openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-06 06:46:26 +01:00
Code Issues Releases Activity
Files
eb21424e97d48118fd1ff8c8b4dff94de2dd3b1c
openshift-docs/modules/olm-enabling-operator-restricted-network.adoc
Alex Dellapenta f0bbeb222f Update OSDK disconnected reqs
2020-10-20 19:44:50 +00:00

119 lines
4.0 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * operators/operator_sdk/osdk-generating-csvs.adoc
[id="olm-enabling-operator-for-restricted-network_{context}"]
= Enabling your Operator for restricted network environments
As an Operator author, your Operator must meet additional requirements to run
properly in a restricted network, or disconnected, environment.
.Operator requirements for supporting disconnected mode
* In the ClusterServiceVersion (CSV) of your Operator:
** List any _related images_, or other container images that your Operator might
require to perform their functions.
** Reference all specified images by a digest (SHA) and not by a tag.
* All dependencies of your Operator must also support running in a disconnected
mode.
* Your Operator must not require any off-cluster resources.
// TODO: Include more info w/ better steps on how to do this:
//* You must understand the {product-title} proxy configuration.
For the CSV requirements, you can make the following changes as the Operator
author.
.Prerequisites
* An Operator project with a CSV.
.Procedure
. Use SHA references to related images in two places in the CSV for your Operator:
.. Update `spec.relatedImages`:
+
[source,yaml]
----
...
spec:
relatedImages: <1>
- name: etcd-operator <2>
image: quay.io/etcd-operator/operator@sha256:d134a9865524c29fcf75bbc4469013bc38d8a15cb5f41acfddb6b9e492f556e4 <3>
- name: etcd-image
image: quay.io/etcd-operator/etcd@sha256:13348c15263bd8838ec1d5fc4550ede9860fcbb0f843e48cbccec07810eebb68
...
----
<1> Create a `relatedImages` section and set the list of related images.
<2> Specify a unique identifier for the image.
<3> Specify each image by a digest (SHA), not by an image tag.
.. Update the `env` section of the Operators Deployments when declaring environment
variables that inject the image that the Operator should use:
+
[source,yaml]
----
spec:
install:
spec:
deployments:
- name: etcd-operator-v3.1.1
spec:
replicas: 1
selector:
matchLabels:
name: etcd-operator
strategy:
type: Recreate
template:
metadata:
labels:
name: etcd-operator
spec:
containers:
- args:
- /opt/etcd/bin/etcd_operator_run.sh
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.annotations['olm.targetNamespaces']
- name: ETCD_OPERATOR_DEFAULT_ETCD_IMAGE <1>
value: quay.io/etcd-operator/etcd@sha256:13348c15263bd8838ec1d5fc4550ede9860fcbb0f843e48cbccec07810eebb68 <2>
- name: ETCD_LOG_LEVEL
value: INFO
image: quay.io/etcd-operator/operator@sha256:d134a9865524c29fcf75bbc4469013bc38d8a15cb5f41acfddb6b9e492f556e4 <3>
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /healthy
port: 8080
initialDelaySeconds: 10
periodSeconds: 30
name: etcd-operator
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 10
periodSeconds: 30
resources: {}
serviceAccountName: etcd-operator
strategy: deployment
----
<1> Inject the images referenced by the Operator via environment variables.
<2> Specify each image by a digest (SHA), not by an image tag.
<3> Also reference the Operator container image by a digest (SHA), not by an image tag.
. Add the `Disconnected` annotation, which indicates that the Operator works in a
disconnected environment:
+
[source,yaml]
----
metadata:
annotations:
operators.openshift.io/infrastructure-features: '["Disconnected"]'
----
+
Operators can be filtered in OperatorHub by this infrastructure feature.
View Git Blame Copy Permalink