K8S系列之6.1：自定义扩展（CRD 与 Operator 设计模式）

当Kubernetes的内置资源无法满足你的需求时，CRD和Operator让你可以像Kubernetes开发者一样扩展集群能力。本章将深入探讨如何将运维知识代码化，实现真正的"自运维"应用。

引言：从自动化到自治

传统运维的痛点：

• 重复劳动：每次部署都需要手动执行一系列操作
• 知识孤岛：运维经验仅存在少数工程师的头脑中
• 响应滞后：故障发生时需要人工介入

Operator模式的核心理念：将运维专家的知识编码到软件中，让应用能够自我管理、自我修复、自我优化。

一、CRD（Custom Resource Definition）：扩展Kubernetes API

1.1 CRD基础概念

CRD允许你向Kubernetes API添加新的资源类型，这些资源可以像Pod、Deployment一样被创建、管理和监控。

1.2 CRD架构深度解析

// CRD在Kubernetes中的表示typeCustomResourceDefinitionstruct{metav1.TypeMeta metav1.ObjectMeta Spec CustomResourceDefinitionSpec Status CustomResourceDefinitionStatus}// CRD规范定义了资源的结构typeCustomResourceDefinitionSpecstruct{Groupstring// API组，如"database.example.com"Versions[]CustomResourceDefinitionVersion Scope ResourceScope// Namespaced或ClusterNames CustomResourceDefinitionNames}// 版本管理typeCustomResourceDefinitionVersionstruct{NamestringServedbool// 是否提供服务Storagebool// 是否作为存储版本Schema*CustomResourceValidation// OpenAPI v3 Schema}

1.3 创建复杂的CRD

场景：定义数据库集群CRD

# database-cluster-crd.yamlapiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:name:databaseclusters.database.example.comspec:group:database.example.comversions:-name:v1alpha1served:truestorage:falseschema:openAPIV3Schema:type:objectproperties:spec:type:objectrequired:-databaseType-replicasproperties:databaseType:type:stringenum:-mysql-postgresql-mongodbversion:type:stringdefault:"latest"replicas:type:integerminimum:1maximum:10default:3storage:type:objectproperties:size:type:stringpattern:'^[0-9]+(Gi|Mi)$'class:type:stringdefault:"standard"backup:type:objectproperties:enabled:type:booleandefault:falseschedule:type:stringpattern:'^(\*|([0-9]|1[0-9]|2[0-3])) (\*|([0-9]|1[0-9]|2[0-3]|3[0-1])) (\*|([0-9]|1[0-9]|2[0-3]|3[0-1]|4[0-6]|5[0-3])) \* \*$'resources:type:objectproperties:requests:type:objectproperties:cpu:type:stringdefault:"500m"memory:type:stringdefault:"1Gi"limits:type:objectproperties:cpu:type:stringdefault:"2"memory:type:stringdefault:"4Gi"status:type:objectproperties:phase:type:stringenum:-Pending-Creating-Running-Upgrading-Failedconditions:type:arrayitems:type:objectproperties:type:type:stringstatus:type:stringlastTransitionTime:type:stringformat:date-timereason:type:stringmessage:type:stringreadyReplicas:type:integercurrentVersion:type:stringsubresources:status:{}# 启用status子资源scale:# 启用scale子资源specReplicasPath:.spec.replicasstatusReplicasPath:.status.readyReplicaslabelSelectorPath:.status.labelSelector-name:v1beta1served:truestorage:true# 升级版本，添加新字段...scope:Namespacednames:plural:databaseclusterssingular:databaseclusterkind:DatabaseClustershortNames:-db-dbclusterconversion:strategy:Webhookwebhook:clientConfig:service:namespace:database-operatorname:database-operator-webhookpath:/convertconversionReviewVersions:-v1

应用CRD

kubectl apply -f database-cluster-crd.yaml# 验证CRDkubectl get crd databaseclusters.database.example.com# 查看CRD详情kubectl describe crd databaseclusters.database.example.com

1.4 版本转换与升级策略

多版本支持

# conversion-webhook.yamlapiVersion:admissionregistration.k8s.io/v1kind:ConversionReviewmetadata:name:database-conversion-webhookwebhooks:-name:database-conversion.database.example.comclientConfig:service:namespace:database-operatorname:database-operator-webhookpath:/convertrules:-apiGroups:["database.example.com"]apiVersions:["v1alpha1","v1beta1","v1"]resources:["databaseclusters"]operations:["CONVERT"]conversionReviewVersions:["v1"]sideEffects:NonetimeoutSeconds:30

版本转换逻辑（Go示例）

funcConvertDatabaseCluster(oldObj runtime.Object,targetGroupVersion schema.GroupVersion)(runtime.Object,error){switcholdObj.(type){case*v1alpha1.DatabaseCluster:// 从v1alpha1转换到v1beta1old:=oldObj.(*v1alpha1.DatabaseCluster)new:=&v1beta1.DatabaseCluster{}// 字段映射和转换逻辑new.Spec.DatabaseType=old.Spec.DatabaseTypenew.Spec.Replicas=old.Spec.Replicas// 处理新增字段的默认值ifold.Spec.Storage==nil{new.Spec.Storage=&v1beta1.StorageSpec{Size:"10Gi",Class:"standard",}}returnnew,nil}returnnil,fmt.Errorf("unsupported conversion"</