Skip to content

Instantly share code, notes, and snippets.

@phoracek

phoracek/README.md

Last active June 18, 2019 10:31
Show Gist options
  • Save phoracek/9b71ff13614ae42b1054c30b13cddbce to your computer and use it in GitHub Desktop.
Save phoracek/9b71ff13614ae42b1054c30b13cddbce to your computer and use it in GitHub Desktop.
Download ZIP
Install network addons operator using OLM
Raw
README.md

Operator: https://github.com/kubevirt/cluster-network-addons-operator

Manifests: https://github.com/kubevirt/cluster-network-addons-operator/tree/master/manifests/cluster-network-addons/0.9.0

CSV: https://github.com/kubevirt/cluster-network-addons-operator/blob/master/manifests/cluster-network-addons/0.9.0/cluster-network-addons-operator.0.9.0.clusterserviceversion.yaml

Installation

Install OLM:

kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.10.0/crds.yaml
kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.10.0/olm.yaml

Create namespace for the operator:

kubectl create ns cluster-network-addons-operator

Create OperatorGroup:

cat <<EOF | kubectl apply -f -
apiVersion: operators.coreos.com/v1alpha2
kind: OperatorGroup
metadata:
  name: cluster-network-addons-operatorgroup
  namespace: cluster-network-addons-operator
EOF

Add a catalog source pointing to registry with the operator:

cat <<EOF | kubectl apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: cluster-network-addons-catalogsource
  namespace: olm
spec:
  sourceType: grpc
  image: quay.io/kubevirt/cluster-network-addons-registry:0.9.0
  displayName: Cluster Network Addons
  publisher: Red Hat
EOF

Finally subscribe to the operator:

cat <<EOF | kubectl apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: cluster-network-addons-subscription
  namespace: cluster-network-addons-operator
spec:
  channel: alpha
  name: cluster-network-addons
  source: cluster-network-addons-catalogsource
  sourceNamespace: olm
EOF

The problem

catalog-operator pod is stuck cycling on:

time="2019-06-18T10:25:25Z" level=info msg="building connection to registry" currentSource="{olm-operators olm}" id=Ruavq source=olm-operators
time="2019-06-18T10:25:25Z" level=info msg="client hasn't yet become healthy, attempt a health check" currentSource="{olm-operators olm}" id=Ruavq source=olm-operators

olm-operator is cycling on no owned roles found:

time="2019-06-18T10:24:41Z" level=info msg="retrying cluster-network-addons-operator/cluster-network-addons-operator.0.9.0"
E0618 10:24:41.653926       1 queueinformer_operator.go:186] Sync "cluster-network-addons-operator/cluster-network-addons-operator.0.9.0" failed: no owned roles found
time="2019-06-18T10:24:41Z" level=info msg="csv in operatorgroup" csv=cluster-network-addons-operator.0.9.0 id=PBMK1 namespace=cluster-network-addons-operator opgroup=cluster-network-addons-operatorgroup phase=P
ending                                                                                                                                                                                                            
time="2019-06-18T10:24:42Z" level=info msg="requirements were not met" csv=cluster-network-addons-operator.0.9.0 id=PBMK1 namespace=cluster-network-addons-operator phase=Pending
time="2019-06-18T10:24:42Z" level=info msg="couldn't ensure RBAC in target namespaces" csv=cluster-network-addons-operator.0.9.0 error="no owned roles found" id=/6C3c namespace=cluster-network-addons-operator ph

Operator's CSV status has several failing conditions, including CRD is not present and Service account does not exist. Full CSV state attached below. If I manually create CRD, service account and RBAC, it works. I though those should be created by OLM based on the CSV. Is my CSV specification wrong?

