Chapter 7. Installing the 3scale Operator on OpenShift
3scale supports the last two general availability (GA) releases of OpenShift Container Platform (OCP). For more information, see the Red Hat 3scale API Management Supported Configurations page.
This documentation shows you how to:
- Create a new project.
- Deploy a Red Hat 3scale API Management instance.
-
Create the
threescale-registry-authsecret in the project. - Install the 3scale operator through Operator Lifecycle Manager (OLM).
- Deploy the custom resources once the operator has been deployed.
Prerequisites
Access to a supported version of an OpenShift Container Platform 4 cluster using an account with administrator privileges.
- For more information about supported configurations, see the Red Hat 3scale API Management Supported Configurations page.
Deploy the 3scale operator and custom resource definitions (CRDs) in a separate newly created, empty project. If you deploy them in an existing project containing infrastructure, it could alter or delete existing elements.
To install the 3scale operator on OpenShift, perform the steps outlined in the following sections:
7.1. Creating a new OpenShift project
This procedure explains how to create a new OpenShift project named 3scale-project. Replace this project name with your own.
Procedure
To create a new OpenShift project:
Indicate a valid name using alphanumeric characters and dashes. As an example, run the command below to create
3scale-project:oc new-project 3scale-project
This creates the new OpenShift project where the operator, the APIManager custom resource (CR), and the Capabilities custom resources will be installed. The operator manages the custom resources through OLM in that project.
7.2. Installing and configuring the 3scale operator using the OLM
Use Operator Lifecycle Manager (OLM) to install the 3scale operator on an OpenShift Container Platform (OCP) 4.3 cluster through the OperatorHub in the OCP console.
- When using the OCP on a restricted network or a disconnected cluster, OLM can no longer use the OperatorHub. Follow the instructions for setting up and using the OLM in the guide titled Using Operator Lifecycle Manager on restricted networks.
Prerequisites
- You must install and deploy the 3scale operator in the project that you defined in Creating a new OpenShift project.
Procedure
- In the OpenShift Container Platform console, log in using an account with administrator privileges.
The menu structure depends on the version of OpenShift you are using:
- Click Operators > OperatorHub
- In the Filter by keyword box, type 3scale operator to find the 3scale operator.
- Click the 3scale operator. Information about the Operator is displayed.
- Read the information about the operator and click Install. The Create Operator Subscription page opens.
On the Create Operator Subscription page, accept all of the default selections and click Subscribe.
NoteThe operator will only be available in the specific single namespace on the cluster that you have selected.
The 3scale-operator details page is displayed, where you can see the Subscription Overview.
- Confirm that the subscription upgrade status is shown as Up to date.
Verify that the 3scale operator ClusterServiceVersion (CSV) is displayed, and the Status of the operator ultimately resolves to InstallSucceeded in the project you defined in Creating a new OpenShift project:
- Click Operators > Installed Operators. In this case, successful installation will register the APIManager CRD, and the CRDs related to the Capabilities functionality of the operator in the OpenShift API server.
After successful installation, query the resource types defined by the CRDs via
oc get.For example, to verify that the APIManager CRD has been correctly registered, execute the following command:
oc get apimanagers
You should see the following output:
No resources found.
Besides the indicated procedure, create a list of the allowed domains you intend to use in the 3scale Developer Portal while using OCP on restricted networks. Consider the following examples:
- Any link you intend to add to the Developer Portal.
- SSO integrations through third party SSO providers such as GitHub.
- Billing.
- Webhooks that trigger an external URL.
7.2.1. Restrictions in disconnected environments
The following list outlines current restrictions in a disconnected environment for 3scale 2.9:
- The GitHub login to the Developer Portal is not available.
- Support links are not operational.
- Links to external documentation are not operational.
- The validator for the OpenAPI Specification (OAS) in the Developer Portal is not operational, affecting links to external services.
In the product Overview page in ActiveDocs, links to OAS are not operational.
- It is also necessary check the option Skip swagger validations when you create a new ActiveDocs specification.
Additional resources
- For troubleshooting information, see the OpenShift Container Platform documentation.
- For more information about using the OLM on retricted networks, see Using Operator Lifecycle Manager on restricted networks.
- For more information about preparing your installation on restricted networks, see Creating a mirror registry for installation in a restricted network.
- For more information about supported configurations, see the Red Hat 3scale API Management Supported Configurations page.
