|
| 1 | +--- |
| 2 | +title: Neat-Enhancement-Idea |
| 3 | +authors: |
| 4 | + - "@estroz" |
| 5 | +reviewers: |
| 6 | + - TBD |
| 7 | + - "@joelanford" |
| 8 | + - "@dmesser" |
| 9 | +approvers: |
| 10 | + - TBD |
| 11 | + - "@joelanford" |
| 12 | + - "@dmesser" |
| 13 | +creation-date: 2019-09-12 |
| 14 | +last-updated: 2019-09-12 |
| 15 | +status: implementable |
| 16 | +see-also: |
| 17 | + - "./cli-ux-phase1.md" |
| 18 | +--- |
| 19 | + |
| 20 | +# sdk integration with olm |
| 21 | + |
| 22 | +## Release Signoff Checklist |
| 23 | + |
| 24 | +- \[x] Enhancement is `implementable` |
| 25 | +- \[x] Design details are appropriately documented from clear requirements |
| 26 | +- \[ ] Test plan is defined |
| 27 | +- \[ ] Graduation criteria for dev preview, tech preview, GA |
| 28 | +- \[ ] User-facing documentation is created in openshift/docs |
| 29 | + |
| 30 | +## Summary |
| 31 | + |
| 32 | +The [Operator Lifecycle Manager (OLM)][olm] is a set of cluster resources that manage the lifecycle of an Operator. OLM can be installed onto a Kubernetes cluster to provide a robust Operator management system for any cluster users. The Operator SDK (SDK) should be able to interact with OLM to a degree that gives any user the ability to deploy their Operator and tear it down using OLM, all in a reproducible fashion. This proposal aims to describe integration of OLM into the SDK for deployment and teardown. |
| 33 | + |
| 34 | +## Motivation |
| 35 | + |
| 36 | +OLM is an incredibly useful cluster management tool. There is currently no integration between SDK and OLM that encourages running an Operator with the latter. |
| 37 | + |
| 38 | +### Goals |
| 39 | + |
| 40 | +#### General |
| 41 | + |
| 42 | +* Operator developers can use `operator-sdk` to quickly deploy OLM on a given Kubernetes cluster |
| 43 | +* Operator developers can use `operator-sdk` to run their Operator under OLM |
| 44 | +* Operator developers can use `operator-sdk` to build a catalog/bundle containing their Operator for use with OLM |
| 45 | + |
| 46 | +#### Specific |
| 47 | + |
| 48 | +* `operator-sdk` creates a [bundle][bundle] from an Operator project to deploy with OLM |
| 49 | +* `operator-sdk` has a CLI interface to interact with OLM |
| 50 | +* `operator-sdk` installs a specific version of OLM onto Kubernetes cluster |
| 51 | +* `operator-sdk` uninstalls a specific version of OLM onto Kubernetes cluster |
| 52 | +* `operator-sdk` accepts a bundle and deploys that operator onto an OLM-enabled Kubernetes cluster |
| 53 | +* `operator-sdk` accepts a bundle and removes that operator onto an OLM-enabled Kubernetes cluster |
| 54 | + |
| 55 | +### Non-Goals |
| 56 | + |
| 57 | +## Proposal |
| 58 | + |
| 59 | +### User Stories |
| 60 | + |
| 61 | +**TODO** |
| 62 | + |
| 63 | +Detail the things that people will be able to do if this is implemented. |
| 64 | +Include as much detail as possible so that people can understand the "how" of |
| 65 | +the system. The goal here is to make this feel real for users without getting |
| 66 | +bogged down. |
| 67 | + |
| 68 | +#### Story 1 |
| 69 | + |
| 70 | +### Implementation Details/Notes/Constraints |
| 71 | + |
| 72 | +Initial PR: https://github.com/operator-framework/operator-sdk/pull/1912 |
| 73 | + |
| 74 | +#### Use of operator-registry |
| 75 | + |
| 76 | +The SDK's approach to deployment should be as general and reliant on existing mechanisms as possible. To that end, [`operator-registry`][registry] should be used since it defines what a bundle contains and how one is structured. `operator-registry` libraries should be used to create and serve bundles, and interact with package manifests. |
| 77 | + |
| 78 | +The idea is to create a `Deployment` containing the latest `operator-registry` [image][registry-image] to initialize a bundle database and run a registry server serving that database using binaries contained in the image. The `Deployment` will contain volume mounts from a `ConfigMap` containing bundle files and a package manifest for an operator. Using manifest data in the `ConfigMap` volume source, the registry initializer can build a local database and serve that database through the `Service`. OLM-specific resources created by the SDK or supplied by a user, described below, will establish communication between this registry server and OLM. |
| 79 | + |
| 80 | +#### OLM resources |
| 81 | + |
| 82 | +OLM understands `operator-registry` servers and served data through several objects. A [`CatalogSource`][olm-catalogsource] specifies how to communicate with a registry server. A [`Subscription`][olm-subscription] links a particular CSV channel to a `CatalogSource`, indicating from which `CatalogSource` OLM should pull an Operator. Another OLM resource that _may_ be required is an [`OperatorGroup`][olm-operatorgroup], which provides Operator namespacing information to OLM; OLM creates two `OperatorGroup`'s by default, one of which can be used for globally scoped Operators. |
