MTO Dependencies Operator

A Kubernetes operator that manages common infrastructure dependencies required by Multi-Tenant Operator (MTO) as Custom Resources using Helm charts.

Overview

The MTO Dependencies Operator simplifies the deployment and management of essential infrastructure components needed by the Multi-Tenant Operator ecosystem. Instead of manually managing multiple Helm releases, this operator provides a declarative way to deploy and configure dependencies through Kubernetes Custom Resources.

Each Custom Resource's .spec maps directly to the underlying Helm chart values, so any value supported by the chart can be set in the CR. The operator handles the full lifecycle — install, upgrade, and deletion — automatically.

┌─────────────────┐    ┌───────────────────┐    ┌─────────────────┐
│   User/GitOps   │    │  MTO Dependencies │    │   Infrastructure│
│                 │    │     Operator      │    │   Components    │
│                 │────▶                   │────▶                 │
│ Custom Resource │    │  (Helm Operator)  │    │  Helm Releases  │
│  (Dex, etc.)    │    │                   │    │  (Pods, SVCs)   │
└─────────────────┘    └───────────────────┘    └─────────────────┘

Supported Components

Component	Custom Resource	Description
Dex	Dex	OpenID Connect (OIDC) identity provider with pluggable connectors
PostgreSQL	Postgres	Production-ready PostgreSQL database with high availability
Prometheus	Prometheus	Monitoring and alerting system with time series database
Kube State Metrics	KubeStateMetrics	Kubernetes object metrics exporter
OpenCost	OpenCost	Kubernetes cost monitoring and management platform
Dex Config Operator	DexConfigOperator	Dynamic Dex connector and OAuth client management
FinOps Operator	FinOpsOperator	MTO cost monitoring and management platform

All CRs use the API group dependencies.tenantoperator.stakater.com/v1alpha1.

Documentation

Page	Description
Overview	What the operator does, managed components, and how it works
CR Reference	Field reference for all 7 Custom Resources
Deploying Dex	Deploy an OIDC identity provider
Deploying PostgreSQL	Deploy a PostgreSQL database
Deploying Prometheus	Deploy a monitoring stack
Deploying Kube State Metrics	Deploy a Kubernetes metrics exporter
Deploying OpenCost	Deploy cost monitoring
Deploying DexConfigOperator	Deploy dynamic Dex configuration management
Deploying FinOps Operator	Deploy MTO cost management

Quick Start

Prerequisites

• Kubernetes cluster (v1.14+)
• kubectl configured to access your cluster
• Operator Lifecycle Manager (OLM) installed (optional)

Installation

Option 1: Using kubectl

# Install the operator
kubectl apply -f https://raw.githubusercontent.com/stakater-ab/mto-dependencies-operator/refs/heads/main/dist/install.yaml

# Verify installation
kubectl get pods -n mto-dependencies-operator-system

Option 2: From Source

# Clone the repository
git clone https://github.com/stakater-ab/mto-dependencies-operator.git
cd mto-dependencies-operator

# Deploy to your cluster
make deploy

Basic Usage

Create a simple Dex identity provider:

apiVersion: dependencies.tenantoperator.stakater.com/v1alpha1
kind: Dex
metadata:
  name: my-dex
  namespace: auth-system
spec:
  config:
    issuer: https://dex.example.com
    storage:
      type: kubernetes
      config:
        inCluster: true
    staticClients:
    - id: my-app
      name: 'My Application'
      redirectURIs:
      - 'https://my-app.example.com/callback'
      secret: my-secret-key

kubectl apply -f dex-example.yaml

The operator will automatically deploy and configure Dex using the embedded Helm chart.

Development

Prerequisites

• Go 1.21+
• Docker
• kubectl
• kind (for local testing)
• Helm 3.x

Local Development

# Clone the repository
git clone https://github.com/stakater-ab/mto-dependencies-operator.git
cd mto-dependencies-operator

# Install dependencies
make kind                    # Install kind locally
make cluster                 # Create local test cluster
make install                 # Install CRDs

# Run the operator locally
make run

# In another terminal, test with sample resources
kubectl apply -f examples/

Adding a new Helm Chart

1. Dowload the desired Helm chart and place it in the helm-charts/ directory.
2. Create a new API type

  # make sure you have create a feature branch prior to running below commands.
  
  # downloads operator sdk and places it in ./bin/operator-sdk if not already present
  make operator-sdk 
  
  # Create a new API
  ./bin/operator-sdk create api \
    --plugins=helm \
    --group=dependencies \
    --version=v1alpha1 \
    --kind=<name-of-operator-kind> \
    --helm-chart=helm-charts/<name-of-helm-chart>
    
  # commit your changes.

Testing

# Lint Helm charts
make lint

# Run all integration tests
make test

# Run specific tests
make test-dex
make test-prometheus
make test-postgres

# Run tests in parallel
make test-integration-parallel

Building and Deployment

# Build Docker image
make docker-build IMG=your-registry/mto-dependencies-operator:latest

# Push image
make docker-push IMG=your-registry/mto-dependencies-operator:latest

# Deploy to cluster
make deploy IMG=your-registry/mto-dependencies-operator:latest

Configuration

Operator Configuration

The operator can be configured through environment variables:

Variable	Default	Description
WATCH_NAMESPACE	""	Namespace to watch (empty = all namespaces)
LEADER_ELECTION_NAMESPACE	mto-dependencies-operator-system	Namespace for leader election
ANSIBLE_VERBOSITY	0	Ansible verbosity level

Helm Chart Values

Each Custom Resource spec is passed directly to the underlying Helm chart. Refer to individual chart documentation:

• Dex Helm Chart
• Prometheus Helm Chart
• PostgreSQL Helm Chart
• OpenCost Helm Chart
• Kube State Metrics Helm Chart

Monitoring and Observability

The operator exposes metrics and supports monitoring through:

• Metrics: Prometheus metrics on port 8443
• Health Checks: Liveness and readiness probes
• Logging: Structured logging with configurable verbosity

Available Metrics

• controller_runtime_reconcile_total: Total reconciliations per Custom Resource
• controller_runtime_reconcile_errors_total: Failed reconciliations
• workqueue_adds_total: Items added to work queue
• rest_client_requests_total: Kubernetes API requests

Troubleshooting

Common Issues

1. Custom Resource not reconciling

   # Check operator logs
   kubectl logs -n mto-dependencies-operator-system deployment/mto-dependencies-operator-controller-manager
   
   # Check Custom Resource status
   kubectl describe dex my-dex-instance

2. Helm chart deployment failing

   # List Helm releases
   helm list -A
   
   # Check release status
   helm status my-dex-instance -n target-namespace

3. Resource conflicts

   # Check for existing resources
   kubectl get all -l app.kubernetes.io/managed-by=Helm

Debug Mode

Enable debug logging:

kubectl patch deployment mto-dependencies-operator-controller-manager \
  -n mto-dependencies-operator-system \
  --type='json' \
  -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/env/0/value", "value": "2"}]'

Contributing

We welcome contributions! Please see our Contributing Guide for details.

Development Workflow

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests for new functionality
5. Run the test suite: make test
6. Submit a pull request

Code Standards

• Follow Go best practices
• Add comprehensive tests
• Update documentation
• Use conventional commit messages

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.

Support

• Issues: GitHub Issues
• Discussions: GitHub Discussions
• Slack: Stakater Community

Acknowledgments

• Built on the Operator SDK
• Uses the Helm Operator approach
• Integrates community-maintained Helm charts for each dependency