Monday, November 18 • 5:44pm - 5:49pm
Lightning Talk: CRDs All the Way Down – Using OPA for Complex CRD Validation and Defaulting - Puja Abbassi, Giant Swarm

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Custom Resource Definitions (CRDs) and custom controllers (aka the operator pattern) are becoming the main way we extend Kubernetes. From etcd and Prometheus to full-on Kubernetes extensions a la Cluster API and Service Broker API - a lot of teams are building operators.

As the CRD concept is maturing SIG API machinery is adding useful features like validation, defaulting, structural schemas, etc. In more complex extensions with multiple CRDs and multiple controllers, we run into validation and defaulting use cases that can only be modeled with custom validation and mutation webhooks.

This talk will discuss use cases for complex CRD validation and defaulting, incl. common use cases like validating a CRD against another CRD. Furthermore, the speaker will make a point of why to use Open Policy Agent as a common agent to implement such use cases.

avatar for Puja


VP Product, Giant Swarm
Puja Abbassi is the Vice President of Product at Giant Swarm, building a managed cloud native developer platform based on Kubernetes. In Kubernetes he focuses on extending Kubernetes with custom resources and controllers. With many years of Kubernetes experience and having been in... Read More →

Monday November 18, 2019 5:44pm - 5:49pm PST
Exhibit Hall AB - San Diego Convention Center Ground Level