github.com/argoproj-labs/argocd-operator@v0.10.0/docs/install/openshift.md (about)

     1  # OpenShift Install
     2  
     3  This guide uses [OpenShift 4](https://try.openshift.com/), follow the guide for your platform to install.
     4  
     5  Once the OpenShift cluster is up and running, the operator can be deployed to watch one or more namespaces. The
     6  preferred method to install the operator is using the OpenShift console. The operator can also be installed manually if desired.
     7  
     8  ## Console Install
     9  
    10  The operator is published in the Operator Hub with the OpenShift console. Log into the console using the URL for your
    11  cluster and select the Operators link, then select the OperatorHub link to display the list of operators.
    12  
    13  Select the operator named `Argo CD` and click the **Install** button. You can select the namespace and deploy the operator.
    14  
    15  In addition to the console interface, the [Operator Install][olm_install] section of the OLM Install Guide details the same method using manifests.
    16  
    17  ## Manual Install
    18  
    19  The following steps can be used to manually install the operator in an OpenShift 4.x environment with minimal overhead. Note that these steps generates the manifests using kustomize.
    20  
    21  Several of the steps in this process require the `cluster-admin` ClusterRole or equivalent.
    22  
    23  ### Authenticate
    24  
    25  Once the cluster is up and running, log in as the `cluster-admin` user.
    26  
    27  ```
    28  oc login -u kubeadmin
    29  ```
    30  
    31  !!! info
    32      Make sure you download the source code from release section: https://github.com/argoproj-labs/argocd-operator/releases. Compiling from the source code cloned off main repo may not provide the most stable result.
    33  
    34  ### Namespace
    35  
    36  By default, the operator is installed into the `argocd-operator-system` namespace. To modify this, update the
    37  value of the `namespace` specified in the `config/default/kustomization.yaml` file. 
    38  
    39  ### Conversion Webhook Support
    40  
    41  ArgoCD `v1alpha1` CRD has been **deprecated** starting from **argocd-operator v0.8.0**. To facilitate automatic migration of existing `v1alpha1` ArgoCD CRs to `v1beta1`, conversion webhook support has been introduced.
    42  
    43  By default, the conversion webhook is disabled for the manual(non-OLM) installation of the operator. Users can modify the configurations to enable conversion webhook support using the instructions provided below.
    44  
    45  !!! warning
    46      Enabling the webhook is optional. However, without conversion webhook support, users are responsible for migrating any existing ArgoCD v1alpha1 CRs to v1beta1.
    47  
    48  ##### Enable Webhook Support
    49  
    50  To enable the operator to utilize the `Openshift Service CA Operator` for automated webhook certificate management, add following annotations.
    51  
    52  `config/webhook/service.yaml`
    53  ```yaml
    54  metadata:
    55    name: webhook-service
    56    annotations: 
    57      service.beta.openshift.io/serving-cert-secret-name: webhook-server-cert
    58  ```
    59  
    60  `config/crd/patches/cainjection_in_argocds.yaml`
    61  ```yaml
    62  metadata:
    63    name: argocds.argoproj.io
    64    annotations: 
    65      service.beta.openshift.io/inject-cabundle: true
    66  ```
    67  
    68  Additionally, set the `ENABLE_CONVERSION_WEBHOOK`` environment variable in the operator to enable the conversion webhook.
    69  
    70  `config/default/manager_webhook_patch.yaml`
    71  ```yaml
    72        - name: manager
    73          env:
    74          - name: ENABLE_CONVERSION_WEBHOOK
    75            value: "true"
    76  ```
    77  
    78  ### Deploy Operator
    79  
    80  Deploy the operator. This will create all the necessary resources, including the namespace. For running the make command you need to install go-lang package on your system.
    81  
    82  ```bash
    83  make deploy
    84  ```
    85  
    86  If you want to use your own custom operator container image, you can specify the image name using the `IMG` variable.
    87  
    88  ```bash
    89  make deploy IMG=quay.io/my-org/argocd-operator:latest
    90  ```
    91  
    92  The operator pod should start and enter a `Running` state after a few seconds.
    93  
    94  ```bash
    95  oc get pods -n <argocd-operator-system>
    96  ```
    97  
    98  ```bash
    99  NAME                                                  READY   STATUS    RESTARTS   AGE
   100  argocd-operator-controller-manager-6c449c6998-ts95w   2/2     Running   0          33s
   101  ```
   102  !!! info
   103      If you see `Error: container's runAsUser breaks non-root policy`, means container wants to have admin privilege. run `oc adm policy add-scc-to-user privileged -z default -n argocd-operator-system` to enable admin on the namespace and change the following line in deployment resource: `runAsNonRoot: false`. This is a quick fix to make it running, this is not a suggested approach for *production*.
   104      
   105  ## Usage 
   106  
   107  Once the operator is installed and running, new ArgoCD resources can be created. See the [usage][docs_usage] 
   108  documentation to learn how to create new `ArgoCD` resources.
   109  
   110  ## Cleanup 
   111  
   112  To remove the operator from the cluster, run the following comand. This will remove all resources that were created,
   113  including the namespace.
   114  ```bash
   115  make undeploy
   116  ```
   117  
   118  
   119  
   120  [docs_usage]:../usage/basics.md