@@ -10,6 +10,7 @@ As an Operator author, your Operator must meet additional requirements to run pr
1010
1111.Operator requirements for supporting disconnected mode
1212
13+ * Replace hard-coded image references with environment variables.
1314* In the cluster service version (CSV) of your Operator:
1415** List any _related images_ , or other container images that your Operator might require to perform their functions.
1516** Reference all specified images by a digest (SHA) and not by a tag.
@@ -18,97 +19,146 @@ As an Operator author, your Operator must meet additional requirements to run pr
1819// TODO: Include more info w/ better steps on how to do this:
1920//* You must understand the {product-title} proxy configuration.
2021
21-
22-
2322.Prerequisites
2423
25- * An Operator project with a CSV.
24+ * An Operator project with a CSV. The following procedure uses the Memcached Operator as an example for Go-, Ansible-, and Helm-based projects.
2625
2726.Procedure
2827
29- . Use SHA references to related images in two places in the CSV for your Operator:
30-
31- .. Update `spec.relatedImages`:
28+ . Set an environment variable for the additional image references used by the Operator in the `config/manager/manager.yaml` file:
3229+
30+ .Example `config/manager/manager.yaml` file
31+ [%collapsible]
32+ ====
3333[source,yaml]
3434----
3535...
3636spec:
37- relatedImages: <1>
38- - name: etcd-operator <2>
39- image: quay.io/etcd-operator/operator@sha256:d134a9865524c29fcf75bbc4469013bc38d8a15cb5f41acfddb6b9e492f556e4 <3>
40- - name: etcd-image
41- image: quay.io/etcd-operator/etcd@sha256:13348c15263bd8838ec1d5fc4550ede9860fcbb0f843e48cbccec07810eebb68
37+ ...
38+ spec:
39+ ...
40+ containers:
41+ - command:
42+ - /manager
43+ ...
44+ env:
45+ - name: <related_image_environment_variable> <.>
46+ value: "<related_image_reference_with_tag>" <.>
47+ ----
48+ <.> Define the environment variable, such as `RELATED_IMAGE_MEMCACHED` .
49+ <.> Set the related image reference and tag, such as `docker.io/memcached:1.4.36-alpine` .
50+ ====
51+
52+ . Replace hard-coded image references with environment variables in the relevant file for your Operator project type:
53+
54+ * For Go-based Operator projects, add the environment variable to the `controllers/memcached_controller.go` file as shown in the following example:
55+ +
56+ .Example `controllers/memcached_controller.go` file
57+ [%collapsible]
58+ ====
59+ [source,diff]
60+ ----
61+ // deploymentForMemcached returns a memcached Deployment object
62+
63+
64+
65+ Spec: corev1.PodSpec{
66+ Containers: []corev1.Container{{
67+ - Image: "memcached:1.4.36-alpine", <.>
68+ + Image: os.Getenv("<related_image_environment_variable>"), <.>
69+ Name: "memcached",
70+ Command: []string{"memcached", "-m=64", "-o", "modern", "-v"},
71+ Ports: []corev1.ContainerPort{{
72+
4273...
4374----
44- <1> Create a `relatedImages` section and set the list of related images.
45- <2> Specify a unique identifier for the image.
46- <3> Specify each image by a digest (SHA), not by an image tag.
75+ <.> Delete the image reference and tag.
76+ <.> Use the `os.Getenv` function to call the `<related_image_environment_variable>`.
77+
78+ [NOTE]
79+ =====
80+ The `os.Getenv` function returns an empty string if a variable is not set. Set the `<related_image_environment_variable>` before changing the file.
