簡單理解 Operator Lifecycle Manager - 1 (OLM)

OpenShift Container Platform 4，使用了大量的 Operator 管理 Kubernetes Resource ，或許這跟 redhat 的推行Kubernetes政策有關吧 xD。

但是這邊會延伸出蛋生雞雞生蛋的問題，那 Operator 要怎麼被管理呢？

redhat 給出了一個解答那就是 Operator Lifecycle Manager 又稱 OLM，使用者透過 Declarative 的方式告訴 OLM ，要建立什麼樣子的 Operator 。

:::info
本篇文章的重點在於 OLM，是用來管理 Operator。
朝著這方面去思考一且都會變得比較簡單！
:::

我們先來看看 OLM 定義了哪些物件給我們使用

OLM CRD

Operator Lifecycle Manager 定義了六個自定義的資源(Custom Resource Definitions,CRD)分別是

CatalogSource
Subscription
ClusterServiceVersion (CSV)
PackageManifest
InstallPlan
OperatorGroup

如果手邊有 OpenShift 或是 OKD 環境的朋友可以試試看以下這個指令，可以看到環境中有這六個 CRD 存在。

1
2
3
4
5
6
7


oc get crd | grep -E 'catalogsource|subscription|clusterserviceversion|packagemanifest|installplan|operatorgroup'
catalogsourceconfigs.operators.coreos.com                   2020-06-20T06:57:36Z
catalogsources.operators.coreos.com                         2020-06-20T06:58:04Z
clusterserviceversions.operators.coreos.com                 2020-06-20T06:57:48Z
installplans.operators.coreos.com                           2020-06-20T06:57:53Z
operatorgroups.operators.coreos.com                         2020-06-20T06:58:12Z
subscriptions.operators.coreos.com                          2020-06-20T06:57:57Z

建立了 CRD 需要有相對應的 Controller 來觀察資源的變化，這六個 OLM CRD 被三個 Controller 所管理分別是 catalog-operator , olm-operator 以及packageserver，可以透過下面這個指令觀察到是否存在你的環境中。

1
2
3
4
5


oc -n openshift-operator-lifecycle-manager get deploy
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
catalog-operator   1/1     1            1           32d
olm-operator       1/1     1            1           32d
packageserver      2/2     2            2           32d

CRD - CatalogSources

簡單的來說 CatalogSources 就是 Operator 的 Repo Source，收集了四種類型的 Operator。

分別是

Certified Operators
在這個 repo 內的 Operator 都有經過 Redhat 的認證，相關的說明可以從Red Hat OpenShift Operator Certification搜尋到。
Community Operators
在這個 repo 內的都是社群提供的，各式各樣的 Operator 可以從 Github找到。
Redhat-marketplace
由 Refhat 與 IBM 共同合作組織給 Enterprise 用的 Repo，相關資料可以查詢 marketplace。
Redhat-operators
這些 Operator 由 Red Hat 發行

我們可以透過指令去看環境上有沒有這幾項 catalogsources 。

1
2
3
4
5


NAME                  DISPLAY               TYPE   PUBLISHER   AGE
certified-operators   Certified Operators   grpc   Red Hat     32d
community-operators   Community Operators   grpc   Red Hat     32d
redhat-marketplace    Red Hat Marketplace   grpc   Red Hat     32d
redhat-operators      Red Hat Operators     grpc   Red Hat     32d

有了這些 Repo 後那怎麼查看 Repo 上的 Operator 那就要用到另外一個 CRD packagemanifests 。

CRD - Packagemanifests

簡單的來說 packagemanifests 就記載了 Operator 部署的相關訊息

我們可以透過指令觀察上面提到的 catalogsources 裡面有多少個 operator 。

Community Operators

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11


oc get packagemanifests -l catalog=certified-operators
NAME                                         CATALOG               AGE
cyberarmor-operator-certified                Certified Operators   32d
kong-offline-operator                        Certified Operators   32d
ibm-spectrum-symphony-operator               Certified Operators   32d
portshift-operator                           Certified Operators   32d
storageos-1tb                                Certified Operators   32d
joget-openshift-operator                     Certified Operators   32d
aqua-operator-certified                      Certified Operators   32d
node-red-operator-certified                  Certified Operators   32d
...

Community Operators

oc get packagemanifests -l catalog=community-operators
NAME                                    CATALOG               AGE
kiali                                   Community Operators   32d
strimzi-kafka-operator                  Community Operators   32d
planetscale                             Community Operators   32d
nsm-operator-registry                   Community Operators   32d
apicurito                               Community Operators   32d
hazelcast-jet-operator                  Community Operators   32d
...

Red Hat Marketplace

1
2
3
4
5
6
7
8


oc get packagemanifests -l catalog=redhat-marketplace
NAME                                      CATALOG               AGE
nxrm-operator-certified-rhmp              Red Hat Marketplace   32d
enterprise-operator-rhmp                  Red Hat Marketplace   32d
storageos-rhmp                            Red Hat Marketplace   32d
cortex-fabric-operator-rhmp               Red Hat Marketplace   32d
portshift-operator-rhmp                   Red Hat Marketplace   32d
here-service-operator-certified-rhmp      Red Hat Marketplace   32d

Red Hat Operators

1
2
3
4
5
6
7
8
9


oc get packagemanifests -l catalog=redhat-operators
NAME                                CATALOG             AGE
rhsso-operator                      Red Hat Operators   32d
amq-broker-rhel8                    Red Hat Operators   32d
advanced-cluster-management         Red Hat Operators   32d
jaeger-product                      Red Hat Operators   32d
fuse-online                         Red Hat Operators   32d
eap                                 Red Hat Operators   32d
kubevirt-hyperconverged             Red Hat Operators   32d

