Controllers as Living Interpreters of Intent

Doctrine

Controllers are where Kubernetes becomes real. They interpret intent, handle drift, and encode institutional knowledge into repeatable action.

Kubblai doctrine respects controllers as living institutions: they must be observable, conservative, and predictable.

Reconcile semantics: make progress without drama

Reconcile should be idempotent. It should handle retries and partial failures. It should be safe to run twice, safe to run concurrently (or prevent it), and safe to pause.

Treat external calls as hazardous; design compensations and timeouts.

Informers and cache truth

The shared informer cache is a performance tool. It is also a source of stale reads. Understand when you need a live GET and when cache is sufficient.

At scale, cache misses and list storms become incidents.

Status design

Status should be minimal, stable, and meaningful. Avoid high-churn fields. Use conditions with clear semantics. Record reasons that an operator can act on.

The fastest incident response often begins by reading status.

Backpressure and governance

Controllers should protect the control plane: limit concurrency, rate-limit retries, and avoid unnecessary writes.

A controller that overwhelms the API server is an internal adversary.

Text

Doctrine

Reconcile semantics: make progress without drama

Informers and cache truth

Status design

Backpressure and governance