Raw
csv.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: ClusterServiceVersion
metadata:
annotations:
alm-examples: |
[
{
"apiVersion":"networkaddonsoperator.network.kubevirt.io/v1alpha1",
"kind":"NetworkAddonsConfig",
"metadata": {
"name":"cluster"
},
"spec": {
"multus":{},
"linuxBridge":{},
"sriov":{},
"kubeMacPool": {
"rangeStart": "02:00:00:00:00:00",
"rangeEnd": "FD:FF:FF:FF:FF:FF"
},
"nmstate":{},
"imagePullPolicy": "Always"
}
}
]
capabilities: Full Lifecycle
categories: Network/Networking
description: Additional networking components for Kubernetes
olm.operatorGroup: cluster-network-addons-operatorgroup
olm.operatorNamespace: cluster-network-addons-operator
creationTimestamp: 2019-06-18T10:24:35Z
generation: 1
labels:
olm.api.a1a624c20cf51605: provided
olm.copiedFrom: cluster-network-addons-operator
name: cluster-network-addons-operator.0.9.0
namespace: olm
resourceVersion: "1987"
selfLink: /apis/operators.coreos.com/v1alpha1/namespaces/olm/clusterserviceversions/cluster-network-addons-operator.0.9.0
uid: 451ae5d8-91b3-11e9-8ea9-525500d15501
spec:
apiservicedefinitions: {}
customresourcedefinitions:
owned:
- description: Cluster Network Addons
displayName: Cluster Network Addons
kind: NetworkAddonsConfig
name: networkaddonsconfigs.networkaddonsoperator.network.kubevirt.io
version: v1alpha1
description: Deploy additional networking components for Kubernetes
displayName: Cluster Network Addons
install:
spec:
clusterPermissions:
- rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- get
- list
- watch
- apiGroups:
- networkaddonsoperator.network.kubevirt.io
resources:
- networkaddonsconfigs
verbs:
- get
- list
- watch
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
serviceAccountName: cluster-network-addons-operator
deployments:
- name: cluster-network-addons-operator
spec:
replicas: 1
selector:
matchLabels:
name: cluster-network-addons-operator
strategy: {}
template:
metadata:
labels:
name: cluster-network-addons-operator
spec:
containers:
- env:
- name: MULTUS_IMAGE
value: quay.io/kubevirt/cluster-network-addon-multus:v3.2.0-1.gitbf61002
- name: LINUX_BRIDGE_IMAGE
value: quay.io/kubevirt/cni-default-plugins:v0.8.0
- name: LINUX_BRIDGE_MARKER_IMAGE
value: quay.io/kubevirt/bridge-marker:0.1.0
- name: SRIOV_DP_IMAGE
value: quay.io/kubevirt/cluster-network-addon-sriov-device-plugin:v2.0.0-1.git9a20829
- name: SRIOV_CNI_IMAGE
value: quay.io/kubevirt/cluster-network-addon-sriov-cni:v1.1.0-1.git9e4c973
- name: NMSTATE_STATE_HANDLER_IMAGE
value: quay.io/nmstate/kubernetes-nmstate-state-handler:v0.2.0
- name: SRIOV_ROOT_DEVICES
- name: SRIOV_NETWORK_NAME
value: sriov-network
- name: SRIOV_NETWORK_TYPE
value: sriov
- name: KUBEMACPOOL_IMAGE
value: quay.io/kubevirt/kubemacpool:v0.3.0
- name: OPERATOR_IMAGE
value: quay.io/kubevirt/cluster-network-addons-operator:0.9.0
- name: OPERATOR_NAME
value: cluster-network-addons-operator
- name: OPERATOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: WATCH_NAMESPACE
image: quay.io/kubevirt/cluster-network-addons-operator:0.9.0
imagePullPolicy: Always
name: cluster-network-addons-operator
resources: {}
serviceAccountName: cluster-network-addons-operator
permissions:
- rules:
- apiGroups:
- ""
resources:
- pods
- configmaps
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
- apiGroups:
- apps
resources:
- deployments
- replicasets
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
serviceAccountName: cluster-network-addons-operator
strategy: deployment
installModes:
- supported: true
type: OwnNamespace
- supported: true
type: SingleNamespace
- supported: true
type: MultiNamespace
- supported: true
type: AllNamespaces
keywords:
- KubeVirt
- Virtualization
- Networking
- Multus
- CNI
- macpool
- SR-IOV
- Bridge
- nmstate
labels:
alm-owner-kubevirt: cluster-network-addons
operated-by: cluster-network-addons
links:
- name: KubeVirt
url: https://kubevirt.io
- name: Source Code
url: https://github.com/kubevirt/cluster-network-addons-operator
maintainers:
- email: kubevirt-dev@googlegroups.com
name: KubeVirt project
maturity: alpha
provider:
name: KubeVirt project
replaces: cluster-network-addons-operator.0.8.0
selector:
matchLabels:
alm-owner-kubevirt: cluster-network-addons
operated-by: cluster-network-addons
version: 0.9.0
status:
certsLastUpdated: null
certsRotateAt: null
conditions:
- lastTransitionTime: 2019-06-18T10:24:35Z
lastUpdateTime: 2019-06-18T10:24:35Z
message: requirements not yet checked
phase: Pending
reason: RequirementsUnknown
- lastTransitionTime: 2019-06-18T10:24:35Z
lastUpdateTime: 2019-06-18T10:24:35Z
message: one or more requirements couldn't be found
phase: Pending
reason: RequirementsNotMet
lastTransitionTime: 2019-06-18T10:24:35Z
lastUpdateTime: 2019-06-18T10:27:56Z
message: The operator is running in cluster-network-addons-operator but is managing
this namespace
phase: Pending
reason: Copied
requirementStatus:
- group: operators.coreos.com
kind: ClusterServiceVersion
message: CSV missing minimum kube version specification
name: cluster-network-addons-operator.0.9.0
status: NotPresent
version: v1alpha1
- group: apiextensions.k8s.io
kind: CustomResourceDefinition
message: CRD is not present
name: networkaddonsconfigs.networkaddonsoperator.network.kubevirt.io
status: NotPresent
version: v1beta1
- group: ""
kind: ServiceAccount
message: Service account does not exist
name: cluster-network-addons-operator
status: NotPresent
version: v1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment