Esc
↑↓ navigate   Enter open   Esc close
Advanced Vocabulary 8 min read

Vocabulary for Kubernetes Operators

Essential vocabulary for Kubernetes operators: CRD, controller loop, reconcile, watch, patch, status conditions, admission webhooks, and more with practical examples.

By the Coders Lingo Editorial Team

#vocabulary#kubernetes#operators#cloud-native

Kubernetes operators extend the Kubernetes API to automate the management of complex, stateful applications. Building or maintaining an operator requires a precise understanding of Kubernetes-specific vocabulary. Whether you are writing a custom controller, designing CRDs, or debugging a reconciliation loop, this guide covers the terms you need to communicate confidently.

Operator Pattern

A Kubernetes operator is a software extension that uses custom resources and a controller to manage an application and its components. The operator encodes the operational knowledge of a human operator — automating tasks like provisioning, scaling, upgrading, and recovery.

“We built an operator to manage our PostgreSQL clusters. Instead of manually running failover scripts, the operator monitors cluster health and triggers automated failover when the primary becomes unresponsive.” “The operator pattern is most valuable for stateful applications that require complex lifecycle management — databases, message queues, search indices.”

CRD (Custom Resource Definition)

A Custom Resource Definition (CRD) is an extension to the Kubernetes API that allows you to define your own resource types. Once a CRD is applied to a cluster, you can create, update, and delete instances of that custom resource using standard Kubernetes tools like kubectl.

“We defined a PostgresCluster CRD with fields for the number of replicas, the storage class, and the backup schedule. A developer can create a new cluster with a single YAML manifest.” “The CRD schema validates the fields in the custom resource — if a developer provides an invalid value, Kubernetes rejects the manifest before it reaches the controller.”

Controller Loop

The controller loop (also called the control loop or reconciliation loop) is the core pattern in Kubernetes: a controller continuously observes the desired state (from the resource spec), compares it to the actual state (from the cluster), and takes action to bring the actual state in line with the desired state.

“The deployment controller runs a loop: it checks how many pods are running, compares that to the desired replica count in the spec, and creates or deletes pods to close the gap.” “Controller loops are level-triggered, not edge-triggered. The controller acts on the current state, not on events — so it will re-reconcile periodically even if nothing changed.”

Reconcile

Reconcile is the primary action of a controller. When something changes — a resource is created, updated, or deleted, or an external state drifts from the desired state — the controller calls its reconcile function to bring the system back into the desired state.

“The reconcile function receives the name of the resource that triggered the event. It fetches the current state from the API server, compares it to the desired state, and applies any necessary changes.” “Reconcile functions must be idempotent: calling them multiple times with the same input should always produce the same outcome.”

Watch

A watch is a streaming API call that notifies the controller when a resource changes — a create, update, or delete event. Controllers use watches rather than polling to receive changes efficiently.

“The controller watches for changes to PostgresCluster resources in all namespaces. When a new cluster is created, the watch triggers a reconciliation event.” “Watches are backed by the Kubernetes API server’s etcd store. Under high load, watch events can be delayed — your controller must handle eventual consistency gracefully.”

Patch

A patch is a partial update to a Kubernetes resource. Rather than replacing the entire resource, a patch applies only the changed fields. Common patch types in Kubernetes include JSON merge patch and server-side apply.

“The controller patches the status subresource to update the readyReplicas count without touching the spec.” “Use server-side apply when multiple actors need to manage fields in the same resource — it tracks field ownership and prevents conflicts.”

Status Conditions

Status conditions are a standard pattern in Kubernetes for communicating the state of a resource to users and other systems. A condition has a type (e.g., Ready, Degraded, Progressing), a status (True, False, Unknown), a reason (a machine-readable code), and a message (a human-readable explanation).

“Our operator sets the Ready condition to False with reason PrimaryUnreachable and a message explaining that the primary replica has not responded to health checks in 30 seconds.” “Conditions allow users and other controllers to understand the state of a resource without having to parse logs or internal fields.”

Admission Webhook

An admission webhook is an HTTP callback that intercepts requests to the Kubernetes API server before they are persisted to etcd. There are two types:

  • Mutating admission webhook — can modify the incoming resource
  • Validating admission webhook — can accept or reject the incoming resource

“Our mutating webhook injects a sidecar container into every pod in namespaces labelled monitored: true, without requiring developers to add it manually to their manifests.” “Our validating webhook rejects any PostgresCluster resource that requests more than 10TB of storage — this prevents accidental over-provisioning that would exceed our cloud budget.”

Finaliser

A finaliser is a field in a Kubernetes resource that prevents the resource from being deleted until specific cleanup tasks have been completed. The controller is responsible for executing those tasks and then removing the finaliser.

“When a PostgresCluster resource is deleted, the finaliser prevents the deletion from completing until the operator has created a final backup and cleaned up cloud storage resources.” “A resource stuck in a Terminating state usually means a finaliser has been set but the cleanup task has not completed — often because the controller crashed.”

Practical Phrases for Kubernetes Operator Developers

  • “The reconcile function must be idempotent — we may call it multiple times for the same event.”
  • “We’re using server-side apply to manage the deployment spec so that multiple controllers don’t conflict.”
  • “The admission webhook rejects any resource that doesn’t include a cost-centre label.”
  • “The CRD schema uses OpenAPI v3 validation to enforce that replicas is between 1 and 10.”
  • “The status condition shows Degraded: True — the operator detected that one replica is unresponsive.”
  • “The finaliser is blocking deletion because the S3 cleanup job is still running.”

Kubernetes operator vocabulary reflects the elegant but demanding design of the Kubernetes extension model. Mastering these terms will help you build reliable operators, debug reconciliation issues, review operator code effectively, and discuss Kubernetes extensibility with confidence in engineering discussions and interviews.

What to Read Next

Exercise

Practice This Vocabulary

Reinforce what you've just read with interactive exercises built from real IT materials.

Start exercises → Exercise

IT Collocations Drills

Master the verb-noun pairs developers use every day: "push a commit", "raise a ticket", "run tests".

Practice collocations → Exercise

Interview Preparation

170+ exercises covering behavioural, technical, and system design rounds for 24 IT roles.

Start interview prep → Vocabulary

IT Vocabulary Modules

600+ terms across 80+ thematic modules — from Agile to Cloud Infrastructure to AI Agents.

Browse vocabulary →