CockroachDB Operator Overview

The CockroachDB operator is a fully-featured Kubernetes operator that allows you to deploy and manage CockroachDB self-hosted clusters.

With the CockroachDB operator, you can deploy CockroachDB clusters across multiple regions with separate operator instances per region. Using Helm, set configurations that manage the operator and CockroachDB nodes across regions.

CockroachDB operator

This section describes how to:

• Deploy a CockroachDB cluster using the CockroachDB operator.
• Migrate from an existing CockroachDB Kubernetes deployment using Helm or the Public operator.

• Operate a CockroachDB cluster:

  • Manage pod scheduling.
  • Manage cluster resources.
  • Manage certificates.
  • Scale a cluster.
  • Monitor a cluster.
  • Upgrade a cluster.
  • Override deployment templates.
  • Improve cluster performance.

Kubernetes terminology

Before starting, review some basic Kubernetes terminology. Note that CockroachDB nodes are distinct from Kubernetes "nodes" or "worker nodes".

Feature	Description
node	A physical or virtual machine. In the deployment guide, you'll create instances and join them as worker nodes into a single Kubernetes cluster.
pod	A pod is a group of one of more Docker containers. In the deployment guide, each pod will run on a separate Kubernetes worker node and include one Docker container running a single CockroachDB node, reflecting our topology recommendations.
operator	An operator is an extension to Kubernetes that uses custom resources to efficiently manage specific applications. The CockroachDB operator includes two custom resource definitions to manage CockroachDB, CrdbCluster and CrdbNode. Unlike the older Public operator, the CockroachDB operator does not use StatefulSets and is designed to simplify multi-region deployments.
persistent volume	A persistent volume is a piece of networked storage (Persistent Disk on GCE, Elastic Block Store on AWS) mounted into a pod. The lifetime of a persistent volume is decoupled from the lifetime of the pod that's using it, ensuring that each CockroachDB node binds back to the same storage on restart. The deployment guide assumes that dynamic volume provisioning is available. When that is not the case, persistent volume claims need to be created manually.
RBAC	RBAC, or Role-Based Access Control, is the system Kubernetes uses to manage permissions within the cluster. In order to take an action (e.g., get or create) on an API resource (e.g., a pod), the client must have a Role that allows it to do so. The deployment guide creates the RBAC resources necessary for CockroachDB to create and access certificates.