← Blog/clouddevops platforms

Kubernetes 1.15: Custom Resource Definition Validation and API Schemas

Production-grade APIs. We explore CRD schema validation, openAPI schemas, and resource controllers.

VP
SHIVAM ITCS·19 August 2019·10 min read·1 views
#kubernetes#crd#openapi#devops#cloud-native

Technical Overview & Strategic Context

While Kubernetes Custom Resource Definitions (CRDs) allowed developers to extend the Kubernetes API, early implementations lacked validation rules: invalid manifests could be accepted by the API server, causing background controllers to crash. The release of Kubernetes 1.15 in mid-2019 resolved this by introducing CRD validation using OpenAPI schemas, allowing the API server to validate resource inputs statically, improving cluster stability.

Architectural Principle: Configure OpenAPI validation schemas for Custom Resource Definitions. Validate resource inputs at the API server level to prevent background controller crashes.

Core Concepts & Architectural Blueprint

Kubernetes 1.15 API server uses OpenAPI specifications to validate CRD manifests. If a submitted manifest does not match the schema (e.g. invalid parameter types or missing fields), the API server rejects the request. This version also improved CRD pruning, automatically removing undeclared properties from resources.

Performance & Capability Comparison

Kubernetes VersionCRD validation typePruning BehaviorOrchestration Reliability
Kubernetes 1.10 - 1.14Limited validation (requires custom webhooks)Retains undeclared propertiesProne to background controller crashes
Kubernetes 1.15Static validation via OpenAPI schemasAutomatic pruning of undeclared fieldsEnables reliable database operators

Implementation & Code Pattern

To configure validation schemas for Custom Resource Definitions in Kubernetes 1.15, follow these steps:

  • Define the CustomResourceDefinition manifest using OpenAPI specifications.
  • Specify property schemas and constraints inside validation blocks.
  • Verify that client tools (kubectl) catch schema validation errors.
  • Configure pruning to remove undeclared properties from resources.
yamlcode
# Custom Resource Definition validation schema in Kubernetes 1.15 (2019)
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: databases.shivamitcs.in
spec:
  group: shivamitcs.in
  version: v1
  scope: Namespaced
  names:
    plural: databases
    singular: database
    kind: Database
  validation:
    openAPIV3Schema:
      type: object
      properties:
        spec:
          type: object
          required: [ engine, sizeGi ] # Define required parameters
          properties:
            engine:
              type: string
              enum: [ postgres, mysql, redis ] # Restrict parameters to enum
            sizeGi:
              type: integer
              minimum: 10 # Enforce size limits

Operational Governance & Future Outlook

The introduction of OpenAPI schema validation for Custom Resource Definitions in Kubernetes 1.15 simplified API extensions, helping developers deploy reliable operators on container infrastructure.

VP
Vijay Paliwal
Founder, SHIVAM ITCS · 18+ years enterprise & AI engineering
MCA · Ex-HiveGPT USA · Ex-Social27 Seattle
← More PostsWork With Us →
Kubernetes 1.15: Custom Resource Definition Validation and API Schemas | SHIVAM ITCS Blog | SHIVAM ITCS