github.com/operator-framework/operator-lifecycle-manager@v0.30.0/test/e2e/data/kiali-manifests/1.3.1/kiali.v1.3.1.clusterserviceversion.yaml (about) 1 apiVersion: operators.coreos.com/v1alpha1 2 kind: ClusterServiceVersion 3 metadata: 4 name: kiali-operator.v1.3.1 5 namespace: placeholder 6 annotations: 7 categories: Monitoring,Logging & Tracing 8 certified: "false" 9 containerImage: quay.io/kiali/kiali-operator:v1.3.1 10 capabilities: Basic Install 11 support: Kiali 12 description: "Kiali project provides answers to the questions: What microservices are part of my Istio service mesh and how are they connected?" 13 repository: https://github.com/kiali/kiali 14 createdAt: 2019-08-12T00:00:00Z 15 alm-examples: |- 16 [ 17 { 18 "apiVersion": "kiali.io/v1alpha1", 19 "kind": "Kiali", 20 "metadata": { 21 "name": "kiali" 22 }, 23 "spec": { 24 "installation_tag": "My Kiali", 25 "istio_namespace": "istio-system", 26 "deployment": { 27 "namespace": "istio-system", 28 "verbose_mode": "4", 29 "view_only_mode": false 30 }, 31 "external_services": { 32 "grafana": { 33 "url": "" 34 }, 35 "prometheus": { 36 "url": "" 37 }, 38 "tracing": { 39 "url": "" 40 } 41 }, 42 "server": { 43 "web_root": "/mykiali" 44 } 45 } 46 }, 47 { 48 "apiVersion": "monitoring.kiali.io/v1alpha1", 49 "kind": "MonitoringDashboard", 50 "metadata": { 51 "name": "myappdashboard" 52 }, 53 "spec": { 54 "title": "My App Dashboard", 55 "items": [ 56 { 57 "chart": { 58 "name": "My App Processing Duration", 59 "unit": "seconds", 60 "spans": 6, 61 "metricName": "my_app_duration_seconds", 62 "dataType": "histogram", 63 "aggregations": [ 64 { 65 "label": "id", 66 "displayName": "ID" 67 } 68 ] 69 } 70 } 71 ] 72 } 73 } 74 ] 75 spec: 76 version: 1.3.1 77 maturity: stable 78 replaces: kiali-operator.v1.1.0 79 displayName: Kiali Operator 80 description: |- 81 A Microservice Architecture breaks up the monolith into many smaller pieces that are composed together. Patterns to secure the communication between services like fault tolerance (via timeout, retry, circuit breaking, etc.) have come up as well as distributed tracing to be able to see where calls are going. 82 83 A service mesh can now provide these services on a platform level and frees the application writers from those tasks. Routing decisions are done at the mesh level. 84 85 Kiali works with Istio, in OpenShift or Kubernetes, to visualize the service mesh topology, to provide visibility into features like circuit breakers, request rates and more. It offers insights about the mesh components at different levels, from abstract Applications to Services and Workloads. 86 87 See [https://www.kiali.io](https://www.kiali.io) to read more. 88 89 ### Prerequisites 90 91 Today Kiali works with Istio. So before you install Kiali, you must have already installed Istio. Note that Istio can come pre-bundled with Kiali (specifically if you installed the Istio demo helm profile or if you installed Istio with the helm option '--set kiali.enabled=true'). If you already have the pre-bundled Kiali in your Istio environment and you want to install Kiali via the Kiali Operator, uninstall the pre-bundled Kiali first. You can do this via this command: 92 93 kubectl delete --ignore-not-found=true all,secrets,sa,templates,configmaps,deployments,clusterroles,clusterrolebindings,ingresses,customresourcedefinitions --selector="app=kiali" -n istio-system 94 95 When you install Kiali in a non-OpenShift Kubernetes environment, the authentication strategy will default to `login`. When using the authentication strategy of `login`, you are required to create a Kubernetes Secret with a `username` and `passphrase` that you want users to provide in order to successfully log into Kiali. Here is an example command you can execute to create such a secret (with a username of `admin` and a passphrase of `admin`): 96 97 kubectl create secret generic kiali -n istio-system --from-literal "username=admin" --from-literal "passphrase=admin" 98 99 ### Kiali Custom Resource Configuration Settings 100 101 For quick descriptions of all the settings you can configure in the Kiali Custom Resource (CR), see the file [kiali_cr.yaml](https://github.com/kiali/kiali/blob/v1.3.1/operator/deploy/kiali/kiali_cr.yaml) 102 103 ### Accessing the UI 104 105 By default, the Kiali operator exposes the Kiali UI as a Route on OpenShift or Ingress on Kubernetes. 