Chapter 1. Installing and preparing the Operators
You install the Red Hat OpenStack Services on OpenShift (RHOSO) control plane on an operational Red Hat Openshift Container Platform (RHOCP) cluster. You perform the control plane installation tasks and all data plane creation tasks on a workstation that has access to the RHOCP cluster.
Do not use the root user to interact with your RHOSO deployment. You must use the dedicated user, stack, with passwordless sudo rights and only ssh-key login enabled.
1.1. Prerequisites
- An operational Red Hat Openshift Container Platform (RHOCP) cluster, version 4.12 or later.
- The RHOCP environment supports Multus CNI.
-
The
occommand line tool is installed on your workstation. -
The
podmancommand line tool is installed on your workstation. - A private Red Hat Quay Container Registry account, https://quay.io/.
- Access to a private repository in your registry. The RHOSO 18.0 Development Preview code cannot be located on a public repository.
-
You are logged in to the RHOCP cluster as a user with
cluster-adminprivileges. -
You have installed the Kubernetes NMState Operator, and started the Operator by creating an
nmstateinstance. For more information, see Installing the Kubernetes NMState Operator in the RHOCP Networking guide. -
You have installed the MetalLB Operator, and started the Operator by creating a
metallbinstance. For more information, see Installing the MetalLB Operator in the RHOCP Networking guide. - You have installed the cert-manager Operator. For more information, see cert-manager Operator for Red Hat OpenShift in the RHOCP Security and compliance guide.
- You have configured the RHOCP storage backend and storage class. For more information, see Storage and Post-installation storage configuration.
- For installer-provisioned infrastructure, you must prepare an operating system image for use with bare-metal provisioning. You can use the following image as the bare-metal image: https://catalog.redhat.com/software/containers/rhel9/rhel-guest-image/6197bdceb4dcabca7fe351d5?container-tabs=overview
1.2. Installing the OpenStack Operator
To install the OpenStack Operator (openstack-operator), you must create the following projects:
-
openstack-operators: Create this project for the Red Hat OpenStack Services on OpenShift (RHOSO) service Operators. openstack: Create this project for the deployed RHOSO services.NoteEach project is a namespace with additional functionality to support multi-tenancy.
You must also create the following custom resources (CRs) within the project:
-
A
CatalogSource, which identifies the index image to use for the RHOSO catalog. For more information onCatalogSource, see CatalogSource in the Operator Lifecycle Manager documentation. -
An
OperatorGroup, which defines the Operator group for RHOSO and restricts RHOSO to a target namespace. For more information onOperatorGroup, see OperatorGroup in the Operator Lifecycle Manager documentation. -
A
Subscription, which tracks changes in the RHOSO catalog, and defines which version of the Operator is installed and from whichCatalogSourceto install it. For more information onSubscription, see Subscription in the Operator Lifecycle Manager documentation.
Installing the OpenStack Operator also creates an OpenStackClient pod that you can access through a remote shell (rsh) to run RHOSO commands.
$ oc rsh -n openstack openstackclient
Procedure
Create the
openstack-operatorsproject for the RHOSO operators:$ oc new-project openstack-operators
Create the
openstackproject for the deployed RHOSO environment:$ oc new-project openstack
-
Download the Operator Package Manager (
opm) tool from https://console.redhat.com/openshift/downloads. Use the
opmtool to create an index image:$ opm index add -u podman --pull-tool podman --tag <your_registry>:<port>/rhoso-podified-beta/openstack-operator-index:1.0.0 \ --bundles "registry.redhat.io/rhoso-podified-beta/openstack-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/swift-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/glance-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/infra-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/ironic-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/keystone-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/ovn-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/placement-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/telemetry-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/heat-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/cinder-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/manila-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/neutron-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/nova-operator-bundle:1.0.0,registry.redhat.io/rhoso-edpm-beta/openstack-ansibleee-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/mariadb-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/openstack-baremetal-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/rabbitmq-cluster-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/horizon-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/octavia-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/barbican-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/designate-operator-bundle:1.0.0" --mode semver
-
Replace
<your_registry>with your registry account details. If you are using quay.io or a private Quay instance as your registry, then include your account in<your_registry>, for example,quay.io/my_quay_account/.
-
Replace
Push the index image to your private registry:
$ podman push <your_registry>[:<port>]/rhoso-podified-beta/openstack-operator-index:1.0.0
-
Replace
<your_registry>with your registry account details. If you are using a registry other than quay.io or a private Quay instance, then include the registry<port>.
-
Replace
-
Create an environment file to configure the
CatalogSource,OperatorGroup, andSubscriptionCRs that are required to install the OpenStack Operator, for example,openstack-operator.yaml. To configure the
CatalogSourceCR, add the following configuration toopenstack-operator.yaml:apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: openstack-operator-index namespace: openstack-operators spec: sourceType: grpc image: <your_registry>[:<port>]/rhoso-podified-beta/openstack-operator-index:1.0.0
For information about how to apply the Quay authentication so that the Operator deployment can pull the image, see Accessing images for Operators from private registries.
NoteYou must create the secret that enables pull access to your container image registry in the
openstack-operatorsnamespace.To configure the
OperatorGroupCR, add the following configuration toopenstack-operator.yaml:--- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: openstack namespace: openstack-operators
To configure the
SubscriptionCR, add the following configuration toopenstack-operator.yaml:--- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: openstack-operator namespace: openstack-operators spec: name: openstack-operator channel: alpha source: openstack-operator-index sourceNamespace: openstack-operators
Create the new
CatalogSource,OperatorGroup, andSubscriptionCRs within theopenstacknamespace:$ oc apply -f openstack-operator.yaml
Confirm that you have installed the Openstack Operator,
openstack-operator.openstack-operators:$ oc get operators openstack-operator.openstack-operators NAME AGE openstack-operator.openstack-operators 5m
Confirm that the Openstack Operator is deployed by reviewing the pods in the
openstack-operatorsnamespace:$ oc get pods -n openstack-operators
The Openstack Operator is deployed when all the pods are either completed or running.
