Virtualization Technology News and Information
The Best of Both Worlds with Declarative and Imperative Kubernetes Operators

By Dominik Tornow, is a Principal Engineer at Temporal

Kubernetes has revolutionized how developers and operators develop and operate applications but, Kubernetes is not without its challenges. Kubernetes automates operations with Kubernetes controllers, also called Kubernetes operators. However, Kubernetes' declarative approach is not an optimal solution for all problems. Often, operations require imperative workflows, a sequence of carefully orchestrated steps, to be successful. The purpose of this article is to explain how we can combine Kubernetes' declarative approach with a workflow system's imperative approach to get the best of both worlds.

Kubernetes operators are declarative, which means they reconcile the current state of Kubernetes cluster with the desired state of the Kubernetes cluster, conceptually in a continuous loop, the control loop.

A declarative approach expresses computation without explicitly expressing a sequence of steps. Informally, we say a declarative approach only specifies what we must accomplish but not how to accomplish it - How is determined by the system. This is in contrast with an imperative approach, which explicitly expresses the sequence of steps that need to be taken.

To understand declarative and imperative programming, consider a car's navigation system: When the driver specifies the desired destination, the navigation system determines its definition of an optimal route. When the driver deviates from that route, the navigation system reconciles the current location with the desired location and determines an updated optimal route.

The same is true with Kubernetes, which relies on declarative processes. Conveniently, Kubernetes lets developers take their hands off the wheel, but that does not work well in all cases. Sometimes, operations often rely on workflows, that is, a sequence of steps executed in specific order to achieve a desired outcome.

To stick with the analogy of the navigation system: Expressing a specific route, reacting to external events, or avoiding or waiting for some conditions is not easily expressed via a destination and some waypoints. Similarly, upgrading a complex software system, rolling out multiple services and applying multiple schema migrations is a carefully choreographed process. The sequence of steps matter, there is no flexibility, they are not commutative.

Expressing this logic as a declarative, configurable Kubernetes operator is cumbersome at the very best.

The incumbent technology for imperative workflow is scripts. Developers use scripts and intermediary technologies to manage dependencies in an ad hoc way. But the solutions are one-off designs, prone to fail, and hard to replicate. Other solutions like complex Directed Acyclic Graph (DAG) based solutions present a steep learning curve to deal with.

The combination of Kubernetes and imperative workflow orchestrators removes the complexity and the likelihood of failure with scripts. Developers don't have to interpret imperative processes in ad hoc code or through intermediary files, such as DAG files. This is workflow as code, which lets developers express the processes in their preferred language rather than accommodate a third party solution.

However, expressing sequential logic as an imperative workflow as clode is a snug fit by definition and enables developers and operators to express sequential processes in their preferred programming language. No scripts, no learning curve.

Imperative workflow as clode solutions are the ideal extension to declarative Kubernetes operators: a declarative Kubernetes operator is responsible for the detection of state drift between the desired state and the current state while a Workflow is used to reconcile the current state with the desired state - with fine grained control over the complex sequence of steps necessary to operate your application successfully.

Kubernetes has changed the way developers package and deploy applications but its declarative format doesn't work well in all situations. Both day 1 and day 2 benefit from imperative processes, carefully orchestrated sequences of steps, to ensure that your applications arrive at the desired state. Innovations around imperative workflow orchestrators that work in tandem with Kubernetes are solving this. Developers get the hands off experience of Kubernetes and the hands on control of imperative workflow, without tradeoffs between the technologies. For developers that need a fine grain imperative, an imperative workflow orchestrator is ideal. There are tutorials and widespread open source tools to help you get started when you're ready to take the wheel.


To hear more about cloud native topics, join the Cloud Native Computing Foundation and cloud native community at KubeCon+CloudNativeCon North America 2021 - October 11-15, 2021      


dominik tornow 

Dominik Tornow, is a Principal Engineer at Temporal, an open source platform for orchestrating highly reliable, mission-critical applications at scale.

Published Friday, October 01, 2021 7:42 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2021>