106 On OpenShift, the default root context path is '/' and on Kubernetes it is '/kiali' though you can change this by configuring the 'web_root' setting in the Kiali CR. 107 icon: 108 - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIyLjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAxMjgwIDEyODAiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDEyODAgMTI4MDsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMwMTMxNDQ7fQoJLnN0MXtmaWxsOiMwMDkzREQ7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04MTAuOSwxODAuOWMtMjUzLjYsMC00NTkuMSwyMDUuNS00NTkuMSw0NTkuMXMyMDUuNSw0NTkuMSw0NTkuMSw0NTkuMVMxMjcwLDg5My42LDEyNzAsNjQwCgkJUzEwNjQuNSwxODAuOSw4MTAuOSwxODAuOXogTTgxMC45LDEwMjkuMmMtMjE1LDAtMzg5LjItMTc0LjMtMzg5LjItMzg5LjJjMC0yMTUsMTc0LjMtMzg5LjIsMzg5LjItMzg5LjJTMTIwMC4xLDQyNSwxMjAwLjEsNjQwCgkJUzEwMjUuOSwxMDI5LjIsODEwLjksMTAyOS4yeiIvPgoJPHBhdGggY2xhc3M9InN0MSIgZD0iTTY1My4zLDI4NGMtMTM2LjQsNjAuNS0yMzEuNiwxOTcuMS0yMzEuNiwzNTZjMCwxNTguOCw5NS4yLDI5NS41LDIzMS42LDM1NmM5OC40LTg3LjEsMTYwLjQtMjE0LjMsMTYwLjQtMzU2CgkJQzgxMy43LDQ5OC4zLDc1MS42LDM3MS4xLDY1My4zLDI4NHoiLz4KCTxwYXRoIGNsYXNzPSJzdDEiIGQ9Ik0zNTEuOCw2NDBjMC0xMDkuOCwzOC42LTIxMC41LDEwMi44LTI4OS41Yy0zOS42LTE4LjItODMuNi0yOC4zLTEzMC0yOC4zQzE1MC45LDMyMi4yLDEwLDQ2NC41LDEwLDY0MAoJCXMxNDAuOSwzMTcuOCwzMTQuNiwzMTcuOGM0Ni4zLDAsOTAuNC0xMC4xLDEzMC0yOC4zQzM5MC4zLDg1MC41LDM1MS44LDc0OS44LDM1MS44LDY0MHoiLz4KPC9nPgo8L3N2Zz4K 109 mediatype: image/svg+xml 110 keywords: ['service-mesh', 'observability', 'monitoring', 'maistra', 'istio'] 111 maintainers: 112 - name: Kiali Developers Google Group 113 email: kiali-dev@googlegroups.com 114 provider: 115 name: Kiali 116 labels: 117 name: kiali-operator 118 selector: 119 matchLabels: 120 name: kiali-operator 121 links: 122 - name: Getting Started Guide 123 url: https://www.kiali.io/documentation/getting-started/ 124 - name: Features 125 url: https://www.kiali.io/documentation/features 126 - name: Documentation Home 127 url: https://www.kiali.io/documentation 128 - name: Blogs and Articles 129 url: https://medium.com/kialiproject 130 - name: Server Source Code 131 url: https://github.com/kiali/kiali 132 - name: UI Source Code 133 url: https://github.com/kiali/kiali-ui 134 installModes: 135 - type: OwnNamespace 136 supported: true 137 - type: SingleNamespace 138 supported: true 139 - type: MultiNamespace 140 supported: false 141 - type: AllNamespaces 142 supported: true 143 customresourcedefinitions: 144 owned: 145 - name: kialis.kiali.io 146 group: kiali.io 147 description: A configuration file for a Kiali installation. 148 displayName: Kiali 149 kind: Kiali 150 version: v1alpha1 151 resources: 152 - kind: Deployment 153 version: apps/v1 154 - kind: Pod 155 version: v1 156 - kind: Service 157 version: v1 158 - kind: ConfigMap 159 version: v1 160 - kind: OAuthClient 161 version: oauth.openshift.io/v1 162 - kind: Route 163 version: route.openshift.io/v1 164 - kind: Ingress 165 version: extensions/v1beta1 166 specDescriptors: 167 - displayName: Authentication Strategy 168 description: "Determines how a user is to log into Kiali. Choose 'login' to use a username and passphrase as defined in a Secret. Choose 'anonymous' to allow full access to Kiali without requiring credentials (use this at your own risk). Choose 'openshift' if on OpenShift to use the OpenShift OAuth login which controls access based on the individual's OpenShift RBAC roles. Default: openshift (when deployed in OpenShift); login (when deployed in Kubernetes)" 169 path: auth.strategy 170 x-descriptors: 171 - 'urn:alm:descriptor:com.tectonic.ui:label' 172 - displayName: Kiali Namespace 173 description: "The namespace where Kiali and its associated resources will be created. Default: istio-system" 174 path: deployment.namespace 175 x-descriptors: 176 - 'urn:alm:descriptor:com.tectonic.ui:label' 177 - displayName: Secret Name 178 description: "If Kiali is configured with auth.strategy 'login', an admin must create a Secret with credentials ('username' and 'passphrase') which will be used to authenticate users logging into Kiali. This setting defines the name of that secret. Default: kiali" 179 path: deployment.secret_name 180 x-descriptors: 181 - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:Secret' 182 - displayName: Verbose Mode 183 description: "Determines the priority levels of log messages Kiali will output. Typical values are '3' for INFO and higher priority messages, '4' for DEBUG and higher priority messages (this makes the logs more noisy). Default: 3" 184 path: deployment.verbose_mode 185 x-descriptors: 186 - 'urn:alm:descriptor:com.tectonic.ui:label' 187 - displayName: View Only Mode 188 description: "When true, Kiali will be in 'view only' mode, allowing the user to view and retrieve management and monitoring data for the service mesh, but not allow the user to modify the service mesh. Default: false" 189 path: deployment.view_only_mode 190 x-descriptors: 191 - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' 192 - displayName: Web Root 193 description: "Defines the root context path for the Kiali console, API endpoints and readiness/liveness probes. Default: / (when deployed on OpenShift; /kiali (when deployed on Kubernetes)" 194 path: server.web_root 195 x-descriptors: 196 - 'urn:alm:descriptor:com.tectonic.ui:label' 197 - name: monitoringdashboards.monitoring.kiali.io 198 group: monitoring.kiali.io 199 description: A configuration file for defining an individual metric dashboard. 200 displayName: Monitoring Dashboard 201 kind: MonitoringDashboard 202 version: v1alpha1 203 resources: [] 204 specDescriptors: 205 - displayName: Title 206 description: "The title of the dashboard." 207 path: title 208 x-descriptors: 209 - 'urn:alm:descriptor:com.tectonic.ui:label' 210 apiservicedefinitions: {} 211 install: 212 strategy: deployment 213 spec: 214 deployments: 215 - name: kiali-operator 216 spec: 217 replicas: 1 218 selector: 219 matchLabels: 220 app: kiali-operator 221 version: v1.3.1 222 template: 223 metadata: 224 name: kiali-operator 225 labels: 226 app: kiali-operator 227 version: v1.3.1 228 spec: 229 serviceAccountName: kiali-operator 230 containers: 231 - name: ansible 232 command: 233 - /usr/local/bin/ao-logs 234 - /tmp/ansible-operator/runner 235 - stdout 236 image: quay.io/kiali/kiali-operator:v1.3.1 237 imagePullPolicy: "IfNotPresent" 238 volumeMounts: 239 - mountPath: /tmp/ansible-operator/runner 240 name: runner 241 readOnly: true 242 - name: operator 243 image: quay.io/kiali/kiali-operator:v1.3.1 244 imagePullPolicy: "IfNotPresent" 245 volumeMounts: 246 - mountPath: /tmp/ansible-operator/runner 247 name: runner 248 env: 249 - name: WATCH_NAMESPACE 250 valueFrom: 251 fieldRef: 252 fieldPath: metadata.annotations['olm.targetNamespaces'] 253 - name: POD_NAME 254 valueFrom: 255 fieldRef: 256 fieldPath: metadata.name 257 - name: OPERATOR_NAME 258 value: "kiali-operator" 259 volumes: 260 - name: runner 261 emptyDir: {} 262 clusterPermissions: 263 - rules: 264 - apiGroups: [""] 265 resources: 266 - configmaps 267 - endpoints 268 - events 269 - persistentvolumeclaims 270 - pods 271 - serviceaccounts 272 - services 273 verbs: 274 - create 275 - delete 276 - get 277 - list 278 - patch 279 - update 280 - watch 281 - apiGroups: [""] 282 resources: 283 - namespaces 284 verbs: 285 - get 286 - list 287 - patch 288 - apiGroups: ["apps"] 289 resources: 290 - deployments 291 - replicasets 292 verbs: 293 - create 294 - delete 295 - get 296 - list 297 - patch 298 - update 299 - watch 300 - apiGroups: ["monitoring.coreos.com"] 301 resources: 302 - servicemonitors 303 verbs: 304 - create 305 - get 306 - apiGroups: ["apps"] 307 resourceNames: 308 - kiali-operator 309 resources: 310 - deployments/finalizers 311 verbs: 312 - update 313 - apiGroups: ["kiali.io"] 314 