etcd
├── manifests
│ ├── etcdcluster.crd.yaml
│ └── etcdoperator.clusterserviceversion.yaml
│ └── secret.yaml
│ └── configmap.yaml
└── metadata
└── annotations.yaml
└── dependencies.yaml
This guide outlines the packaging format for Operators supported by Operator Lifecycle Manager (OLM) in OKD.
Support for the legacy package manifest format for Operators is removed in OKD 4.8 and later. Existing Operator projects in the package manifest format can be migrated to the bundle format by using the Operator SDK |
The bundle format for Operators is a packaging format introduced by the Operator Framework. To improve scalability and to better enable upstream users hosting their own catalogs, the bundle format specification simplifies the distribution of Operator metadata.
An Operator bundle represents a single version of an Operator. On-disk bundle manifests are containerized and shipped as a bundle image, which is a non-runnable container image that stores the Kubernetes manifests and Operator metadata. Storage and distribution of the bundle image is then managed using existing container tools like podman
and docker
and container registries such as Quay.
Operator metadata can include:
Information that identifies the Operator, for example its name and version.
Additional information that drives the UI, for example its icon and some example custom resources (CRs).
Required and provided APIs.
Related images.
When loading manifests into the Operator registry database, the following requirements are validated:
The bundle must have at least one channel defined in the annotations.
Every bundle has exactly one cluster service version (CSV).
If a CSV owns a custom resource definition (CRD), that CRD must exist in the bundle.
Bundle manifests refer to a set of Kubernetes manifests that define the deployment and RBAC model of the Operator.
A bundle includes one CSV per directory and typically the CRDs that define the owned APIs of the CSV in its /manifests
directory.
etcd
├── manifests
│ ├── etcdcluster.crd.yaml
│ └── etcdoperator.clusterserviceversion.yaml
│ └── secret.yaml
│ └── configmap.yaml
└── metadata
└── annotations.yaml
└── dependencies.yaml
The following object types can also be optionally included in the /manifests
directory of a bundle:
ClusterRole
ClusterRoleBinding
ConfigMap
ConsoleYamlSample
PodDisruptionBudget
PriorityClass
PrometheusRule
Role
RoleBinding
Secret
Service
ServiceAccount
ServiceMonitor
VerticalPodAutoscaler
When these optional objects are included in a bundle, Operator Lifecycle Manager (OLM) can create them from the bundle and manage their lifecycle along with the CSV:
When the CSV is deleted, OLM deletes the optional object.
When the CSV is upgraded:
If the name of the optional object is the same, OLM updates it in place.
If the name of the optional object has changed between versions, OLM deletes and recreates it.
A bundle also includes an annotations.yaml
file in its /metadata
directory. This file defines higher level aggregate data that helps describe the format and package information about how the bundle should be added into an index of bundles:
annotations.yaml
annotations:
operators.operatorframework.io.bundle.mediatype.v1: "registry+v1" (1)
operators.operatorframework.io.bundle.manifests.v1: "manifests/" (2)
operators.operatorframework.io.bundle.metadata.v1: "metadata/" (3)
operators.operatorframework.io.bundle.package.v1: "test-operator" (4)
operators.operatorframework.io.bundle.channels.v1: "beta,stable" (5)
operators.operatorframework.io.bundle.channel.default.v1: "stable" (6)
1 | The media type or format of the Operator bundle. The registry+v1 format means it contains a CSV and its associated Kubernetes objects. |
2 | The path in the image to the directory that contains the Operator manifests. This label is reserved for future use and currently defaults to manifests/ . The value manifests.v1 implies that the bundle contains Operator manifests. |
3 | The path in the image to the directory that contains metadata files about the bundle. This label is reserved for future use and currently defaults to metadata/ . The value metadata.v1 implies that this bundle has Operator metadata. |
4 | The package name of the bundle. |
5 | The list of channels the bundle is subscribing to when added into an Operator registry. |
6 | The default channel an Operator should be subscribed to when installed from a registry. |
In case of a mismatch, the |
The dependencies of an Operator are listed in a dependencies.yaml
file in the metadata/
folder of a bundle. This file is optional and currently only used to specify explicit Operator-version dependencies.
The dependency list contains a type
field for each item to specify what kind of dependency this is. There are two supported types of Operator dependencies:
olm.package
: This type indicates a dependency for a specific Operator version. The dependency information must include the package name and the version of the package in semver format. For example, you can specify an exact version such as 0.5.2
or a range of versions such as >0.5.1
.
olm.gvk
: With a gvk
type, the author can specify a dependency with group/version/kind (GVK) information, similar to existing CRD and API-based usage in a CSV. This is a path to enable Operator authors to consolidate all dependencies, API or explicit versions, to be in the same place.
In the following example, dependencies are specified for a Prometheus Operator and etcd CRDs:
dependencies.yaml
filedependencies:
- type: olm.package
value:
packageName: prometheus
version: ">0.27.0"
- type: olm.gvk
value:
group: etcd.database.coreos.com
kind: EtcdCluster
version: v1beta2
The opm
CLI tool is provided by the Operator Framework for use with the Operator bundle format. This tool allows you to create and maintain catalogs of Operators from a list of bundles, called an index, that are similar to software repositories. The result is a container image, called an index image, which can be stored in a container registry and then installed on a cluster.
An index contains a database of pointers to Operator manifest content that can be queried through an included API that is served when the container image is run. On OKD, Operator Lifecycle Manager (OLM) can use the index image as a catalog by referencing it in a CatalogSource
object, which polls the image at regular intervals to enable frequent updates to installed Operators on the cluster.
See CLI tools for steps on installing the opm
CLI.