mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 21:46:22 +01:00
194 lines
7.0 KiB
Plaintext
194 lines
7.0 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * operators/user/olm-installing-operators-in-namespace.adoc
|
|
// * operators/admin/olm-adding-operators-to-cluster.adoc
|
|
// * post_installation_configuration/preparing-for-users.adoc
|
|
//
|
|
// Module watched for changes by Ecosystem Catalog team:
|
|
// https://projects.engineering.redhat.com/projects/RHEC/summary
|
|
|
|
ifeval::["{context}" == "olm-installing-operators-in-namespace"]
|
|
:olm-user:
|
|
endif::[]
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="olm-installing-operator-from-operatorhub-using-cli_{context}"]
|
|
= Installing from OperatorHub by using the CLI
|
|
|
|
Instead of using the {product-title} web console, you can install an Operator from OperatorHub by using the CLI. Use the `oc` command to create or update a `Subscription` object.
|
|
|
|
.Prerequisites
|
|
|
|
ifndef::olm-user[]
|
|
* Access to an {product-title} cluster using an account with
|
|
ifdef::openshift-enterprise,openshift-webscale,openshift-origin[]
|
|
`cluster-admin` permissions.
|
|
endif::[]
|
|
ifdef::openshift-dedicated,openshift-rosa[]
|
|
the `dedicated-admin` role.
|
|
endif::[]
|
|
endif::[]
|
|
|
|
ifdef::olm-user[]
|
|
* Access to an {product-title} cluster using an account with Operator installation permissions.
|
|
endif::[]
|
|
|
|
* You have installed the OpenShift CLI (`oc`).
|
|
|
|
.Procedure
|
|
|
|
. View the list of Operators available to the cluster from OperatorHub:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get packagemanifests -n openshift-marketplace
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME CATALOG AGE
|
|
3scale-operator Red Hat Operators 91m
|
|
advanced-cluster-management Red Hat Operators 91m
|
|
amq7-cert-manager Red Hat Operators 91m
|
|
...
|
|
couchbase-enterprise-certified Certified Operators 91m
|
|
crunchy-postgres-operator Certified Operators 91m
|
|
mongodb-enterprise Certified Operators 91m
|
|
...
|
|
etcd Community Operators 91m
|
|
jaeger Community Operators 91m
|
|
kubefed Community Operators 91m
|
|
...
|
|
----
|
|
+
|
|
Note the catalog for your desired Operator.
|
|
|
|
. Inspect your desired Operator to verify its supported install modes and available channels:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc describe packagemanifests <operator_name> -n openshift-marketplace
|
|
----
|
|
|
|
. An Operator group, defined by an `OperatorGroup` object, selects target namespaces in which to generate required RBAC access for all Operators in the same namespace as the Operator group.
|
|
+
|
|
The namespace to which you subscribe the Operator must have an Operator group that matches the install mode of the Operator, either the `AllNamespaces` or `SingleNamespace` mode. If the Operator you intend to install uses the `AllNamespaces` mode, the `openshift-operators` namespace already has the appropriate `global-operators` Operator group in place.
|
|
+
|
|
However, if the Operator uses the `SingleNamespace` mode and you do not already have an appropriate Operator group in place, you must create one.
|
|
+
|
|
[NOTE]
|
|
====
|
|
* The web console version of this procedure handles the creation of the `OperatorGroup` and `Subscription` objects automatically behind the scenes for you when choosing `SingleNamespace` mode.
|
|
* You can only have one Operator group per namespace. For more information, see "Operator groups".
