Doc - https://github.com/operator-framework/operator-sdk/blob/master/doc/helm/user-guide.md
Chart https://hub.helm.sh/charts/bitnami/cassandra/3.4.3
operator-sdk new cassandra-helm-operator --type=helm --helm-chart=cassandra --helm-chart-repo=https://charts.bitnami.com/bitnami --verbose
Deploy CRD
kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config create -f deploy/crds/charts.helm.k8s.io_cassandras_crd.yaml customresourcedefinition.apiextensions.k8s.io/cassandras.charts.helm.k8s.io created
Build Opertor
~/coding/k8s/cassandra-helm-operator$ operator-sdk build alexcpn/test-cassandra-operator:v0.0.1
~/coding/k8s/cassandra-helm-operator$ sed -i 's|REPLACE_IMAGE|alexcpn/test-cassandra-operator:v0.0.1|g' deploy/operator.yaml
As per doc
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config create -f deploy/service_account.yaml
serviceaccount/cassandra-helm-operator created
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config create -f deploy/role.yaml
role.rbac.authorization.k8s.io/cassandra-helm-operator created
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config create -f deploy/role_binding.yaml
rolebinding.rbac.authorization.k8s.io/cassandra-helm-operator created
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config create -f deploy/operator.yaml
deployment.apps/cassandra-helm-operator created
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
cassandra-helm-operator 1/1 1 1 1
kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config apply -f deploy/crds/charts.helm.k8s.io_v1alpha1_cassandra_cr.yaml cassandra.charts.helm.k8s.io/example-cassandra created
Error
{"level":"error","ts":1578915836.236557,"logger":"helm.controller","msg":"Release failed","namespace":"default","name":"example-cassandra","apiVersion":"charts.helm.k8s.io/v1alpha1","kind":"Cassandra","release":"example-cassandra","error":"failed to install release: rendered manifests contain a resource that already exists. Unable to continue with install: could not get information about the resource: poddisruptionbudgets.policy \"example-cassandra-headless\" is forbidden: User \"system:serviceaccount:default:cassandra-helm-operator\" cannot get resource \"poddisruptionbudgets\" in API group \"policy\" in the namespace \"default\"","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\tpkg/mod/github.com/go-logr/zapr@v0.1.1/zapr.go:128\ngithub.com/operator-framework/operator-sdk/pkg/helm/controller.HelmOperatorReconciler.Reconcile\n\tsrc/github.com/operator-framework/operator-sdk/pkg/helm/controller/reconcile.go:194\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\tpkg/mod/sigs.k8s.io/controller-runtime@v0.4.0/pkg/internal/controller/controller.go:256\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\tpkg/mod/sigs.k8s.io/controller-runtime@v0.4.0/pkg/internal/controller/controller.go:232\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker\n\tpkg/mod/sigs.k8s.io/controller-runtime@v0.4.0/pkg/internal/controller/controller.go:211\nk8s.io/apimachinery/pkg/util/wait.JitterUntil.func1\n\tpkg/mod/k8s.io/apimachinery@v0.0.0-20191004115801-a2eda9f80ab8/pkg/util/wait/wait.go:152\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\tpkg/mod/k8s.io/apimachinery@v0.0.0-20191004115801-a2eda9f80ab8/pkg/util/wait/wait.go:153\nk8s.io/apimachinery/pkg/util/wait.Until\n\tpkg/mod/k8s.io/apimachinery@v0.0.0-20191004115801-a2eda9f80ab8/pkg/util/wait/wait.go:88"}
--> poddisruptionbudgets.policy
https://www.oreilly.com/library/view/kubernetes-security/9781492039075/ch04.html
: User \"system:serviceaccount:default:cassandra-helm-operator\" cannot get resource \"poddisruptionbudgets\" in API group \"policy\" in the namespace \"default\"","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\tpkg/mod/
kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config auth can-i get poddisruptionbudgets.policy --as=system:serviceaccount:default:cassandra-helm-operator
no
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config apply -f deploy/role.yaml
role.rbac.authorization.k8s.io/cassandra-helm-operator configured
alex@drone-OMEN:~/coding/k8s/cassandra-helm-operator$ kubectl --insecure-skip-tls-verify --kubeconfig ~/keys/ee1-kubeconfig.config auth can-i get poddisruptionbudgets.policy --as=system:serviceaccount:default:cassandra-helm-operator
yes
Redpeploy CR after that and thats that