The software described in this documentation is either no longer supported or is in extended support.
Oracle recommends that you upgrade to a current supported release.

Chapter 9 Using Operators with Kubernetes

This chapter discusses how to install and use the Operator Lifecycle Manager module for Oracle Cloud Native Environment to install and manage operators in a Kubernetes cluster.

A Kubernetes operator is a design pattern that allows you to write code to automate tasks and extend Kubernetes. It is a set of concepts you can use to define a service for Kubernetes and helps to automate administrative services in Kubernetes.

The Operator Lifecycle Manager module installs an instance Operator Lifecycle Manager into a Kubernetes cluster, which you can use to manage the installation and lifecycle management of operators in a Kubernetes cluster. The Operator Lifecycle Manager is essentially a package manager that interacts with operator registries. For more information about the Operator Lifecycle Manager, see the upstream documentation at:

https://olm.operatorframework.io/

OperatorHub is an operator registry that contains upstream Kubernetes operators that you can use to deploy operators in your cluster. The OperatorHub is at:

https://operatorhub.io/

Operator Lifecycle Manager in many ways performs the same tasks as Helm. A major additional feature that Operator Lifecycle Manager provides is that it has built-in support to validate Custom Resource Definitions (CRDs) inside Kubernetes software. Operators with CRDs can use these to make sure dependencies are met and no interfaces are duplicated. Otherwise, Operator Lifecycle Manager manages deployments in a similar way to Helm.

9.1 Installing the Operator Lifecycle Manager Module

The Operator Lifecycle Manager is installed into a Kubernetes cluster as an Oracle Cloud Native Environment module.

To install the Operator Lifecycle Manager module:

1. If you do not already have the Helm module installed in the cluster, you must install it. On the operator node, use the olcnectl module create command to create the Helm module. Specify the name of the Kubernetes module with the --helm-kubernetes-module option.

   olcnectl module create \
   --environment-name myenvironment \
   --module helm \
   --name myhelm \
   --helm-kubernetes-module mycluster

   Use the olcnectl module install command to install the Helm module:

   olcnectl module install \
   --environment-name myenvironment \
   --name myhelm

2. Use the olcnectl module create command to create the Operator Lifecycle Manager module. Specify the name of the Helm module with the --olm-helm-module option.

   olcnectl module create \
   --environment-name myenvironment \
   --module operator-lifecycle-manager \
   --name myolm \
   --olm-helm-module myhelm

3. Use the olcnectl module install command to install the Operator Lifecycle Manager module:

   olcnectl module install \
   --environment-name myenvironment \
   --name myolm 

   The Operator Lifecycle Manager module is deployed and the required containers are running in the operator-lifecycle-manager namespace.

9.2 Verifying the Operator Lifecycle Manager Module Deployment

You can verify the Operator Lifecycle Manager module is deployed and the required deployments are running in the operator-lifecycle-manager namespace. To verify the containers are deployed, use the kubectl command on a control plane node.

To verify the required containers are running, list the deployments running in the operator-lifecycle-manager namespace. You should see similar results to those shown here:

kubectl get deploy -n operator-lifecycle-manager
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
catalog-operator   1/1     1            1           2m36s
olm-operator       1/1     1            1           2m36s
packageserver      2/2     2            2           2m30s

You can also review information about the Operator Lifecycle Manager module and its properties.

Use the olcnectl module report command to review information about the module.

For example, use the following command to review the Operator Lifecycle Manager module named myolm in myenvironment:

olcnectl module report \
--environment-name myenvironment \
--name mycluster \
--children

For more information on the syntax for the olcnectl module report command, see Platform Command-Line Interface.

9.3 Listing Operator Registries

You can show the available operator registries using the kubectl command on a control plane node:

kubectl get catalogsource -n operator-lifecycle-manager 
NAME                    DISPLAY               TYPE   PUBLISHER        AGE
operatorhubio-catalog   Community Operators   grpc   OperatorHub.io   3m35s

The OperatorHub registry is shown in the output. This is the default operator registry.

The OperatorHub provides examples of the text to use for your operator manifest files. On each operator's page on OperatorHub, there are example YAML files to create operator manifest files.

