github.com/operator-framework/operator-lifecycle-manager@v0.30.0/test/e2e/data/kiali-manifests/1.1.0/kiali.v1.1.0.clusterserviceversion.yaml (about) 1 apiVersion: operators.coreos.com/v1alpha1 2 kind: ClusterServiceVersion 3 metadata: 4 name: kiali-operator.v1.1.0 5 namespace: placeholder 6 annotations: 7 categories: Monitoring,Logging & Tracing 8 certified: "false" 9 containerImage: quay.io/kiali/kiali-operator:v1.1.0 10 capabilities: Basic Install 11 support: Kiali 12 description: "Kiali project provides answers to the questions: What microservices are part of my Istio service mesh and how are they connected?" 13 repository: https://github.com/kiali/kiali 14 createdAt: 2019-06-28T20:09:00Z 15 alm-examples: |- 16 [ 17 { 18 "apiVersion": "kiali.io/v1alpha1", 19 "kind": "Kiali", 20 "metadata": { 21 "name": "kiali" 22 }, 23 "spec": { 24 "installation_tag": "My Kiali", 25 "istio_namespace": "istio-system", 26 "deployment": { 27 "namespace": "istio-system", 28 "verbose_mode": "4", 29 "view_only_mode": false 30 }, 31 "external_services": { 32 "grafana": { 33 "url": "" 34 }, 35 "prometheus": { 36 "url": "" 37 }, 38 "tracing": { 39 "url": "" 40 } 41 }, 42 "server": { 43 "web_root": "/mykiali" 44 } 45 } 46 }, 47 { 48 "apiVersion": "monitoring.kiali.io/v1alpha1", 49 "kind": "MonitoringDashboard", 50 "metadata": { 51 "name": "myappdashboard" 52 }, 53 "spec": { 54 "title": "My App Dashboard", 55 "items": [ 56 { 57 "chart": { 58 "name": "My App Processing Duration", 59 "unit": "seconds", 60 "spans": 6, 61 "metricName": "my_app_duration_seconds", 62 "dataType": "histogram", 63 "aggregations": [ 64 { 65 "label": "id", 66 "displayName": "ID" 67 } 68 ] 69 } 70 } 71 ] 72 } 73 } 74 ] 75 spec: 76 version: 1.1.0 77 maturity: stable 78 replaces: kiali-operator.v0.18.1 79 displayName: Kiali Operator 80 description: |- 81 A Microservice Architecture breaks up the monolith into many smaller pieces that are composed together. Patterns to secure the communication between services like fault tolerance (via timeout, retry, circuit breaking, etc.) have come up as well as distributed tracing to be able to see where calls are going. 82 83 A service mesh can now provide these services on a platform level and frees the application writers from those tasks. Routing decisions are done at the mesh level. 84 85 Kiali works with Istio, in OpenShift or Kubernetes, to visualize the service mesh topology, to provide visibility into features like circuit breakers, request rates and more. It offers insights about the mesh components at different levels, from abstract Applications to Services and Workloads. 86 87 See [https://www.kiali.io](https://www.kiali.io) to read more. 88 89 ### Prerequisites 90 91 Today Kiali works with Istio. So before you install Kiali, you must have already installed Istio. Note that Istio can come pre-bundled with Kiali (specifically if you installed the Istio demo helm profile or if you installed Istio with the helm option '--set kiali.enabled=true'). If you already have the pre-bundled Kiali in your Istio environment and you want to install Kiali via the Kiali Operator, uninstall the pre-bundled Kiali first. You can do this via this command: 92 93 kubectl delete --ignore-not-found=true all,secrets,sa,templates,configmaps,deployments,clusterroles,clusterrolebindings,ingresses,customresourcedefinitions --selector="app=kiali" -n istio-system 94 95 When you install Kiali in a non-OpenShift Kubernetes environment, the authentication strategy will default to `login`. When using the authentication strategy of `login`, you are required to create a Kubernetes Secret with a `username` and `passphrase` that you want users to provide in order to successfully log into Kiali. Here is an example command you can execute to create such a secret (with a username of `admin` and a passphrase of `admin`): 96 97 kubectl create secret generic kiali -n istio-system --from-literal "username=admin" --from-literal "passphrase=admin" 98 99 ### Kiali Custom Resource Configuration Settings 100 101 For quick descriptions of all the settings you can configure in the Kiali Custom Resource (CR), see the file [kiali_cr.yaml](https://github.com/kiali/kiali/blob/v1.1.0/operator/deploy/kiali/kiali_cr.yaml) 102 103 ### Accessing the UI 104 105 By default, the Kiali operator exposes the Kiali UI as a Route on OpenShift or Ingress on Kubernetes. 