ibm / operand-deployment-lifecycle-manager Goto Github PK
View Code? Open in Web Editor NEWManaging the lifecycle for a group of operands
License: Apache License 2.0
Managing the lifecycle for a group of operands
License: Apache License 2.0
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Quay.io is now supporting multiarch image, so it is time to build multiarch image of this operator.
/kind feature
Describe the solution you'd like
Per the design, when users set a service in the OperanRequest, the ODLM should install the service and its dependencies.
This also needs all the services to add the required
section in their CSV with the dependencies.
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
We should use klog
to mange the log of odlm to align with k8s eco-system.
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
FYI @IBM/odlm-maintainers
The latest stable version has more strict checks and will find some potential issue in the code.
operator-sdk generate crds
operator-sdk generate k8s
operator-sdk generate csv
which ./bin/openapi-gen > /dev/null || go build -o ./bin/openapi-gen k8s.io/kube-openapi/cmd/openapi-gen
GOPATH=/tmp ./bin/openapi-gen --logtostderr=true -o "" -i ./pkg/apis/operator/v1alpha1 -O zz_generated.openapi -p ./pkg/apis/operator/v1alpha1/ -h ./hack/boilerplate.go.txt -r "-"
/kind bug
What steps did you take and what happened:
[A clear and concise description of what the bug is.]
When I set an operator to the absent state, after it is deleted, I found it's still in the member list of the status.
apiVersion: operator.ibm.com/v1alpha1
kind: OperandRequest
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: >
{"apiVersion":"operator.ibm.com/v1alpha1","kind":"OperandRequest","metadata":{"annotations":{},"name":"common-service","namespace":"ibm-common-services"},"spec":{"services":[{"name":"ibm-cert-manager-operator","state":"present"},{"name":"ibm-mongodb-operator","state":"present"},{"name":"ibm-iam-operator","state":"present"},{"name":"ibm-management-ingress-operator","state":"absent"},{"name":"ibm-ingress-nginx-operator","state":"absent"},{"name":"ibm-metering-operator","state":"absent"},{"name":"ibm-licensing-operator","state":"absent"},{"name":"ibm-commonui-operator","state":"absent"},{"name":"ibm-healthcheck-operator","state":"present"},{"name":"ibm-auditlogging-operator","state":"absent"},{"name":"ibm-catalog-operator","state":"absent"},{"name":"ibm-platform-api-operator","state":"absent"}]}}
selfLink: >-
/apis/operator.ibm.com/v1alpha1/namespaces/ibm-common-services/operandrequests/common-service
resourceVersion: '9623622'
name: common-service
uid: 5cfb4833-5a8a-11ea-8270-0aa228443300
creationTimestamp: '2020-02-29T00:28:10Z'
generation: 3
namespace: ibm-common-services
finalizers:
- finalizer.request.ibm.com
spec:
services:
- name: ibm-cert-manager-operator
state: absent
- name: ibm-mongodb-operator
state: present
- name: ibm-iam-operator
state: absent
- name: ibm-management-ingress-operator
state: absent
- name: ibm-ingress-nginx-operator
state: absent
- name: ibm-metering-operator
state: absent
- name: ibm-licensing-operator
state: absent
- name: ibm-commonui-operator
state: absent
- name: ibm-healthcheck-operator
state: present
- name: ibm-auditlogging-operator
state: absent
- name: ibm-catalog-operator
state: absent
- name: ibm-platform-api-operator
state: absent
status:
conditions:
- lastTransitionTime: '2020-02-28T19:31:04-05:00'
lastUpdateTime: '2020-02-28T19:31:04-05:00'
message: Creating subscription ibm-cert-manager-operator
reason: Creating subscription
status: 'True'
type: Creating
- lastTransitionTime: '2020-02-28T19:31:04-05:00'
lastUpdateTime: '2020-02-28T19:31:04-05:00'
message: Creating subscription ibm-healthcheck-operator
reason: Creating subscription
status: 'True'
type: Creating
- lastTransitionTime: '2020-02-28T19:31:04-05:00'
lastUpdateTime: '2020-02-28T19:31:04-05:00'
message: Creating subscription ibm-mongodb-operator
reason: Creating subscription
status: 'True'
type: Creating
