Simplifying the Management of Odoo in Kubernetes

Introduction

Managing enterprise applications like Odoo in a Kubernetes environment can be complex, especially when it comes to handling multiple instances, automating updates, and ensuring high availability. At Bemade, we have developed a solution that significantly simplifies this task: a dedicated Kubernetes operator for Odoo.

Our operator was designed with two main objectives:

1. Facilitate the deployment of Odoo instances in various environments, whether in production, staging, or development, with a unified and simplified experience.
2. Create a robust API that could eventually be used to manage Odoo instances through other Odoo instances, allowing, for example, a partner to manage their clients' instances directly from the Odoo web interface.

In this article, we share our experience in creating this operator, the challenges we have overcome, and how this solution can benefit organizations using Odoo in a Kubernetes environment.

Why a Kubernetes operator for Odoo?

Kubernetes has become the go-to platform for container orchestration, but managing stateful applications like Odoo presents particular challenges:

1. Persistent storage management: Odoo files and attachments require persistent storage.
2. Complex updates: Odoo updates often involve database migrations and module updates.
3. Specific configuration: Each Odoo instance may require a unique setup.
4. Security and access: The management of secrets and TLS certificates is crucial.

A Kubernetes operator allows encapsulating these complexities and providing a simplified interface for managing the complete lifecycle of Odoo.

Architecture of our Odoo operator

Our Odoo operator is designed according to the best practices of Kubernetes and uses the Kopf framework (Kubernetes Operator Pythonic Framework) to simplify development.

Key Components

1. Custom Resource Definition (CRD): We have defined a custom resource OdooInstance that encapsulates all the necessary configurations for an Odoo instance.
2. Resource Manager: The operator automatically manages the underlying Kubernetes resources:
   • Deployments for Odoo pods
   • Services for the exposure of ports
   • PersistentVolumeClaims for filestore storage
   • Secrets for passwords and authentication information
   • ConfigMaps for Odoo configuration
   • Ingress/IngressRoutes for external access
3. Update Management: A sophisticated mechanism for module updates that allows:
   • Scheduling updates at specific times
   • Secure execution of updates via Kubernetes jobs
   • Pre-validation to avoid errors
4. Validation webhooks: Validations that ensure the integrity of resources before their creation or modification.

Typical workflow

Here is how our operator works in a typical scenario:

1. The administrator creates an OdooInstance resource via kubectl or Helm.
2. The operator detects the new resource and creates all the necessary Kubernetes resources.
3. The Odoo instance becomes accessible via the configured URL.
4. For updates, the administrator modifies the instance specification with the modules to be updated.
5. The operator orchestrates the update securely, minimizing downtime.

Advantages of our approach

For system administrators

1. Simplicity: Deploying a new Odoo instance becomes as easy as applying a YAML file or using a Helm command.
2. Consistency: All instances follow the same best deployment practices.
3. Automation : Repetitive tasks like backups and updates can be automated.
4. Observability: Easy integration with Kubernetes monitoring tools.

For developers

1. Consistent development environments: Ability to quickly deploy test instances identical to production.
2. CI/CD: Easy integration into continuous deployment pipelines.
3. Integration tests: Ease of testing module updates in an isolated environment.

For businesses

1. Cost reduction: Better resource utilization through Kubernetes.
2. Agility: Ability to quickly deploy new instances for new projects or clients.
3. Reliability: High availability and simplified disaster recovery.

Concrete use cases

Multi-tenancy for service providers

For companies hosting Odoo for multiple clients, our operator makes it easy to manage several isolated instances on the same Kubernetes infrastructure, each with its own configuration, resources, and domain.

Development, testing, and production environments

Our operator facilitates the creation of identical environments for development, testing, and production, ensuring that the code functions consistently across all environments.

Planned and uninterrupted updates

Odoo updates can be scheduled during off-peak hours, with prior validation to minimize risks and automated execution to reduce human errors.

