So you wanna write Kubernetes controllers?

Original Article ↗ Hacker News Discussion ↗

Role of Abstractions and DevOps

  • Many comments question “abstraction on abstraction” (VMs → containers → orchestrators → controllers) and complain about rising complexity and YAML/tooling sprawl.
  • Others argue abstraction is how complex systems are made tractable at all (comparing to compilers, filesystems, networks, bridges). The problem is seen as leaky or poorly designed abstractions, not abstraction itself.
  • Some see modern “DevOps” as a mislabeled or degraded form of operations work; infra teams report being consistently overloaded rather than serving as a “jobs program.”

Do You Even Need Kubernetes (or Controllers)?

  • Several participants say Kubernetes is overkill for many companies, especially simple web apps or small teams; suggestions include ECS or Cloud Run instead.
  • Counterpoint: Kubernetes shines for many-tenant, high-velocity, distributed systems and when infra must be portable across environments or vendors.
  • There is disagreement whether AWS primitives (ECS + ALB + ASG + RDS, etc.) are “equivalent enough” to Kubernetes for most use cases.

Why Controllers and CRDs Exist

  • Pro‑controller side:
    • CRDs/controllers are framed as the key to Kubernetes’ extensibility, enabling higher‑level, domain‑specific APIs (e.g., Crossplane, external-dns, certificate management, multi-tenant DB controllers).
    • Controllers encode business rules and reconcile real-world state (failover, DNS creation, Keycloak clients, FSx filesystems) into desired state.
  • Skeptical side:
    • Many “config-rendering” operators are seen as unnecessary; a generator (Helm, scripts, Terraform, CUE-based tools) and GitOps may be simpler and more testable.
    • Some advise avoiding writing operators unless clearly needed for runtime dynamism or external side effects.

Controller Patterns vs. Generators

  • A recurring design choice: controller (continuous reconciliation) vs generator (rendered manifests).
  • Generators are praised for easy testing, dry-runs, and explicit diffs (“rendered manifests pattern”).
  • Controllers are favored when:
    • State must react to external events (failures, autoscaling, short-lived jobs, dev containers).
    • Platform teams want a stable “golden path” abstraction they can evolve (e.g., swapping Istio for Linkerd without app changes).

Cultural and Practical Observations

  • Some lament that Kubernetes encourages infra engineers who don’t understand underlying systems; others note it dramatically increases the sysadmin:machine ratio.
  • A few express regret after initial fascination with operators, feeling they add layers that don’t clearly benefit the product, especially for “not-Google” scale.