- lastTransitionTime: '2020-02-28T19:31:05-05:00'
lastUpdateTime: '2020-02-28T19:31:05-05:00'
message: Creating subscription ibm-iam-operator
reason: Creating subscription
status: 'True'
type: Creating
- lastTransitionTime: '2020-02-28T19:37:49-05:00'
lastUpdateTime: '2020-02-28T19:37:49-05:00'
message: Deleting subscription ibm-cert-manager-operator
reason: Deleting subscription
status: 'True'
type: Deleting
- lastTransitionTime: '2020-02-28T19:37:50-05:00'
lastUpdateTime: '2020-02-28T19:37:50-05:00'
message: Deleting csv ibm-cert-manager-operator.v3.7.0
reason: Deleting csv
status: 'True'
type: Deleting
- lastTransitionTime: '2020-02-28T19:40:49-05:00'
lastUpdateTime: '2020-02-28T19:40:49-05:00'
message: Deleting subscription ibm-iam-operator
reason: Deleting subscription
status: 'True'
type: Deleting
- lastTransitionTime: '2020-02-28T19:40:50-05:00'
lastUpdateTime: '2020-02-28T19:40:50-05:00'
message: Deleting csv ibm-iam-operator.v3.5.0
reason: Deleting csv
status: 'True'
type: Deleting
members:
- name: ibm-cert-manager-operator
phase:
operatorPhase: Succeeded
- name: ibm-healthcheck-operator
phase:
operatorPhase: Succeeded
- name: ibm-iam-operator
phase:
operatorPhase: Installing
- name: ibm-mongodb-operator
phase:
operatorPhase: Succeeded
phase: Creating
What did you expect to happen:
The deleted operator can be removed from the status.members
and status.phase
can be updated.
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
kubectl version
):/etc/os-release
):/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Install meta-operator on OCP4.2 then uninstall it.
[root@knolls-inf common-svcs-sert-tests]# oc get sub meta-operator-app -n yhliu
NAME PACKAGE SOURCE CHANNEL
meta-operator-app meta-operator-app opencloud-operators alpha
[root@knolls-inf common-svcs-sert-tests]# oc delete sub meta-operator-app -n yhliu
subscription.operators.coreos.com "meta-operator-app" deleted
[root@knolls-inf common-svcs-sert-tests]# oc delete clusterserviceversion meta-operator.v0.0.1 -n yhliu
clusterserviceversion.operators.coreos.com "meta-operator.v0.0.1" deleted
[root@knolls-inf common-svcs-sert-tests]# oc get pods -n yhliu
NAME READY STATUS RESTARTS AGE
meta-operator-756c747948-b6wcl 0/1 Terminating 0 28h
[root@knolls-inf common-svcs-sert-tests]# oc get pods -n yhliu
No resources found.
[root@knolls-inf common-svcs-sert-tests]# oc get pods -n ibm-cert-manager-operator
NAME READY STATUS RESTARTS AGE
ibm-cert-manager-operator-66f9545ff9-zswgm 1/1 Running 0 26h
[root@knolls-inf common-svcs-sert-tests]# oc get pods -n ibm-licensing-operator
NAME READY STATUS RESTARTS AGE
ibm-licensing-operator-7969d99754-cv54q 1/1 Running 0 18h
[root@knolls-inf common-svcs-sert-tests]#
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
The Operand BindInfo CR identifies a secret and/or configmap information from a deployed operand that should be shared with those creating OperandRequests CRs for the operand. This information is used to interact with the deployed operand.
An example of the Operand BindInfo CR is below:
apiVersion: odlm.ibm.com/v1alpha1
kind: OperandBindInfo
metadata:
name: publiciambinding
spec:
operand: iam
registry: comon-services
description: "Binding information that should be accessible to IAM adopters"
bindings:
- scope: public
secret: iambindsecret
configmap: iamconfigmap
The parameters are described below:
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Please refer to operator-framework/operator-lifecycle-manager#1287 for detail.
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Here is a solution operator-framework/operator-lifecycle-manager#1287 (comment)
the logic is:
Get the list of MetaOperatorCatalog in one namespace, if there are more than one, then log error message and use the first one.
/kind feature
Describe the solution you'd like
the scope can be either public
or private
.
/kind feature
Describe the solution you'd like
When users create an OperandRequest from other namespace and point to the OperandRegistry, then ODLM should install the requested operators.
