OpenShift: Operators lifecycle using manifest files

OpenShift install operator manifest

4 min read | by Jordi Prats

With OpenShift we can use a nice UI to install and remove operators, but we can achieve exactly the same using manifests and kubectl (oc)

List available operators

If we want to take a look at what operators we can install on our OpenShift cluster we can list the PackageManifest using kubectl get:

$ kubectl get packagemanifests -n openshift-marketplace
NAME                                                 CATALOG               AGE
citrix-cpx-with-ingress-controller-operator-rhmp     Red Hat Marketplace   10d
rabbitmq-cluster-operator                            Community Operators   10d
postgresql                                           Community Operators   10d
klusterlet-product                                   Red Hat Operators     10d
infrastructure-asset-orchestrator-certified          Certified Operators   10d
proactive-node-scaling-operator                      Community Operators   10d
citrix-ingress-controller-operator-rhmp              Red Hat Marketplace   10d
rhpam-kogito-operator                                Red Hat Operators     10d

By using kubectl describe on any of them we can even get even more details about it under the status key:

$ kubectl describe packagemanifests example-operator -n openshift-marketplace | less
Name:         example-operator
Namespace:    openshift-marketplace
Labels:       catalog=community-operators
              provider=External Secrets
Annotations:  <none>
API Version:
Kind:         PackageManifest
  Creation Timestamp:  2022-10-12T07:53:36Z
  Catalog Source:               community-operators
  Catalog Source Display Name:  Community Operators
  Catalog Source Namespace:     openshift-marketplace
  Catalog Source Publisher:     Red Hat
    Current CSV:  example-operator.v0.1.0
    Current CSV Desc:

Installing an operator

Once we know which operator we want to install, we can create a Subscription object with it's details, such as:

  • Namespace scope: If we want to install it for all the namespaces, we must create the subscription on the openshift-operators namespace, otherwise we'll need to create it on the relevant namespace
  • Name of the channel to subscribe to: There might be several channels available, we'll need to check the PackageManifest to get the exact details

A simple subscription would look like this (All namespaces mode, from the stable channel and with automatic updates)

kind: Subscription
  name: example-operator
  namespace: openshift-operators
  channel: stable
  installPlanApproval: Automatic
  name: example-operator
  source: community-operators
  sourceNamespace: openshift-marketplace

To deploy the operator we can apply it using kubectl:

$ kubectl apply -f example/manifests/subscription.yaml configured

Once applied we'll be able to see a deployment get created in the openshift-operators namespace:

$ kubectl get deploy -n openshift-operators
NAME                                           READY   UP-TO-DATE   AVAILABLE   AGE
example-operator-controller-manager            1/1     1            1           46s
gitops-operator-controller-manager             1/1     1            1           18h

If we want to install a specific version, we'll need to specify the exact version using startingCSV and set the installPlanApproval to Manual to prevent automatic upgrades to later versions:

kind: Subscription
  name: example-operator
  namespace: openshift-operators
  channel: stable
  installPlanApproval: Manual
  name: example-operator
  source: community-operators
  sourceNamespace: openshift-marketplace
  startingCSV: example-operator.v0.1.0

We can also add operator specific options under the spec.config key:

kind: Subscription
    - operator: "Exists"

Uninstalling an operator

To install the operator we just need to create the Subscription object, but to delete it we'll need to delete the ClusterServiceVersion as well.

We can start by deleting the Subscription:

$ kubectl delete -f example/manifests/subscription.yaml "example-operator" deleted

Then we'll need to figure out which is the csv that have been installed (unless it is specified in the Subscription object with startingCSV):

$ kubectl get csv
NAME                                              DISPLAY                       VERSION               REPLACES                                          PHASE
aws-efs-csi-driver-operator.4.10.0-202209280142   AWS EFS CSI Driver Operator   4.10.0-202209280142   aws-efs-csi-driver-operator.4.10.0-202209070827   Succeeded
example-operator.v0.1.0                           Example Operator              0.1.0                 example-operator.v0.0.9                           Succeeded
keda.v2.7.1                                       KEDA                          2.7.1                 keda.v2.6.1                                       Succeeded
openshift-gitops-operator.v1.6.1                  Red Hat OpenShift GitOps      1.6.1                 openshift-gitops-operator.v1.6.0                  Succeeded
route-monitor-operator.v0.1.422-151be96           Route Monitor Operator        0.1.422-151be96       route-monitor-operator.v0.1.408-c2256a2           Succeeded

Once we know which ClusterServiceVersion corresponds with the operator we want to uninstall we can delete it using kubectl delete as usual:

$ kubectl delete csv example-operator.v0.1.0 "example-operator.v0.1.0" deleted

Posted on 24/10/2022