|
|
====
|
|
+
|
|
.. Create an `OperatorGroup` object YAML file, for example `operatorgroup.yaml`:
|
|
+
|
|
.Example `OperatorGroup` object
|
|
[source,yaml]
|
|
----
|
|
apiVersion: operators.coreos.com/v1
|
|
kind: OperatorGroup
|
|
metadata:
|
|
name: <operatorgroup_name>
|
|
namespace: <namespace>
|
|
spec:
|
|
targetNamespaces:
|
|
- <namespace>
|
|
----
|
|
+
|
|
--
|
|
include::snippets/operator-group-unique-name.adoc[]
|
|
--
|
|
+
|
|
.. Create the `OperatorGroup` object:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f operatorgroup.yaml
|
|
----
|
|
|
|
. Create a `Subscription` object YAML file to subscribe a namespace to an Operator, for example `sub.yaml`:
|
|
+
|
|
.Example `Subscription` object
|
|
[source,yaml]
|
|
----
|
|
apiVersion: operators.coreos.com/v1alpha1
|
|
kind: Subscription
|
|
metadata:
|
|
name: <subscription_name>
|
|
namespace: openshift-operators <1>
|
|
spec:
|
|
channel: <channel_name> <2>
|
|
name: <operator_name> <3>
|
|
source: redhat-operators <4>
|
|
sourceNamespace: openshift-marketplace <5>
|
|
config:
|
|
env: <6>
|
|
- name: ARGS
|
|
value: "-v=10"
|
|
envFrom: <7>
|
|
- secretRef:
|
|
name: license-secret
|
|
volumes: <8>
|
|
- name: <volume_name>
|
|
configMap:
|
|
name: <configmap_name>
|
|
volumeMounts: <9>
|
|
- mountPath: <directory_name>
|
|
name: <volume_name>
|
|
tolerations: <10>
|
|
- operator: "Exists"
|
|
resources: <11>
|
|
requests:
|
|
memory: "64Mi"
|
|
cpu: "250m"
|
|
limits:
|
|
memory: "128Mi"
|
|
cpu: "500m"
|
|
nodeSelector: <12>
|
|
foo: bar
|
|
----
|
|
<1> For default `AllNamespaces` install mode usage, specify the `openshift-operators` namespace. Alternatively, you can specify a custom global namespace, if you have created one. Otherwise, specify the relevant single namespace for `SingleNamespace` install mode usage.
|
|
<2> Name of the channel to subscribe to.
|
|
<3> Name of the Operator to subscribe to.
|
|
<4> Name of the catalog source that provides the Operator.
|
|
<5> Namespace of the catalog source. Use `openshift-marketplace` for the default OperatorHub catalog sources.
|
|
<6> The `env` parameter defines a list of Environment Variables that must exist in all containers in the pod created by OLM.
|
|
<7> The `envFrom` parameter defines a list of sources to populate Environment Variables in the container.
|
|
<8> The `volumes` parameter defines a list of Volumes that must exist on the pod created by OLM.
|
|
<9> The `volumeMounts` parameter defines a list of volume mounts that must exist in all containers in the pod created by OLM. If a `volumeMount` references a `volume` that does not exist, OLM fails to deploy the Operator.
|
|
<10> The `tolerations` parameter defines a list of Tolerations for the pod created by OLM.
|
|
<11> The `resources` parameter defines resource constraints for all the containers in the pod created by OLM.
|
|
<12> The `nodeSelector` parameter defines a `NodeSelector` for the pod created by OLM.
|
|
|
|
. If the cluster is in STS mode, include the following fields in the `Subscription` object:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
kind: Subscription
|
|
# ...
|
|
spec:
|
|
installPlanApproval: Manual <1>
|
|
config:
|
|
env:
|
|
- name: ROLEARN
|
|
value: "<role_arn>" <2>
|
|
----
|
|
<1> Subscriptions with automatic update approvals are not recommended because there might be permission changes to make prior to updating. Subscriptions with manual update approvals ensure that administrators have the opportunity to verify the permissions of the later version and take any necessary steps prior to update.
|
|
<2> Include the role ARN details.
|
|
|
|
. Create the `Subscription` object:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f sub.yaml
|
|
----
|
|
+
|
|
At this point, OLM is now aware of the selected Operator. A cluster service version (CSV) for the Operator should appear in the target namespace, and APIs provided by the Operator should be available for creation.
|
|
|
|
ifeval::["{context}" == "olm-installing-operators-in-namespace"]
|
|
:!olm-user:
|
|
endif::[]
|