Here is the link open in the Operator Life Cycle manager. operator-framework/operator-lifecycle-manager#1293
The meta operator is getting adopted by IBM Common services. The issue is to track the final design for the Common services to follow
meta-operator -> operand-deployment-lifecycle-managent
MetaOperatorCatalog -> OperandRegistry
MetaOperatorConfig -> OperandConfigs
MetaOperatorSet -> OperandRequests
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
More clear logs for troubleshooting
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
We can provide an example with https://github.com/kubernetes-sigs/kind
FYI @horis233
Considering we want to make the common service operator as a generic meta operator, so we may need to change the CRD name a bit to make it more generic.
Here are some of my thinking:
Please propose your comments here before we go forward.
/assign @chenzhiwei
/kind feature
When adding an operand after install. the added operand doesn't have operaterPhase.
like:
- name: ibm-monitoring-exporters-operator
phase:
operandPhase: Running
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Currently, the uninstall is implemented by the following steps
But when the operator is a cluster scoped operator, and CSV and CR don't in the same namespace. The uninstall mechanism doesn't work. Therefore, we need to enhance it.
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Steps to uninstall an operator:
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
FYI @horis233 @chenzhiwei @DanielXLee
We need to enable this in Makefile.
https://github.com/operator-framework/operator-sdk/blob/master/doc/test-framework/scorecard.md
Test command:
operator-sdk scorecard -o text --selector='test in (checkspectest,checkstatustest,writingintocrshaseffecttest,bundlevalidationtest,crdshavevalidationtest,crdshaveresourcestest,specdescriptorstest,statusdescriptorstest)'
As we need to list all operator status.
FYI @IBM/cs-operator-maintainers
if not needed, we can remove it.
/cc @IBM/cs-operator-maintainers
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
/kind bug
What steps did you take and what happened:
[A clear and concise description of what the bug is.]
Following the install doc https://github.com/IBM/operand-deployment-lifecycle-manager/blob/master/docs/install/install.md to run ODLM on ocp3.11
On step 1, hit below such error:
[ec2-user@suited-goldfish-ocp-master deploy]$ sudo docker build -t quay.io/opencloudio/operator-registry -f operator-registry.Dockerfile .
Sending build context to Docker daemon 72.7 kB
Step 1/10 : FROM quay.io/operator-framework/upstream-registry-builder as builder
Error parsing reference: "quay.io/operator-framework/upstream-registry-builder as builder" is not a valid repository/tag: invalid reference format
so skip step 1, continue to run step2, seem the quay.io/opencloudio/operator-registry:latest
is too old.
[ec2-user@suited-goldfish-ocp-master ~]$ oc get CatalogSource -n olm
NAME DISPLAY TYPE PUBLISHER AGE
opencloud-operators grpc 3m
operatorhubio-catalog Community Operators grpc OperatorHub.io 6m
[ec2-user@suited-goldfish-ocp-master ~]$ oc get packagemanifest -l catalog=opencloud-operators
NAME CATALOG AGE
meta-operator-app 4m45s
[ec2-user@suited-goldfish-ocp-master ~]$
What did you expect to happen:
Can be running ODLM on ocp3.11
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
kubectl version
):/etc/os-release
):The description field will add some detail for the dependency of the common services.
- name: mongodb
namespace: ibmcs-mongodb
channel: stable-3.3
packageName: mongodb
sourceName: ibmcloud-operators
sourceNamespace: openshift-marketplace
description: < to make sure description includes the dependencies >
https://github.com/operator-framework/operator-courier
Create your Operator Bundle, this is the tgz file you will be uploading to the operator certification portal (see operator-metadata for bundle definition).
This will package up your CSV's/CRD's package manifest
Note: Your zip file should NOT include subdirectories, courier expects this path to contain only the required yaml files.
operator-courier verify --ui_validate_io <path_to_metadata_bundle zip file>
We need a detailed doc with step by step for how to use the cs operator on OCP 4.x
/assign @horis233
/kind bug
An example as follows:
// Tolerations are the pod's tolerations.
// +optional <<<
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
FYI @IBM/odlm-maintainers
@DanielXLee
Currently, we only update the subscription when the channel changes.
https://github.com/IBM/meta-operator/blob/master/pkg/controller/metaoperatorset/reconcile_metaoperatorcatalog.go#L57
Do we need to reconcile metaOperatorCatalog when Package
CatalogSource
and CatalogSourceNamespace
change?
if a user makes a typo on the value CatalogSource
in the metaOperatorConfig, he can't correct it by update metaOperatorCatalog. He has to manually delete the hanging subscription before he corrects the metaOperatorCatalog.
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
The topology would be as this:
contrib
|
| -- ibm-common-services
|
| -- others
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.