github.com/operator-framework/operator-lifecycle-manager@v0.30.0/deploy/upstream/quickstart/olm.yaml (about)

     1  ---
     2  apiVersion: v1
     3  kind: Namespace
     4  metadata:
     5    name: olm
     6  ---
     7  apiVersion: v1
     8  kind: Namespace
     9  metadata:
    10    name: operators
    11  ---
    12  kind: ServiceAccount
    13  apiVersion: v1
    14  metadata:
    15    name: olm-operator-serviceaccount
    16    namespace: olm
    17  ---
    18  apiVersion: rbac.authorization.k8s.io/v1
    19  kind: ClusterRole
    20  metadata:
    21    name: system:controller:operator-lifecycle-manager
    22  rules:
    23  - apiGroups: ["*"]
    24    resources: ["*"]
    25    verbs: ["*"]
    26  - nonResourceURLs: ["*"]
    27    verbs: ["*"]
    28  ---
    29  apiVersion: rbac.authorization.k8s.io/v1
    30  kind: ClusterRoleBinding
    31  metadata:
    32    name: olm-operator-binding-olm
    33  roleRef:
    34    apiGroup: rbac.authorization.k8s.io
    35    kind: ClusterRole
    36    name: system:controller:operator-lifecycle-manager
    37  subjects:
    38  - kind: ServiceAccount
    39    name: olm-operator-serviceaccount
    40    namespace: olm
    41  ---
    42  apiVersion: apps/v1
    43  kind: Deployment
    44  metadata:
    45    name: olm-operator
    46    namespace: olm
    47    labels:
    48      app: olm-operator
    49  spec:
    50    strategy:
    51      type: RollingUpdate
    52    replicas: 1
    53    selector:
    54      matchLabels:
    55        app: olm-operator
    56    template:
    57      metadata:
    58        labels:
    59          app: olm-operator
    60      spec:
    61        serviceAccountName: olm-operator-serviceaccount
    62        containers:
    63          - name: olm-operator
    64            command:
    65            - /bin/olm
    66            args:
    67            - --namespace
    68            - $(OPERATOR_NAMESPACE)
    69            - --writeStatusName
    70            - ""
    71            image: quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed
    72            imagePullPolicy: IfNotPresent
    73            ports:
    74              - containerPort: 8080
    75              - containerPort: 8081
    76                name: metrics
    77                protocol: TCP
    78            livenessProbe:
    79              httpGet:
    80                path: /healthz
    81                port: 8080
    82            readinessProbe:
    83              httpGet:
    84                path: /healthz
    85                port: 8080
    86            terminationMessagePolicy: FallbackToLogsOnError
    87            env:
    88            - name: OPERATOR_NAMESPACE
    89              valueFrom:
    90                fieldRef:
    91                  fieldPath: metadata.namespace
    92            - name: OPERATOR_NAME
    93              value: olm-operator
    94            resources:
    95              requests:
    96                cpu: 10m
    97                memory: 160Mi
    98        nodeSelector:
    99          kubernetes.io/os: linux
   100  ---
   101  apiVersion: apps/v1
   102  kind: Deployment
   103  metadata:
   104    name: catalog-operator
   105    namespace: olm
   106    labels:
   107      app: catalog-operator
   108  spec:
   109    strategy:
   110      type: RollingUpdate
   111    replicas: 1
   112    selector:
   113      matchLabels:
   114        app: catalog-operator
   115    template:
   116      metadata:
   117        labels:
   118          app: catalog-operator
   119      spec:
   120        serviceAccountName: olm-operator-serviceaccount
   121        containers:
   122          - name: catalog-operator
   123            command:
   124            - /bin/catalog
   125            args:
   126            - '-namespace'
   127            - olm
   128            - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest
   129            - -util-image
   130            -  quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed
   131            image: quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed
   132            imagePullPolicy: IfNotPresent
   133            ports:
   134              - containerPort: 8080
   135              - containerPort: 8081
   136                name: metrics
   137                protocol: TCP
   138            livenessProbe:
   139              httpGet:
   140                path: /healthz
   141                port: 8080
   142            readinessProbe:
   143              httpGet:
   144                path: /healthz
   145                port: 8080
   146            terminationMessagePolicy: FallbackToLogsOnError
   147            resources:
   148              requests:
   149                cpu: 10m
   150                memory: 80Mi
   151        nodeSelector:
   152          kubernetes.io/os: linux
   153  ---
   154  kind: ClusterRole
   155  apiVersion: rbac.authorization.k8s.io/v1
   156  metadata:
   157    name: aggregate-olm-edit
   158    labels:
   159      rbac.authorization.k8s.io/aggregate-to-admin: "true"
   160      rbac.authorization.k8s.io/aggregate-to-edit: "true"
   161  rules:
   162  - apiGroups: ["operators.coreos.com"]
   163    resources: ["subscriptions"]
   164    verbs: ["create", "update", "patch", "delete"]
   165  - apiGroups: ["operators.coreos.com"]
   166    resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"]
   167    verbs: ["delete"]
   168  ---
   169  kind: ClusterRole
   170  apiVersion: rbac.authorization.k8s.io/v1
   171  metadata:
   172    name: aggregate-olm-view
   173    labels:
   174      rbac.authorization.k8s.io/aggregate-to-admin: "true"
   175      rbac.authorization.k8s.io/aggregate-to-edit: "true"
   176      rbac.authorization.k8s.io/aggregate-to-view: "true"
   177  rules:
   178  - apiGroups: ["operators.coreos.com"]
   179    resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"]
   180    verbs: ["get", "list", "watch"]
   181  - apiGroups: ["packages.operators.coreos.com"]
   182    resources: ["packagemanifests", "packagemanifests/icon"]
   183    verbs: ["get", "list", "watch"]
   184  ---
   185  apiVersion: operators.coreos.com/v1
   186  kind: OperatorGroup
   187  metadata:
   188    name: global-operators
   189    namespace: operators
   190  ---
   191  apiVersion: operators.coreos.com/v1
   192  kind: OperatorGroup
   193  metadata:
   194    name: olm-operators
   195    namespace: olm
   196  spec:
   197    targetNamespaces:
   198      - olm
   199  ---
   200  apiVersion: operators.coreos.com/v1alpha1
   201  kind: ClusterServiceVersion
   202  metadata:
   203    name: packageserver
   204    namespace: olm
   205    labels:
   206      olm.version: 0.18.3
   207  spec:
   208    displayName: Package Server
   209    description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion.