81+ =====
82+ ====
4783
48- .. Update the `env` section in the deployment when declaring environment variables that inject the image that the Operator should use :
84+ * For Ansible-based Operator projects, add the environment variable to the `roles/memcached/tasks/main.yml` file as shown in the following example :
4985+
50- [source,yaml]
86+ .Example `roles/memcached/tasks/main.yml` file
87+ [%collapsible]
88+ ====
89+ [source,diff]
5190----
5291spec:
53- install:
54- spec:
55- deployments:
56- - name: etcd-operator-v3.1.1
57- spec:
58- replicas: 1
59- selector:
60- matchLabels:
61- name: etcd-operator
62- strategy:
63- type: Recreate
64- template:
65- metadata:
66- labels:
67- name: etcd-operator
68- spec:
69- containers:
70- - args:
71- - /opt/etcd/bin/etcd_operator_run.sh
72- env:
73- - name: WATCH_NAMESPACE
74- valueFrom:
75- fieldRef:
76- fieldPath: metadata.annotations['olm.targetNamespaces']
77- - name: ETCD_OPERATOR_DEFAULT_ETCD_IMAGE <1>
78- value: quay.io/etcd-operator/etcd@sha256:13348c15263bd8838ec1d5fc4550ede9860fcbb0f843e48cbccec07810eebb68 <2>
79- - name: ETCD_LOG_LEVEL
80- value: INFO
81- image: quay.io/etcd-operator/operator@sha256:d134a9865524c29fcf75bbc4469013bc38d8a15cb5f41acfddb6b9e492f556e4 <3>
82- imagePullPolicy: IfNotPresent
83- livenessProbe:
84- httpGet:
85- path: /healthy
86- port: 8080
87- initialDelaySeconds: 10
88- periodSeconds: 30
89- name: etcd-operator
90- readinessProbe:
91- httpGet:
92- path: /ready
93- port: 8080
94- initialDelaySeconds: 10
95- periodSeconds: 30
96- resources: {}
97- serviceAccountName: etcd-operator
98- strategy: deployment
92+ containers:
93+ - name: memcached
94+ command:
95+ - memcached
96+ - -m=64
97+ - -o
98+ - modern
99+ - -v
100+ - image: "docker.io/memcached:1.4.36-alpine" <.>
101+ + image: "{{ lookup('env', '<related_image_environment_variable>') }}" <.>
102+ ports:
103+ - containerPort: 11211
104+
105+ ...
99106----
107+ <.> Delete the image reference and tag.
108+ <.> Use the `lookup` function to call the `<related_image_environment_variable>`.
109+ ====
110+
111+ * For Helm-based Operator projects, add the environment variable to the `helm-charts/memchached/values.yaml` file as shown in the following example:
100112+
101- --
102- <1> Inject the images referenced by the Operator by using environment variables.
103- <2> Specify each image by a digest (SHA), not by an image tag.
104- <3> Also reference the Operator container image by a digest (SHA), not by an image tag.
105- --
106- +
107- [NOTE]
113+ .`helm-charts/memchached/values.yaml` diff
114+ [%collapsible]
108115====
109- When configuring probes, the `timeoutSeconds` value must be lower than the `periodSeconds` value. The `timeoutSeconds` default value is `1` . The `periodSeconds` default value is `10` .
116+ [source,diff]
117+ ----
118+ ## Memcached image and tag
119+ ## ref: https://hub.docker.com/r/library/memcached/tags/
120+ ##
121+ - image: memcached:1.5.20 <.>
122+ + image: "{{ lookup('env', '<related_image_environment_variable>') }}" <.>
123+
124+ ...
125+ ----
126+ <.> Delete the image reference and tag.
127+ <.> Use the `lookup` function to call the `<related_image_environment_variable>`.
110128====
111129
130+ . Add the `BUNDLE_GEN_FLAGS` variable definition to your `Makefile` with the following changes:
131+ +
132+ .Example `Makefile`
133+ [source,diff]
134+ ----
135+ BUNDLE_GEN_FLAGS ?= -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
136+
137+ # USE_IMAGE_DIGESTS defines if images are resolved via tags or digests
138+ # You can enable this value if you would like to use SHA Based Digests
139+ # To enable set flag to true
140+ USE_IMAGE_DIGESTS ?= false
141+ ifeq ($(USE_IMAGE_DIGESTS), true)
142+ BUNDLE_GEN_FLAGS += --use-image-digests
143+ endif
144+
145+ ...
146+
147+ - $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS) <.>
148+ + $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle $(BUNDLE_GEN_FLAGS) <.>
149+
150+ ...
151+ ----
152+ <.> Delete this line in the `Makefile`.
153+ <.> Replace the line above with this line.
154+
155+ . To update your Operator image to use a digest (SHA) and not a tag, run the `make bundle` command and set `USE_IMAGE_DIGESTS` to `true` :
156+ +
157+ [source,terminal]
158+ ----
159+ $ make bundle USE_IMAGE_DIGESTS=true
160+ ----
161+
112162. Add the `disconnected` annotation, which indicates that the Operator works in a disconnected environment:
113163+
114164[source,yaml]
0 commit comments