$ oc -n openshift-operators get subscriptions
To install Red Hat OpenShift service Mesh, first install the Red Hat OpenShift service Mesh Operator and any optional Operators on OpenShift Container Platform. Then create a serviceMeshControlPlane
resource to deploy the control plane.
This basic installation is configured based on the default OpenShift settings and is not designed for production use. Use this default installation to verify your installation, and then configure your service mesh for your specific environment. |
Read the Preparing to install Red Hat OpenShift service Mesh process.
An account with the cluster-admin
role. If you use Red Hat OpenShift Dedicated, you must have an account with the dedicated-admin
role.
The following steps show how to install a basic instance of Red Hat OpenShift service Mesh on OpenShift Container Platform.
Starting with Red Hat OpenShift service Mesh 2.5, Red Hat OpenShift distributed tracing platform (Jaeger) and OpenShift Elasticsearch Operator are deprecated and will be removed in a future release. Red Hat will provide bug fixes and support for these features during the current release lifecycle, but this feature will no longer receive enhancements and will be removed. As an alternative to Red Hat OpenShift distributed tracing platform (Jaeger), you can use Red Hat OpenShift distributed tracing platform (Tempo) instead. |
Red Hat OpenShift service Mesh requires the use of the Red Hat OpenShift service Mesh Operator which allows you to connect, secure, control, and observe the microservices that comprise your applications. You can also install other Operators to enhance your service mesh experience.
Do not install Community versions of the Operators. Community Operators are not supported. |
The following Operator is required:
Allows you to connect, secure, control, and observe the microservices that comprise your applications. It also defines and monitors the serviceMeshControlPlane
resources that manage the deployment, updating, and deletion of the service Mesh components. It is based on the open source Istio project.
The following Operators are optional:
Provides observability for your service mesh. You can view configurations, monitor traffic, and analyze traces in a single console. It is based on the open source Kiali project.
Provides distributed tracing to monitor and troubleshoot transactions in complex distributed systems. It is based on the open source Grafana Tempo project.
The following optional Operators are deprecated:
Starting with Red Hat OpenShift service Mesh 2.5, Red Hat OpenShift distributed tracing platform (Jaeger) and OpenShift Elasticsearch Operator are deprecated and will be removed in a future release. Red Hat will provide bug fixes and support for these features during the current release lifecycle, but these features will no longer receive enhancements and will be removed. As an alternative to Red Hat OpenShift distributed tracing platform (Jaeger), you can use Red Hat OpenShift distributed tracing platform (Tempo) instead. |
Provides distributed tracing to monitor and troubleshoot transactions in complex distributed systems. It is based on the open source Jaeger project.
Provides database storage for tracing and logging with the distributed tracing platform (Jaeger). It is based on the open source Elasticsearch project.
To install Red Hat OpenShift service Mesh, you must install the Red Hat OpenShift service Mesh Operator. Repeat the procedure for each additional Operator you want to install.
Additional Operators include:
Kiali Operator provided by Red Hat
Tempo Operator
Deprecated additional Operators include:
Starting with Red Hat OpenShift service Mesh 2.5, Red Hat OpenShift distributed tracing platform (Jaeger) and OpenShift Elasticsearch Operator are deprecated and will be removed in a future release. Red Hat will provide bug fixes and support for these features during the current release lifecycle, but this feature will no longer receive enhancements and will be removed. As an alternative to Red Hat OpenShift distributed tracing platform (Jaeger), you can use Red Hat OpenShift distributed tracing platform (Tempo) instead. |
Red Hat OpenShift distributed tracing platform (Jaeger)
OpenShift Elasticsearch Operator
If you have already installed the OpenShift Elasticsearch Operator as part of OpenShift Logging, you do not need to install the OpenShift Elasticsearch Operator again. The Red Hat OpenShift distributed tracing platform (Jaeger) Operator creates the Elasticsearch instance using the installed OpenShift Elasticsearch Operator. |
Log in to the OpenShift Container Platform web console as a user with the cluster-admin
role.
In the OpenShift Container Platform web console, click Operators → OperatorHub.
Type the name of the Operator into the filter box and select the Red Hat version of the Operator. Community versions of the Operators are not supported.
Click Install.
On the Install Operator page for each Operator, accept the default settings.
Click Install. Wait until the Operator installs before repeating the steps for the next Operator you want to install.
The Red Hat OpenShift service Mesh Operator installs in the openshift-operators
namespace and is available for all namespaces in the cluster.
The Kiali Operator provided by Red Hat installs in the openshift-operators
namespace and is available for all namespaces in the cluster.
The Tempo Operator installs in the openshift-tempo-operator
namespace and is available for all namespaces in the cluster.
The Red Hat OpenShift distributed tracing platform (Jaeger) installs in the openshift-distributed-tracing
namespace and is available for all namespaces in the cluster.
Starting with Red Hat OpenShift service Mesh 2.5, Red Hat OpenShift distributed tracing platform (Jaeger) is deprecated and will be removed in a future release. Red Hat will provide bug fixes and support for this feature during the current release lifecycle, but this feature will no longer receive enhancements and will be removed. As an alternative to Red Hat OpenShift distributed tracing platform (Jaeger), you can use Red Hat OpenShift distributed tracing platform (Tempo) instead. |
The OpenShift Elasticsearch Operator installs in the openshift-operators-redhat
namespace and is available for all namespaces in the cluster.
Starting with Red Hat OpenShift service Mesh 2.5, OpenShift Elasticsearch Operator is deprecated and will be removed in a future release. Red Hat will provide bug fixes and support for this feature during the current release lifecycle, but this feature will no longer receive enhancements and will be removed. |
After all you have installed all four Operators, click Operators → Installed Operators to verify that your Operators are installed.
This task should only be performed if the service Mesh Operator runs on an infrastructure node.
If the operator will run on a worker node, skip this task.
The service Mesh Operator must be installed.
One of the nodes comprising the deployment must be an infrastructure node. For more information, see "Creating infrastructure machine sets."
List the operators installed in the namespace:
$ oc -n openshift-operators get subscriptions
Edit the service Mesh Operator Subscription
resource to specify where the operator should run:
$ oc -n openshift-operators edit subscription <name> (1)
1 | <name> represents the name of the Subscription resource. The default name of the Subscription resource is servicemeshoperator . |
Add the nodeSelector
and tolerations
to spec.config
in the Subscription
resource:
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
labels:
operators.coreos.com/servicemeshoperator.openshift-operators: ""
name: servicemeshoperator
namespace: openshift-operators
# ...
spec:
config:
nodeSelector: (1)
node-role.kubernetes.io/infra: ""
tolerations: (2)
- effect: NoSchedule
key: node-role.kubernetes.io/infra
value: reserved
- effect: NoExecute
key: node-role.kubernetes.io/infra
value: reserved
1 | Ensures that the operator pod is only scheduled on an infrastructure node. |
2 | Ensures that the pod is accepted by the infrastructure node. |
Verify that the node associated with the Operator pod is an infrastructure node:
$ oc -n openshift-operators get po -l name=istio-operator -owide
The Red Hat OpenShift service Mesh Operator does not create the service Mesh custom resource definitions (CRDs) until you deploy a service Mesh control plane. You can use the serviceMeshControlPlane
resource to install and configure the service Mesh components. For more information, see Creating the serviceMeshControlPlane.