resources: 315 - '*' 316 verbs: 317 - create 318 - delete 319 - get 320 - list 321 - patch 322 - update 323 - watch 324 - apiGroups: ["rbac.authorization.k8s.io"] 325 resources: 326 - clusterrolebindings 327 - clusterroles 328 - rolebindings 329 - roles 330 verbs: 331 - create 332 - delete 333 - get 334 - list 335 - patch 336 - update 337 - watch 338 - apiGroups: ["apiextensions.k8s.io"] 339 resources: 340 - customresourcedefinitions 341 verbs: 342 - get 343 - list 344 - watch 345 - apiGroups: ["extensions"] 346 resources: 347 - ingresses 348 verbs: 349 - create 350 - delete 351 - get 352 - list 353 - patch 354 - update 355 - watch 356 - apiGroups: ["route.openshift.io"] 357 resources: 358 - routes 359 verbs: 360 - create 361 - delete 362 - get 363 - list 364 - patch 365 - update 366 - watch 367 - apiGroups: ["oauth.openshift.io"] 368 resources: 369 - oauthclients 370 verbs: 371 - create 372 - delete 373 - get 374 - list 375 - patch 376 - update 377 - watch 378 - apiGroups: ["monitoring.kiali.io"] 379 resources: 380 - monitoringdashboards 381 verbs: 382 - create 383 - delete 384 - get 385 - list 386 - patch 387 - update 388 - watch 389 # The permissions below are for Kiali itself; operator needs these so it can escalate when creating Kiali's roles 390 - apiGroups: [""] 391 resources: 392 - configmaps 393 - endpoints 394 - namespaces 395 - nodes 396 - pods 397 - pods/log 398 - replicationcontrollers 399 - services 400 verbs: 401 - get 402 - list 403 - watch 404 - apiGroups: ["extensions", "apps"] 405 resources: 406 - deployments 407 - replicasets 408 - statefulsets 409 verbs: 410 - get 411 - list 412 - watch 413 - apiGroups: ["autoscaling"] 414 resources: 415 - horizontalpodautoscalers 416 verbs: 417 - get 418 - list 419 - watch 420 - apiGroups: ["batch"] 421 resources: 422 - cronjobs 423 - jobs 424 verbs: 425 - get 426 - list 427 - watch 428 - apiGroups: ["config.istio.io"] 429 resources: 430 - adapters 431 - apikeys 432 - bypasses 433 - authorizations 434 - checknothings 435 - circonuses 436 - cloudwatches 437 - deniers 438 - dogstatsds 439 - edges 440 - fluentds 441 - handlers 442 - instances 443 - kubernetesenvs 444 - kuberneteses 445 - listcheckers 446 - listentries 447 - logentries 448 - memquotas 449 - metrics 450 - noops 451 - opas 452 - prometheuses 453 - quotas 454 - quotaspecbindings 455 - quotaspecs 456 - rbacs 457 - redisquotas 458 - reportnothings 459 - rules 460 - signalfxs 461 - solarwindses 462 - stackdrivers 463 - statsds 464 - stdios 465 - templates 466 - tracespans 467 - zipkins 468 verbs: 469 - create 470 - delete 471 - get 472 - list 473 - patch 474 - watch 475 - apiGroups: ["networking.istio.io"] 476 resources: 477 - destinationrules 478 - gateways 479 - serviceentries 480 - sidecars 481 - virtualservices 482 verbs: 483 - create 484 - delete 485 - get 486 - list 487 - patch 488 - watch 489 - apiGroups: ["authentication.istio.io"] 490 resources: 491 - meshpolicies 492 - policies 493 verbs: 494 - create 495 - delete 496 - get 497 - list 498 - patch 499 - watch 500 - apiGroups: ["rbac.istio.io"] 501 resources: 502 - clusterrbacconfigs 503 - rbacconfigs 504 - servicerolebindings 505 - serviceroles 506 verbs: 507 - create 508 - delete 509 - get 510 - list 511 - patch 512 - watch 513 - apiGroups: ["authentication.maistra.io"] 514 resources: 515 - servicemeshpolicies 516 verbs: 517 - create 518 - delete 519 - get 520 - list 521 - patch 522 - watch 523 - apiGroups: ["rbac.maistra.io"] 524 resources: 525 - servicemeshrbacconfigs 526 verbs: 527 - create 528 - delete 529 - get 530 - list 531 - patch 532 - watch 533 - apiGroups: ["apps.openshift.io"] 534 resources: 535 - deploymentconfigs 536 verbs: 537 - get 538 - list 539 - watch 540 - apiGroups: ["project.openshift.io"] 541 resources: 542 - projects 543 verbs: 544 - get 545 - apiGroups: ["route.openshift.io"] 546 resources: 547 - routes 548 verbs: 549 - get 550 - apiGroups: ["monitoring.kiali.io"] 551 resources: 552 - monitoringdashboards 553 verbs: 554 - get 555 - list 556 serviceAccountName: kiali-operator