   210    minKubeVersion: 1.11.0
   211    keywords: ['packagemanifests', 'olm', 'packages']
   212    maintainers:
   213    - name: Red Hat
   214      email: openshift-operators@redhat.com
   215    provider:
   216      name: Red Hat
   217    links:
   218    - name: Package Server
   219      url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server
   220    installModes:
   221    - type: OwnNamespace
   222      supported: true
   223    - type: SingleNamespace
   224      supported: true
   225    - type: MultiNamespace
   226      supported: true
   227    - type: AllNamespaces
   228      supported: true
   229    install:
   230      strategy: deployment
   231      spec:
   232        clusterPermissions:
   233        - serviceAccountName: olm-operator-serviceaccount
   234          rules:
   235          - apiGroups:
   236              - authorization.k8s.io
   237            resources:
   238              - subjectaccessreviews
   239            verbs:
   240              - create
   241              - get
   242          - apiGroups:
   243            - ""
   244            resources:
   245            - configmaps
   246            verbs:
   247            - get
   248            - list
   249            - watch
   250          - apiGroups:
   251            - "operators.coreos.com"
   252            resources:
   253            - catalogsources
   254            verbs:
   255            - get
   256            - list
   257            - watch
   258          - apiGroups:
   259            - "packages.operators.coreos.com"
   260            resources:
   261            - packagemanifests
   262            verbs:
   263            - get
   264            - list
   265        deployments:
   266        - name: packageserver
   267          spec:
   268            strategy:
   269              type: RollingUpdate
   270              rollingUpdate:
   271                maxUnavailable: 1
   272                maxSurge: 1
   273            replicas: 2
   274            selector:
   275              matchLabels:
   276                app: packageserver
   277            template:
   278              metadata:
   279                labels:
   280                  app: packageserver
   281              spec:
   282                serviceAccountName: olm-operator-serviceaccount
   283                nodeSelector:
   284                  kubernetes.io/os: linux
   285                containers:
   286                - name: packageserver
   287                  command:
   288                  - /bin/package-server
   289                  - -v=4
   290                  - --secure-port
   291                  - "5443"
   292                  - --global-namespace
   293                  - olm
   294                  image: quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed
   295                  imagePullPolicy: Always
   296                  ports:
   297                  - containerPort: 5443
   298                  livenessProbe:
   299                    httpGet:
   300                      scheme: HTTPS
   301                      path: /healthz
   302                      port: 5443
   303                  readinessProbe:
   304                    httpGet:
   305                      scheme: HTTPS
   306                      path: /healthz
   307                      port: 5443
   308                  terminationMessagePolicy: FallbackToLogsOnError
   309                  resources:
   310                    requests:
   311                      cpu: 10m
   312                      memory: 50Mi
   313                  securityContext:
   314                    runAsUser: 1000
   315                  volumeMounts:
   316                  - name: tmpfs
   317                    mountPath: /tmp
   318                volumes:
   319                - name: tmpfs
   320                  emptyDir: {}
   321    maturity: alpha
   322    version: 0.18.3
   323    apiservicedefinitions:
   324      owned:
   325      - group: packages.operators.coreos.com
   326        version: v1
   327        kind: PackageManifest
   328        name: packagemanifests
   329        displayName: PackageManifest
   330        description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps
   331        deploymentName: packageserver
   332        containerPort: 5443
   333  ---
   334  apiVersion: operators.coreos.com/v1alpha1
   335  kind: CatalogSource
   336  metadata:
   337    name: operatorhubio-catalog
   338    namespace: olm
   339  spec:
   340    sourceType: grpc
   341    image: quay.io/operatorhubio/catalog:latest
   342    displayName: Community Operators
   343    publisher: OperatorHub.io
   344    updateStrategy:
   345      registryPoll:
   346        interval: 60m