陌讯skills聚合平台

kubernetes-operator

📁 stormingluke/copilot 📅 4 days ago
2
总安装量
2
周安装量
#70434
全站排名
安装命令
npx skills add https://github.com/stormingluke/copilot --skill kubernetes-operator

Agent 安装分布

amp 2
github-copilot 2
codex 2
kimi-cli 2
gemini-cli 2
cursor 2

Skill 文档

Controller-Runtime Patterns

Reconciler Structure

  • Implement reconcile.Reconciler interface
  • Always accept and propagate context.Context
  • Return ctrl.Result{} with appropriate requeue:
    • Result{} — success, no requeue
    • Result{RequeueAfter: 30 * time.Second} — delayed retry
    • Result{Requeue: true} — immediate retry
  • Never return an error for expected/permanent failures — log and return Result{}
  • Return errors only for transient failures that should be retried

CRD Design

  • Group: <domain>.example.com/v1alpha1 → v1beta1 → v1
  • Status subresource always enabled
  • Use status conditions following metav1.Condition pattern:
    • Type, Status (True/False/Unknown), Reason, Message, LastTransitionTime
  • Printer columns for kubectl get output
  • Validation via CEL expressions in CRD markers

Finalizers

  • Add finalizer on creation if external cleanup is needed
  • Check DeletionTimestamp before reconciling
  • Remove finalizer only after cleanup succeeds
  • Pattern: 
    if obj.DeletionTimestamp != nil {
    if controllerutil.ContainsFinalizer(obj, finalizerName) {
        // cleanup external resources
        controllerutil.RemoveFinalizer(obj, finalizerName)
        return ctrl.Result{}, r.Update(ctx, obj)
    }
    return ctrl.Result{}, nil
}

Owner References

  • Set owner references for all child resources
  • Use controllerutil.SetControllerReference() for single-owner
  • Use controllerutil.SetOwnerReference() for shared ownership
  • Watch owned resources with .Owns(&corev1.ConfigMap{})

RBAC

  • Use kubebuilder RBAC markers: //+kubebuilder:rbac:groups=...,resources=...,verbs=...
  • Principle of least privilege — only request what the controller needs
  • Separate ClusterRole for cluster-scoped vs namespace-scoped resources

Testing

  • Unit tests: fake.NewClientBuilder().WithScheme(s).WithObjects(objs...).Build()
  • Integration tests: envtest.Environment with real etcd + API server
  • Test the full reconcile loop: create → reconcile → verify → update → reconcile → verify
  • Test idempotency: running reconcile twice should produce the same result
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。