Strategic objectives and long-term vision

Beyond immediate use cases, our Odoo operator has been designed with a long-term strategic vision.

Unification of development, staging, and production environments

One of the fundamental objectives of our operator is to create a unified experience for the deployment of Odoo, regardless of the target environment. This approach has several advantages:

• Reduction of configuration errors: By using the same deployment mechanism for all environments, configuration differences are minimized.
• Acceleration of the development cycle: Developers can quickly create test environments that accurately reflect production.
• Simplified migration testing: Upgrades can be tested in environments identical to production before being deployed.
• Living documentation: Infrastructure configuration becomes self-documenting through Kubernetes resources.

API for programmatic management of Odoo instances

Our long-term vision includes using the operator as a backend for an API to manage Odoo instances. This approach opens up fascinating possibilities:

• Integration with Odoo: A partner could manage their clients' Odoo instances directly from their own Odoo system, through a custom module that interacts with the operator's API.
• Self-service client portal: Customers could request module updates, backups, or even the provisioning of new instances through a web portal.
• Advanced automation: Complex workflows could be automated, such as the creation of test instances based on production snapshots, or coordinated updates of multiple instances.
• Billing and integrated metrics: Resource usage could be tracked and directly integrated into Odoo's billing systems.

This API-first approach transforms the operator from a simple infrastructure tool into a comprehensive platform for managing Odoo as a Service, opening up new business opportunities for Odoo partners and internal IT teams.

Lessons learned and challenges overcome

The development of our Odoo operator has presented us with several interesting challenges:

Module Update Management

Odoo module updates can be tricky, especially for large databases. We have developed a system that:

• Validate the presence of the database before attempting an update
• Use Kubernetes jobs to isolate the update process
• Monitor the status of the update and respond accordingly

Security and secrets management

Safety being paramount, we have implemented:

• A secure management of passwords and authentication information
• An integration with cert-manager for TLS certificates
• Role-based access controls to limit who can manage Odoo instances

Resource Optimization

To ensure optimal performance while controlling costs, we have:

• Implemented default resource recommendations based on our experience
• Allowed for fine-tuning of resource limits per instance
• Added liveliness and readiness probes for better pod management

How to get started with our Odoo operator

Our Odoo operator is available as a Helm chart, making its deployment simple in any Kubernetes cluster. The source code is available in our Git repositories:

• Odoo Operator : git.bemade.org/bemade/odoo-operator
• Helm Charts: git.bemade.org/bemade/helm-charts

Prerequisites

• A Kubernetes cluster
• Helm 3 installed
• A PostgreSQL server accessible from the cluster
• Cert-manager installed with at least one configured ClusterIssuer

Operator Installation

# Add the Helm repository
helm repo add bemade https://charts.bemade.org

# Install the operator
helm install odoo-operator bemade/odoo-operator \
  --set database.host=<votre-serveur-postgres> \
  --set database.adminPasswordSecret.name=<votre-secret> \
  --namespace odoo-system \
  --create-namespace

Deployment of an Odoo instance

Once the operator is installed, you can deploy an Odoo instance with a simple command:

helm install mon-odoo bemade/odoo-instance \
  --set image=odoo:18.0 \
  --set adminPassword=<mot-de-passe-admin> \
  --set ingress.hosts[0]=odoo.example.com \
  --set ingress.issuer=letsencrypt-prod \
  --namespace mon-namespace

We recommend using custom Odoo images for Odoo Enterprise installations or Odoo instances with custom modules.

Conclusion

Our Kubernetes operator for Odoo represents a significant advancement in simplifying the management of Odoo in cloud-native environments. By encapsulating best practices and automating complex tasks, it allows IT teams to focus on value-added activities rather than infrastructure management.

At Bemade, we firmly believe in the sharing of knowledge and contributing to the open source community. That’s why we have decided to share our experience and learnings in the development of this operator.

If you are interested in using our Odoo operator or if you would like to contribute to its development, feel free to check out our Git repositories mentioned above or contact us directly.