106 On OpenShift, the default root context path is '/' and on Kubernetes it is '/kiali' though you can change this by configuring the 'web_root' setting in the Kiali CR. 107 icon: 108 - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIyLjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAxMjgwIDEyODAiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDEyODAgMTI4MDsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMwMTMxNDQ7fQoJLnN0MXtmaWxsOiMwMDkzREQ7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04MTAuOSwxODAuOWMtMjUzLjYsMC00NTkuMSwyMDUuNS00NTkuMSw0NTkuMXMyMDUuNSw0NTkuMSw0NTkuMSw0NTkuMVMxMjcwLDg5My42LDEyNzAsNjQwCgkJUzEwNjQuNSwxODAuOSw4MTAuOSwxODAuOXogTTgxMC45LDEwMjkuMmMtMjE1LDAtMzg5LjItMTc0LjMtMzg5LjItMzg5LjJjMC0yMTUsMTc0LjMtMzg5LjIsMzg5LjItMzg5LjJTMTIwMC4xLDQyNSwxMjAwLjEsNjQwCgkJUzEwMjUuOSwxMDI5LjIsODEwLjksMTAyOS4yeiIvPgoJPHBhdGggY2xhc3M9InN0MSIgZD0iTTY1My4zLDI4NGMtMTM2LjQsNjAuNS0yMzEuNiwxOTcuMS0yMzEuNiwzNTZjMCwxNTguOCw5NS4yLDI5NS41LDIzMS42LDM1NmM5OC40LTg3LjEsMTYwLjQtMjE0LjMsMTYwLjQtMzU2CgkJQzgxMy43LDQ5OC4zLDc1MS42LDM3MS4xLDY1My4zLDI4NHoiLz4KCTxwYXRoIGNsYXNzPSJzdDEiIGQ9Ik0zNTEuOCw2NDBjMC0xMDkuOCwzOC42LTIxMC41LDEwMi44LTI4OS41Yy0zOS42LTE4LjItODMuNi0yOC4zLTEzMC0yOC4zQzE1MC45LDMyMi4yLDEwLDQ2NC41LDEwLDY0MAoJCXMxNDAuOSwzMTcuOCwzMTQuNiwzMTcuOGM0Ni4zLDAsOTAuNC0xMC4xLDEzMC0yOC4zQzM5MC4zLDg1MC41LDM1MS44LDc0OS44LDM1MS44LDY0MHoiLz4KPC9nPgo8L3N2Zz4K 109 mediatype: image/svg+xml 110 keywords: ['service-mesh', 'observability', 'monitoring', 'maistra', 'istio'] 111 maintainers: 112 - name: Kiali Developers Google Group 113 email: kiali-dev@googlegroups.com 114 provider: 115 name: Kiali 116 labels: 117 name: kiali-operator 118 selector: 119 matchLabels: 120 name: kiali-operator 121 links: 122 - name: Getting Started Guide 123 url: https://www.kiali.io/documentation/getting-started/ 124 - name: Features 125 url: https://www.kiali.io/documentation/features 126 - name: Documentation Home 127 url: https://www.kiali.io/documentation 128 - name: Blogs and Articles 129 url: https://medium.com/kialiproject 130 - name: Server Source Code 131 url: https://github.com/kiali/kiali 132 - name: UI Source Code 133 url: https://github.com/kiali/kiali-ui 134 installModes: 135 - type: OwnNamespace 136 supported: true 137 - type: SingleNamespace 138 supported: true 139 - type: MultiNamespace 140 supported: false 141 - type: AllNamespaces 142 supported: true 143 customresourcedefinitions: 144 owned: 145 - name: kialis.kiali.io 146 group: kiali.io 147 description: A configuration file for a Kiali installation. 148 displayName: Kiali 149 kind: Kiali 150 version: v1alpha1 151 resources: 152 - kind: Deployment 153 version: apps/v1 154 - kind: Pod 155 version: v1 156 - kind: Service 157 version: v1 158 - kind: ConfigMap 159 version: v1 160 - kind: OAuthClient 161 version: oauth.openshift.io/v1 162 - kind: Route 163 version: route.openshift.io/v1 164 - kind: Ingress 165 version: extensions/v1beta1 166 specDescriptors: 167 - displayName: Authentication Strategy 168 description: "Determines how a user is to log into Kiali. Choose 'login' to use a username and passphrase as defined in a Secret. Choose 'anonymous' to allow full access to Kiali without requiring credentials (use this at your own risk). Choose 'openshift' if on OpenShift to use the OpenShift OAuth login which controls access based on the individual's OpenShift RBAC roles. Default: openshift (when deployed in OpenShift); login (when deployed in Kubernetes)" 169 path: auth.strategy 170 x-descriptors: 171 - 'urn:alm:descriptor:com.tectonic.ui:label' 172 - displayName: Secret Name 173 description: "If Kiali is configured with auth.strategy 'login', an admin must create a Secret with credentials ('username' and 'passphrase') which will be used to authenticate users logging into Kiali. This setting defines the name of that secret. Default: kiali" 174 path: deployment.secret_name 175 x-descriptors: 176 - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:Secret' 177 - displayName: Verbose Mode 178 description: "Determines the priority levels of log messages Kiali will output. Typical values are '3' for INFO and higher priority messages, '4' for DEBUG and higher priority messages (this makes the logs more noisy). Default: 3" 179 path: deployment.verbose_mode 180 x-descriptors: 181 - 'urn:alm:descriptor:com.tectonic.ui:label' 182 - displayName: View Only Mode 183 description: "When true, Kiali will be in 'view only' mode, allowing the user to view and retrieve management and monitoring data for the service mesh, but not allow the user to modify the service mesh. Default: false" 184 path: deployment.view_only_mode 185 x-descriptors: 186 - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' 187 - displayName: Web Root 188 description: "Defines the root context path for the Kiali console, API endpoints and readiness/liveness probes. Default: / (when deployed on OpenShift; /kiali (when deployed on Kubernetes)" 189 path: server.web_root 190 x-descriptors: 191 - 'urn:alm:descriptor:com.tectonic.ui:label' 192 - name: monitoringdashboards.monitoring.kiali.io 193 group: monitoring.kiali.io 194 description: A configuration file for defining an individual metric dashboard. 195 displayName: Monitoring Dashboard 196 kind: MonitoringDashboard 197 version: v1alpha1 198 resources: [] 199 specDescriptors: 200 - displayName: Title 201 description: "The title of the dashboard." 202 path: title 203 x-descriptors: 204 - 'urn:alm:descriptor:com.tectonic.ui:label' 205 apiservicedefinitions: {} 206 install: 207 strategy: deployment 208 spec: 209 deployments: 210 - name: kiali-operator 211 spec: 212 replicas: 1 213 selector: 214 matchLabels: 215 app: kiali-operator 216 version: v1.1.0 217 template: 218 metadata: 219 name: kiali-operator 220 labels: 221 app: kiali-operator 222 version: v1.1.0 223 spec: 224 serviceAccountName: kiali-operator 225 containers: 226 - name: ansible 227 command: 228 - /usr/local/bin/ao-logs 229 - /tmp/ansible-operator/runner 230 - stdout 231 image: quay.io/kiali/kiali-operator:v1.1.0 232 imagePullPolicy: "IfNotPresent" 233 volumeMounts: 234 - mountPath: /tmp/ansible-operator/runner 235 name: runner 236 readOnly: true 237 - name: operator 238 image: quay.io/kiali/kiali-operator:v1.1.0 239 imagePullPolicy: "IfNotPresent" 240 volumeMounts: 241 - mountPath: /tmp/ansible-operator/runner 242 name: runner 243 env: 244 - name: WATCH_NAMESPACE 245 valueFrom: 246 fieldRef: 247 fieldPath: metadata.annotations['olm.targetNamespaces'] 248 - name: POD_NAME 249 valueFrom: 250 fieldRef: 251 fieldPath: metadata.name 252 - name: OPERATOR_NAME 253 value: "kiali-operator" 254 volumes: 255 - name: runner 256 emptyDir: {} 257 clusterPermissions: 258 - rules: 259 - apiGroups: [""] 260 resources: 261 - configmaps 262 - endpoints 263 - events 264 - persistentvolumeclaims 265 - pods 266 - serviceaccounts 267 - services 268 verbs: 269 - create 270 - delete 271 - get 272 - list 273 - patch 274 - update 275 - watch 276 - apiGroups: [""] 277 resources: 278 - namespaces 279 verbs: 280 - get 281 - list 282 - patch 283 - apiGroups: ["apps"] 284 resources: 285 - deployments 286 - replicasets 287 verbs: 288 - create 289 - delete 290 - get 291 - list 292 - patch 293 - update 294 - watch 295 - apiGroups: ["monitoring.coreos.com"] 296 resources: 297 - servicemonitors 298 verbs: 299 - create 300 - get 301 - apiGroups: ["apps"] 302 resourceNames: 303 - kiali-operator 304 resources: 305 - deployments/finalizers 306 verbs: 307 - update 308 - apiGroups: ["kiali.io"] 309 resources: 310 - '*' 311 verbs: 312 - create 313 - delete 314 - get 315 - list 316 - patch 317 - update 318 - watch 319 - apiGroups: ["rbac.authorization.k8s.io"] 320 resources: 321 - clusterrolebindings 322 - clusterroles 323 - rolebindings 324 - roles 325 verbs: 326 - create 327 - delete 328 - get 329 - list 330 - patch 331 - update 332 - watch 333 - apiGroups: ["apiextensions.k8s.io"] 334 resources: 335 - customresourcedefinitions 336 verbs: 337 - get 338 - list 339 - watch 340 - apiGroups: ["extensions"] 341 resources: 342 - ingresses 343 verbs: 344 - create 345 - delete 346 - get 347 - list 348 - patch 349 - update 350 - watch 351 - apiGroups: ["route.openshift.io"] 352 resources: 353 - routes 354 verbs: 355 - create 356 - delete 357 - get 358 - list 359 - patch 360 - update 361 - watch 362 - apiGroups: ["oauth.openshift.io"] 363 resources: 364 - oauthclients 365 verbs: 366 - create 367 - delete 368 - get 369 - list 370 - patch 371 - update 372 - watch 373 - apiGroups: ["monitoring.kiali.io"] 374 resources: 375 - monitoringdashboards 376 verbs: 377 - create 378 - delete 379 - get 380 - list 381 - patch 382 - update 383 - watch 384 # The permissions below are for Kiali itself; operator needs these so it can escalate when creating Kiali's roles 385 - apiGroups: [""] 386 resources: 387 - configmaps 388 - endpoints 389 - namespaces 390 - nodes 391 - pods 392 - pods/log 393 - replicationcontrollers 394 - services 395 verbs: 396 - get 397 - list 398 - watch 399 - apiGroups: ["extensions", "apps"] 400 resources: 401 - deployments 402 - replicasets 403 - statefulsets 404 verbs: 405 - get 406 - list 407 - watch 408 - apiGroups: ["autoscaling"] 409 resources: 410 - horizontalpodautoscalers 411 verbs: 412 - get 413 - list 414 - watch 415 - apiGroups: ["batch"] 416 resources: 417 - cronjobs 418 - jobs 419 verbs: 420 - get 421 - list 422 - watch 423 - apiGroups: ["config.istio.io"] 424 resources: 425 - adapters 426 - apikeys 427 - bypasses 428 - authorizations 429 - checknothings 430 - circonuses 431 - cloudwatches 432 - deniers 433 - dogstatsds 434 - edges 435 - fluentds 436 - handlers 437 - instances 438 - kubernetesenvs 439 - kuberneteses 440 - listcheckers 441 - listentries 442 - logentries 443 - memquotas 444 - metrics 445 - noops 446 - opas 447 - prometheuses 448 - quotas 449 - quotaspecbindings 450 - quotaspecs 451 - rbacs 452 - redisquotas 453 - reportnothings 454 - rules 455 - signalfxs 456 - solarwindses 457 - stackdrivers 458 - statsds 459 - stdios 460 - templates 461 - tracespans 462 - zipkins 463 verbs: 464 - create 465 - delete 466 - get 467 - list 468 - patch 469 - watch 470 - apiGroups: ["networking.istio.io"] 471 resources: 472 - destinationrules 473 - gateways 474 - serviceentries 475 - sidecars 476 - virtualservices 477 verbs: 478 - create 479 - delete 480 - get 481 - list 482 - patch 483 - watch 484 - apiGroups: ["authentication.istio.io"] 485 resources: 486 - meshpolicies 487 - policies 488 verbs: 489 - create 490 - delete 491 - get 492 - list 493 - patch 494 - watch 495 - apiGroups: ["rbac.istio.io"] 496 resources: 497 - clusterrbacconfigs 498 - rbacconfigs 499 - servicerolebindings 500 - serviceroles 501 verbs: 502 - create 503 - delete 504 - get 505 - list 506 - patch 507 - watch 508 - apiGroups: ["apps.openshift.io"] 509 resources: 510 - deploymentconfigs 511 verbs: 512 - get 513 - list 514 - watch 515 - apiGroups: ["project.openshift.io"] 516 resources: 517 - projects 518 verbs: 519 - get 520 - apiGroups: ["route.openshift.io"] 521 resources: 522 - routes 523 verbs: 524 - get 525 - apiGroups: ["monitoring.kiali.io"] 526 resources: 527 - monitoringdashboards 528 verbs: 529 - get 530 - list 531 serviceAccountName: kiali-operator