Version v1.8 of the documentation is no longer actively maintained. The site that you are currently viewing is an archived snapshot. For up-to-date documentation, see the latest version.
This document describes the
watchDependentResources option in
watches.yaml file. It delves into what dependent resources are, why the option is required, how it is achieved and finally gives an example.
What are dependent resources?
In most cases, an operator creates a bunch of Kubernetes resources in the cluster, that helps deploy and manage the application. For instance, the etcd-operator creates two services and a number of pods for a single
EtcdCluster CR. In this case, all the Kubernetes resources created by the operator for a CR is defined as dependent resources.
Often, an operator needs to watch dependent resources. To achieve this, a developer would set the field,
True in the
watches.yaml file. If enabled, a change in a dependent resource will trigger the reconciliation loop causing Ansible code to run.
For example, since the etcd-operator needs to ensure that all the pods are up and running, it needs to know when a pod changes. Enabling the dependent watches option would trigger the reconciliation loop to run. The Ansible logic needs to handle these cases and make sure that all the dependent resources are in the desired state as declared by the
Note: By default it is enabled when using ansible-operator
How is this achieved?
ansible-operator base image achieves this by leveraging the concept of owner-references. Whenever a Kubernetes resource is created by Ansible code, the
proxy module injects
owner-references into the resource being created. The
owner-references means the resource is owned by the CR for which reconciliation is taking place.
watchDependentResources field is enabled, the
ansible-operator will watch all the resources owned by the CR, registering callbacks to their change events. Upon a change, the callback will enqueue a
ReconcileRequest for the CR. The enqueued reconciliation request will trigger the
Reconcile function of the controller which will execute the ansible logic for reconciliation.
This is an example of a watches file with the
watchDependentResources field set to
- version: v1alpha1 group: app.example.com kind: AppService playbook: playbook.yml maxRunnerArtifacts: 30 reconcilePeriod: 5s manageStatus: False watchDependentResources: True