Chapter 1. Installing and preparing the Operators
You install the Red Hat OpenStack Services on OpenShift (RHOSO) control plane on an operational Red Hat Openshift Container Platform (RHOCP) cluster. You perform the control plane installation tasks and all data plane creation tasks on a workstation that has access to the RHOCP cluster.
Do not use the root
user to interact with your RHOSO deployment. You must use the dedicated user, stack
, with passwordless sudo rights and only ssh-key login enabled.
1.1. Prerequisites
- An operational Red Hat Openshift Container Platform (RHOCP) cluster, version 4.12 or later.
- The RHOCP environment supports Multus CNI.
-
The
oc
command line tool is installed on your workstation. -
The
podman
command line tool is installed on your workstation. - A private Red Hat Quay Container Registry account, https://quay.io/.
- Access to a private repository in your registry. The RHOSO 18.0 Development Preview code cannot be located on a public repository.
-
You are logged in to the RHOCP cluster as a user with
cluster-admin
privileges. -
You have installed the Kubernetes NMState Operator, and started the Operator by creating an
nmstate
instance. For more information, see Installing the Kubernetes NMState Operator in the RHOCP Networking guide. -
You have installed the MetalLB Operator, and started the Operator by creating a
metallb
instance. For more information, see Installing the MetalLB Operator in the RHOCP Networking guide. - You have installed the cert-manager Operator. For more information, see cert-manager Operator for Red Hat OpenShift in the RHOCP Security and compliance guide.
- You have configured the RHOCP storage backend and storage class. For more information, see Storage and Post-installation storage configuration.
- For installer-provisioned infrastructure, you must prepare an operating system image for use with bare-metal provisioning. You can use the following image as the bare-metal image: https://catalog.redhat.com/software/containers/rhel9/rhel-guest-image/6197bdceb4dcabca7fe351d5?container-tabs=overview
1.2. Installing the OpenStack Operator
To install the OpenStack Operator (openstack-operator
), you must create the following projects:
-
openstack-operators
: Create this project for the Red Hat OpenStack Services on OpenShift (RHOSO) service Operators. openstack
: Create this project for the deployed RHOSO services.NoteEach project is a namespace with additional functionality to support multi-tenancy.
You must also create the following custom resources (CRs) within the project:
-
A
CatalogSource
, which identifies the index image to use for the RHOSO catalog. For more information onCatalogSource
, see CatalogSource in the Operator Lifecycle Manager documentation. -
An
OperatorGroup
, which defines the Operator group for RHOSO and restricts RHOSO to a target namespace. For more information onOperatorGroup
, see OperatorGroup in the Operator Lifecycle Manager documentation. -
A
Subscription
, which tracks changes in the RHOSO catalog, and defines which version of the Operator is installed and from whichCatalogSource
to install it. For more information onSubscription
, see Subscription in the Operator Lifecycle Manager documentation.
Installing the OpenStack Operator also creates an OpenStackClient
pod that you can access through a remote shell (rsh
) to run RHOSO commands.
$ oc rsh -n openstack openstackclient
Procedure
Create the
openstack-operators
project for the RHOSO operators:$ oc new-project openstack-operators
Create the
openstack
project for the deployed RHOSO environment:$ oc new-project openstack
-
Download the Operator Package Manager (
opm
) tool from https://console.redhat.com/openshift/downloads. Use the
opm
tool to create an index image:$ opm index add -u podman --pull-tool podman --tag <your_registry>:<port>/rhoso-podified-beta/openstack-operator-index:1.0.0 \ --bundles "registry.redhat.io/rhoso-podified-beta/openstack-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/swift-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/glance-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/infra-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/ironic-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/keystone-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/ovn-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/placement-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/telemetry-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/heat-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/cinder-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/manila-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/neutron-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/nova-operator-bundle:1.0.0,registry.redhat.io/rhoso-edpm-beta/openstack-ansibleee-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/mariadb-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/openstack-baremetal-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/rabbitmq-cluster-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/horizon-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/octavia-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/barbican-operator-bundle:1.0.0,registry.redhat.io/rhoso-podified-beta/designate-operator-bundle:1.0.0" --mode semver
-
Replace
<your_registry>
with your registry account details. If you are using quay.io or a private Quay instance as your registry, then include your account in<your_registry>
, for example,quay.io/my_quay_account/
.
-
Replace
Push the index image to your private registry:
$ podman push <your_registry>[:<port>]/rhoso-podified-beta/openstack-operator-index:1.0.0
-
Replace
<your_registry>
with your registry account details. If you are using a registry other than quay.io or a private Quay instance, then include the registry<port>
.
-
Replace
-
Create an environment file to configure the
CatalogSource
,OperatorGroup
, andSubscription
CRs that are required to install the OpenStack Operator, for example,openstack-operator.yaml
. To configure the
CatalogSource
CR, add the following configuration toopenstack-operator.yaml
:apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: openstack-operator-index namespace: openstack-operators spec: sourceType: grpc image: <your_registry>[:<port>]/rhoso-podified-beta/openstack-operator-index:1.0.0
For information about how to apply the Quay authentication so that the Operator deployment can pull the image, see Accessing images for Operators from private registries.
NoteYou must create the secret that enables pull access to your container image registry in the
openstack-operators
namespace.To configure the
OperatorGroup
CR, add the following configuration toopenstack-operator.yaml
:--- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: openstack namespace: openstack-operators
To configure the
Subscription
CR, add the following configuration toopenstack-operator.yaml
:--- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: openstack-operator namespace: openstack-operators spec: name: openstack-operator channel: alpha source: openstack-operator-index sourceNamespace: openstack-operators
Create the new
CatalogSource
,OperatorGroup
, andSubscription
CRs within theopenstack
namespace:$ oc apply -f openstack-operator.yaml
Confirm that you have installed the Openstack Operator,
openstack-operator.openstack-operators
:$ oc get operators openstack-operator.openstack-operators NAME AGE openstack-operator.openstack-operators 5m
Confirm that the Openstack Operator is deployed by reviewing the pods in the
openstack-operators
namespace:$ oc get pods -n openstack-operators
The Openstack Operator is deployed when all the pods are either completed or running.