Hands-on Kubernetes Operator Development: Finalizers

• Introduction & Environment Bootstrap
• Implementing Main Reconcile Logic
• Implementing Resource Cleanup (this post)
• Implementing Webhooks
• Testing Your Operator

In the first two blog posts on this topic we learned how to bootstrap your operator and how to implement the reconciliation loop.

In the third episode we will discuss an important aspect of Kubernetes resource lifecycle management - garbage collection. As we continue building our Tenant Operator, it is critical to ensure that resources allocated to a tenant are properly cleaned up when a tenant is deleted. This not only optimizes the resource usage but also avoids potential conflicts and issues that can arise from stale or orphaned resources.

Understanding Finalizers in Kubernetes

Finalizers are an essential part of Kubernetes' resource management system. They provide a mechanism to prevent specific resources from being deleted before we've performed necessary cleanup operations.

Each Kubernetes object's metadata includes a field called finalizers, which is an array of strings. These strings are arbitrary, but by convention, they take the form of domain/name. The absence of finalizers or an empty list in a resource means it can be deleted immediately by the Kubernetes API server. However, if the finalizers list contains one or more elements, the Kubernetes API server will not delete the resource, giving our operator the chance to perform any necessary cleanup operations. Here is example how the finalizer might look like: