For years, the adage in the DevOps community was absolute: “Run your stateless apps on Kubernetes, but keep your databases on bare metal or managed cloud services.” While this advice minimized risk in the early days of container orchestration, the ecosystem has matured. Today, Database Management on Kubernetes is not just possible-it is often the preferred architecture for organizations seeking cloud agnosticism, granular control over storage topology, and unified declarative infrastructure.
However, native Kubernetes primitives like StatefulSets and PersistentVolumeClaims (PVCs) only solve the deployment problem. They do not address the “Day 2” operational nightmares: automated failover, point-in-time recovery (PITR), major version upgrades, and topology-aware scheduling. This is where OpenEverest enters the chat. In this guide, we dissect how OpenEverest leverages the Operator pattern to transform Kubernetes into a database-aware control plane.
Table of Contents
The Evolution of Stateful Workloads on K8s
To understand the value proposition of OpenEverest, we must first acknowledge the limitations of raw Kubernetes for data-intensive applications. Experienced SREs know that a database is not just a pod with a disk attached; it is a complex distributed system that requires strict ordering, consensus, and data integrity.
Why StatefulSets Are Insufficient
While the StatefulSet controller guarantees stable network IDs and ordered deployment, it lacks application-level awareness.
- No Semantic Knowledge: K8s doesn’t know that a PostgreSQL primary needs to be demoted before a new leader is elected; it just kills the pod.
- Storage Blindness: Standard PVCs don’t handle volume expansion or snapshots in a database-consistent manner (flushing WALs to disk before snapshotting).
- Config Drift: Managing
my.cnforpostgresql.confvia ConfigMaps requires manual reloads or pod restarts, often causing downtime.
Pro-Tip: In high-performance database environments on K8s, always configure your StorageClasses with
volumeBindingMode: WaitForFirstConsumer. This ensures the PVC is not bound until the scheduler places the Pod, allowing K8s to respect zone-anti-affinity rules and keeping data local to the compute node where possible.
OpenEverest: The Operator-First Approach
OpenEverest abstracts the complexity of database management on Kubernetes by codifying operational knowledge into a Custom Resource Definition (CRD) and a custom controller. It essentially places a robot DBA inside your cluster.
Architecture Overview
OpenEverest operates on the Operator pattern. It watches for changes in custom resources (like DatabaseCluster) and reconciles the current state of the cluster with the desired state defined in your manifest.
- Custom Resource (CR): The developer defines the intent (e.g., “I want a 3-node Percona XtraDB Cluster with 100GB storage each”).
- Controller Loop: The OpenEverest operator detects the CR. It creates the necessary StatefulSets, Services, Secrets, and ConfigMaps.
- Sidecar Injection: OpenEverest injects sidecars for logging, metrics (Prometheus exporters), and backup agents (e.g., pgBackRest or Xtrabackup) into the database pods.
Core Capabilities for Production Environments
1. Automated High Availability (HA) & Failover
OpenEverest implements intelligent consensus handling. In a MySQL/Percona environment, it manages the Galera cluster bootstrapping process automatically. For PostgreSQL, it often leverages tools like Patroni within the pods to manage leader elections via K8s endpoints or etcd.
Crucially, OpenEverest handles Pod Disruption Budgets (PDBs) automatically, preventing Kubernetes node upgrades from taking down the entire database cluster simultaneously.
2. Declarative Scaling and Upgrades
Scaling a database vertically (adding CPU/RAM) or horizontally (adding read replicas) becomes a simple patch to the YAML manifest. The operator handles the rolling update, ensuring that replicas are updated first, followed by a controlled failover of the primary, and finally the update of the old primary.
apiVersion: everest.io/v1alpha1
kind: DatabaseCluster
metadata:
name: production-db
spec:
engine: postgresql
version: "14.5"
instances: 3 # Just change this to 5 for horizontal scaling
resources:
requests:
cpu: "4"
memory: "16Gi" # Update this for vertical scaling
storage:
size: 500Gi
class: io1-fast3. Day-2 Operations: Backup & Recovery
Perhaps the most critical aspect of database management on Kubernetes is disaster recovery. OpenEverest integrates with S3-compatible storage (AWS S3, MinIO, GCS) to stream Write-Ahead Logs (WAL) continuously.
- Scheduled Backups: Define cron-style schedules directly in the CRD.
- PITR (Point-in-Time Recovery): The operator provides a simple interface to clone a database cluster from a specific timestamp, essential for undoing accidental
DROP TABLEcommands.
Advanced Configuration: Tuning for Performance
Expert SREs know that default container settings are rarely optimal for databases. OpenEverest allows for deep customization.
Kernel Tuning & HugePages
Databases like PostgreSQL benefit significantly from HugePages. OpenEverest facilitates the mounting of HugePages resources and configuring vm.nr_hugepages via init containers or privileged sidecars, assuming the underlying nodes are provisioned correctly.
Advanced Concept: Anti-Affinity Rules
To survive an Availability Zone (AZ) failure, your database pods must be spread across different nodes and zones. OpenEverest automatically injectspodAntiAffinityrules. However, for strict hard-multi-tenancy, you should verify these rules leveragetopology.kubernetes.io/zoneas the topology key.
Implementation Guide
Below is a production-ready example of deploying a highly available database cluster using OpenEverest.
Step 1: Install the Operator
Typically done via Helm. This installs the CRDs and the controller deployment.
helm repo add open-everest https://charts.open-everest.io
helm install open-everest-operator open-everest/operator --namespace db-operators --create-namespaceStep 2: Deploy the Cluster Manifest
This YAML requests a 3-node HA cluster with anti-affinity, dedicated storage class, and backup configuration.
apiVersion: everest.io/v1alpha1
kind: DatabaseCluster
metadata:
name: order-service-db
namespace: backend
spec:
engine: percona-xtradb-cluster
version: "8.0"
replicas: 3
# Anti-Affinity ensures pods are on different nodes
affinity:
antiAffinityTopologyKey: "kubernetes.io/hostname"
# Persistent Storage Configuration
volumeSpec:
pvc:
storageClassName: gp3-encrypted
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 100Gi
# Automated Backups to S3
backup:
enabled: true
schedule: "0 0 * * *" # Daily at midnight
storageName: s3-backup-conf
# Monitoring Sidecars
monitoring:
pmm:
enabled: true
url: "http://pmm-server.monitoring.svc.cluster.local"Frequently Asked Questions (FAQ)
Can I run stateful workloads on Spot Instances?
Generally, no. While K8s handles pod rescheduling, the time taken for a database to recover (crash recovery, replay WAL) is often longer than the application tolerance for downtime. However, running Read Replicas on Spot instances is a viable cost-saving strategy if your operator supports splitting node pools for primary vs. replica.
How does OpenEverest handle storage resizing?
Kubernetes allows PVC expansion (if the StorageClass supports allowVolumeExpansion: true). OpenEverest detects the change in the CRD, expands the PVC, and then restarts the pods one by one (if required by the filesystem) to recognize the new size, ensuring zero downtime.
Is this suitable for multi-region setups?
Cross-region replication adds significant latency constraints. OpenEverest typically manages clusters within a single region (multi-AZ). For multi-region, you would deploy independent clusters in each region and set up asynchronous replication between them, often using an external load balancer or service mesh for traffic routing.
Conclusion
Database Management on Kubernetes has graduated from experimental to essential. Tools like OpenEverest bridge the gap between the stateless design of Kubernetes and the stateful requirements of modern databases. By leveraging Operators, we gain the self-healing, auto-scaling, and declarative benefits of K8s without sacrificing data integrity.
For the expert SRE, the move to OpenEverest reduces the cognitive load of “Day 2” operations, allowing teams to focus on query optimization and architecture rather than manual backups and failover drills. Thank you for reading the DevopsRoles page!