9.4 Installing Operators

To see all the operators that can be installed, use the kubectl command on a control plane node:

kubectl get packagemanifest 
NAME                                       CATALOG               AGE
vault                                      Community Operators   3m22s
submariner                                 Community Operators   3m22s
credstash-operator                         Community Operators   3m22s
eunomia                                    Community Operators   3m22s
ibm-block-csi-operator-community           Community Operators   3m22s
...

A list of the upstream operators available on OperatorHub are displayed. These are all available to be installed by the Operator Lifecycle Manager.

When you have decided on the operator name and catalog, you need to create the Kubernetes resources that tell Operator Lifecycle Manager how to install the operator. Two resources must be created: an OperatorGroup and a Subscription. If a new namespace is being created, you can create the Namespace in the same operator manifest file.

You can download starter operator manifest files for operators from the OperatorHub.

This example shows you how to create an etcd operator which is pulled from the OperatorHub.

To create an operator:

1. In a web browser, go to the OperatorHub and find the name of the operator you want to install. The OperatorHub is at:

   https://operatorhub.io/

   This example uses the etcd operator at:

   https://operatorhub.io/operator/etcd

   Click Install.

   A dialog is displayed that shows the kubectl create command to deploy the operator. For example:

   kubectl create -f https://operatorhub.io/install/etcd.yaml

   Copy the URL in this command that contains the operator manifest YAML file.

2. On a control plane node, download the etcd operator manifest YAML file from the OperatorHub:

   curl --remote-name https://operatorhub.io/install/etcd.yaml

3. You can edit this manifest YAML file to suit your needs. At the time of writing, this file contained the information required to create a Namespace, OperatorGroup and Subscription for the etcd operator:

   apiVersion: v1
   kind: Namespace
   metadata:
     name: my-etcd
   ---
   apiVersion: operators.coreos.com/v1
   kind: OperatorGroup
   metadata:
     name: operatorgroup
     namespace: my-etcd
   spec:
     targetNamespaces:
     - my-etcd
   ---
   apiVersion: operators.coreos.com/v1alpha1
   kind: Subscription
   metadata:
     name: my-etcd
     namespace: my-etcd
   spec:
     channel: singlenamespace-alpha
     name: etcd
     source: operatorhubio-catalog
     sourceNamespace: olm

   Edit this file to change the sourceNamespace from olm to operator-lifecycle-manager in the Subscription section so that it works properly with Operator Lifecycle Manager. Operator Lifecycle Manager runs in the operator-lifecycle-manager namespace, which is different to the upstream namespace.

   ---
   apiVersion: operators.coreos.com/v1alpha1
   kind: Subscription
   metadata:
     name: my-etcd
     namespace: my-etcd
   spec:
     channel: singlenamespace-alpha
     name: etcd
     source: operatorhubio-catalog
     sourceNamespace: operator-lifecycle-manager

4. Use the kubectl apply command to deploy the etcd operator.

   kubectl apply -f etcd.yaml
   namespace/my-etcd created
   operatorgroup.operators.coreos.com/operatorgroup created
   subscription.operators.coreos.com/my-etcd created

   The operator is deployed into the namespace set in the operator manifest file, which in this example is my-etcd.

5. You can see the operator's ClusterServiceVersion information using:

   kubectl get csv -n my-etcd
   NAME                  DISPLAY   VERSION   REPLACES              PHASE
   etcdoperator.v0.9.4   etcd      0.9.4     etcdoperator.v0.9.2   Succeeded

6. You can see the operator pods are running using:

   kubectl get pods -n my-etcd
   NAME                             READY   STATUS    RESTARTS   AGE
   etcd-operator-75fb7df8b5-42k7b   3/3     Running   0          5m45s

9.5 Removing Operators

To remove an operator and uninstall it, delete the Kubernetes resources. For example, on a control plane node, use the kubectl delete command to delete the operator:

kubectl delete -f etcd.yaml
namespace "my-etcd" deleted
operatorgroup.operators.coreos.com "operatorgroup" deleted
subscription.operators.coreos.com "my-etcd" deleted

9.6 Uninstalling the Operator Lifecycle Manager Module

To uninstall the Operator Lifecycle Manager module, uninstall the module using the olcnectl module uninstall command. For example:

olcnectl module uninstall \
--environment-name myenvironment \
--name myolm

You can also uninstall the Helm module if you no longer require it.

olcnectl module uninstall \
--environment-name myenvironment \
--name myhelm

Copyright © 2019, 2023, Oracle and/or its affiliates.