InProgress
      status: InProgress
    status: InProgress
  ready: false
  upgradedDeploymentReadyAt: "2024-12-04T23:00:22Z"

The post-upgrade status will be continually updated as the post-upgrade checks progress.

Handling failures

If any upgrade step fails, the SKE Operator will continue looping its reconciliation of the Kratix resource awaiting manual intervention.

Once the failure is fixed, the upgrade will proceed to the next step.

An example upgrade scenario might be:

  • Kratix is upgraded and the Deployment becomes healthy, but a Promise Configure workflow fails.
  • The failing workflow is manually fixed and successfully rerun.
  • The SKE Operator picks up the successful Promise Configure workflow, and proceeds with the remaining upgrade step.
  • The upgrade succeeds when all steps have completed successfully.