這邊拿一個 community-operators 的 prometheus-exporter-operator yaml 簡單的看一下裡面的內容。

大致上描述了以下幾點

catalog
channels
主要描述了要管理的Operator的相關訊息，詳細內容會在下一篇做介紹

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124


oc get packagemanifests  prometheus-exporter-operator -o yaml
apiVersion: packages.operators.coreos.com/v1
kind: PackageManifest
metadata:
  creationTimestamp: "2020-06-20T07:23:23Z"
  labels:
    catalog: community-operators
    catalog-namespace: openshift-marketplace
    olm-visibility: hidden
    openshift-marketplace: "true"
    operatorframework.io/arch.amd64: supported
    operatorframework.io/os.linux: supported
    opsrc-datastore: "true"
    opsrc-owner-name: community-operators
    opsrc-owner-namespace: openshift-marketplace
    opsrc-provider: community
    provider: Red Hat
    provider-url: ""
  name: prometheus-exporter-operator
  namespace: default
  selfLink: /apis/packages.operators.coreos.com/v1/namespaces/default/packagemanifests/prometheus-exporter-operator
spec: {}
status:
  catalogSource: community-operators
  catalogSourceDisplayName: Community Operators
  catalogSourceNamespace: openshift-marketplace
  catalogSourcePublisher: Red Hat
  channels:
  - currentCSV: prometheus-exporter-operator.v0.2.0
    currentCSVDesc:
      annotations:
        alm-examples: |-
          [
            {
              "apiVersion": "monitoring.3scale.net/v1alpha1",
              "kind": "PrometheusExporter",
              "metadata": {
                "name": "example-memcached"
              },
              "spec": {
                "dbHost": "your-memcached-host",
                "dbPort": 11211,
                "grafanaDashboard": {
                  "label": {
                    "key": "autodiscovery",
                    "value": "enabled"
                  }
                },
                "type": "memcached"
              }
            }
          ]          
        capabilities: Deep Insights
        categories: Monitoring
        certified: "false"
        containerImage: quay.io/3scale/prometheus-exporter-operator:v0.2.0
        createdAt: "2020-06-08 00:00:00"
        description: Operator to setup 3rd party prometheus exporters, with a collection
          of grafana dashboards
        repository: https://github.com/3scale/prometheus-exporter-operator
        support: Red Hat, Inc.
      apiservicedefinitions: {}
      customresourcedefinitions:
        owned:
        - description: Configures a prometheus exporter to monitor a memcached instance
          displayName: PrometheusExporter
          kind: PrometheusExporter
          name: prometheusexporters.monitoring.3scale.net
          version: v1alpha1
      description: |
        A Kubernetes Operator based on the Operator SDK to centralize the setup of 3rd party prometheus exporters on **Kubernetes/OpenShift**, with a collection of grafana dashboards.

        You can setup different prometheus exporters to monitor the internals from different databases, or even any available cloudwatch metric from any AWS Service, by just providing a few parameters like **dbHost** or **dbPort** (operator manages the container image, port, argument, command, volumes... and also prometheus **ServiceMonitor** and **GrafanaDashboard** k8s objects).

        Current prometheus exporters types supported, managed by same prometheus-exporter-operator:
        * memcached
        * redis
        * mysql
        * postgresql
        * sphinx
        * es (elasticsearch)
        * cloudwatch

        The operator manages the lifecycle of the following objects:
        * Deployment (one per CR)
        * Service (one per CR)
        * ServiceMonitor (optional, one per CR)
        * GrafanaDashboard (optional, one per Namespace)

        ### Documentation
        Documentation can be found on our [website](https://github.com/3scale/prometheus-exporter-operator#documentation).

        ### Getting help
        If you encounter any issues while using operator, you can create an issue on our [website](https://github.com/3scale/prometheus-exporter-operator) for bugs, enhancements, or other requests.

        ### Contributing
        You can contribute by:
        * Raising any issues you find using Prometheus Exporter Operator
        * Fixing issues by opening [Pull Requests](https://github.com/3scale/prometheus-exporter-operator/pulls)
        * Submitting a patch or opening a PR
        * Improving [documentation](https://github.com/3scale/prometheus-exporter-operator)
        * Talking about Prometheus Exporter Operator
        All bugs, tasks or enhancements are tracked as [GitHub issues](https://github.com/3scale/prometheus-exporter-operator/issues).

        ### License
        Prometheus Exporter Operator is licensed under the [Apache 2.0 license](https://github.com/3scale/prometheus-exporter-operator/blob/master/LICENSE)        
      displayName: Prometheus Exporter Operator
      installModes:
      - supported: true
        type: OwnNamespace
      - supported: true
        type: SingleNamespace
      - supported: false
        type: MultiNamespace
      - supported: true
        type: AllNamespaces
      provider:
        name: Red Hat
      version: 0.2.0
    name: alpha
  defaultChannel: alpha
  packageName: prometheus-exporter-operator
  provider:
    name: Red Hat

結語

大致上能夠了解 OLM 是用來管理 Operator 的生命週期，加上透過六個自定義的資源( Custom Resource Definitions , CRD )以及三個 Controller去管理整個 Operator 的生態。

使用者可以透過 CatalogSources 所提供的 Repo 下載各式各樣的 PackageManifest (Operator)。

下一篇會針對 OLM 剩下的 CRD 進行間單的介紹，以及從 CatalogSources 下載一個 PackageManifest (Operator) 並且部署到環境中。