Skip to main content

SKE Operator

The SKE Operator provides full lifecycle support for Syntasso Kratix Enterprise (SKE) and is the recommended approach for installing and managing your SKE installation.

The operator has its own releases and it manages instances of SKE as defined by a Kratix Custom Resource.

info

While SKE is can be installed directly via the released SKE distribution manifests, we highly recommend that you use the SKE Operator.

Using the Operator will reduce the workload of maintaining SKE, and all future operational features will only be available via the Operator.

Features

The SKE Operator will:

  • Install a Kratix instance into your cluster, including dependencies
  • Prevent drift of Kratix resources by continuously reconciling them against the declared SKE distribution
  • Validate SKE is in a healthy state before upgrading with pre-upgrade checks
  • Roll out an upgrade to the next minor version at the latest patch
  • Provide information about the status of the upgrade

The Kratix CRD

The Kratix CRD is the resource definition corresponding to a Kratix installation. This resource is managed by the SKE Operator.

  apiVersion: platform.syntasso.io/v1alpha1
  kind: Kratix
  metadata:
    name: my-kratix
  spec:
    version: vX.Y.Z # The desired version of SKE; set to "latest" to always use the latest
    tlsConfig:
      certManager:
        disabled: false # Set to true to disable cert-manager integration
        issuerRef: # Optional: reference a custom cert-manager issuer
          kind: ClusterIssuer # or Issuer
          name: my-issuer
      certSecretName: my-tls-secret # Required if cert-manager is disabled
      metricsServerCertSecretName: my-metrics-secret # Required if cert-manager is disabled
    deploymentConfig:
      resources: # Customize resource requests & limits for the Kratix deployment
        limits:
          memory: 500Mi
          cpu: 300m
        requests:
          memory: 500Mi
          cpu: 300m
      nodeSelector: # Constrain scheduling to nodes matching these labels
        kubernetes.io/os: linux
      affinity: # Standard Kubernetes affinity rules
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
              - matchExpressions:
                  - key: kubernetes.io/arch
                    operator: In
                    values:
                      - amd64
        podAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            - labelSelector:
                matchExpressions:
                  - key: app
                    operator: In
                    values:
                      - my-app
              topologyKey: kubernetes.io/hostname
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 100
              podAffinityTerm:
                labelSelector:
                  matchExpressions:
                    - key: app
                      operator: In
                      values:
                        - my-app
                topologyKey: kubernetes.io/hostname
      tolerations: # Allow scheduling on tainted nodes
        - key: example-key
          operator: Exists
          effect: NoSchedule
      volumes: # Additional volumes to mount into the deployment
        - name: my-volume
          configMap:
            name: my-configmap
      volumeMounts: # Additional volume mounts for the manager container
        - name: my-volume
          mountPath: /etc/config

The Kratix resource is the owner of all resources installed as part of the SKE distribution, and ensures that their state always matches the definition in the distribution manifest.