| 83 | + |
| 84 | +These resources can be created from bundle data with minimal user input. They can also be created from manifests defined by the user; however, the SDK cannot make guarantees that user-defined manifests will work as expected. |
| 85 | + |
| 86 | +#### Use of operator-framework/api validation |
| 87 | + |
| 88 | +Static validation is necessary for users to determine problems before deploying their Operator. As we all know, static bugs are usually more tractable than runtime bugs, especially those discovered in a live cluster. The [`operator-framework/api`][of-api] repo intends to house a validation library for static, and potentially runtime, validation. The SDK should use this library as the source of truth for the qualities of a valid OLM manifest. This repo is a work-in-progress, and should be used as soon as it is ready. |
| 89 | + |
| 90 | +### Risks and Mitigations |
| 91 | + |
| 92 | +There are fewer risks with this approach than others because external libraries that define OLM components are used whenever possible, ensuring maximum compatibility. |
| 93 | + |
| 94 | +One risk factor is how hidden OLM nuances are from users. Much of how an Operator is deployed using a registry and OLM resources like `Subscription`'s is complex, and understanding each component is necessary for true self sufficiency. However good documentation can help direct users towards solutions. There is also an ongoing effort to reduce the complexity of OLM metadata requirements. |
| 95 | + |
| 96 | +## Design Details |
| 97 | + |
| 98 | +### Test Plan |
| 99 | + |
| 100 | +**Note:** *Section not required until targeted at a release.* |
| 101 | + |
| 102 | +Consider the following in developing a test plan for this enhancement: |
| 103 | +- Will there be e2e and integration tests, in addition to unit tests? |
| 104 | +- How will it be tested in isolation vs with other components? |
| 105 | + |
| 106 | +No need to outline all of the test cases, just the general strategy. Anything |
| 107 | +that would count as tricky in the implementation and anything particularly |
| 108 | +challenging to test should be called out. |
| 109 | + |
| 110 | +All code is expected to have adequate tests (eventually with coverage |
| 111 | +expectations). |
| 112 | + |
| 113 | +### Graduation Criteria |
| 114 | + |
| 115 | +**Note:** *Section not required until targeted at a release.* |
| 116 | + |
| 117 | +Define graduation milestones. |
| 118 | + |
| 119 | +These may be defined in terms of API maturity, or as something else. Initial proposal |
| 120 | +should keep this high-level with a focus on what signals will be looked at to |
| 121 | +determine graduation. |
| 122 | + |
| 123 | +Consider the following in developing the graduation criteria for this |
| 124 | +enhancement: |
| 125 | +- Maturity levels - `Dev Preview`, `Tech Preview`, `GA` |
| 126 | +- Deprecation |
| 127 | + |
| 128 | +Clearly define what graduation means. |
| 129 | + |
| 130 | +#### Examples |
| 131 | + |
| 132 | +These are generalized examples to consider, in addition to the aforementioned |
| 133 | +maturity levels. |
| 134 | + |
| 135 | +##### Dev Preview -> Tech Preview |
| 136 | + |
| 137 | +- Ability to utilize the enhancement end to end |
| 138 | +- End user documentation, relative API stability |
| 139 | +- Sufficient test coverage |
| 140 | +- Gather feedback from users rather than just developers |
| 141 | + |
| 142 | +##### Tech Preview -> GA |
| 143 | + |
| 144 | +- More testing (upgrade, downgrade, scale) |
| 145 | +- Sufficient time for feedback |
| 146 | +- Available by default |
| 147 | + |
| 148 | +**For non-optional features moving to GA, the graduation criteria must include |
| 149 | +end to end tests.** |
| 150 | + |
| 151 | +##### Removing a deprecated feature |
| 152 | + |
| 153 | +- Announce deprecation and support policy of the existing feature |
| 154 | +- Deprecate the feature |
| 155 | + |
| 156 | +### Upgrade / Downgrade Strategy |
| 157 | + |
| 158 | +If applicable, how will the component be upgraded and downgraded? Make sure this |
| 159 | +is in the test plan. |
| 160 | + |
| 161 | +Consider the following in developing an upgrade/downgrade strategy for this |
| 162 | +enhancement: |
| 163 | +- What changes (in invocations, configurations, API use, etc.) is an existing |
| 164 | + cluster required to make on upgrade in order to keep previous behavior? |
| 165 | +- What changes (in invocations, configurations, API use, etc.) is an existing |
| 166 | + cluster required to make on upgrade in order to make use of the enhancement? |
| 167 | + |
| 168 | +### Version Skew Strategy |
| 169 | + |
| 170 | +How will the component handle version skew with other components? |
| 171 | +What are the guarantees? Make sure this is in the test plan. |
| 172 | + |
| 173 | +Consider the following in developing a version skew strategy for this |
| 174 | +enhancement: |
| 175 | +- During an upgrade, we will always have skew among components, how will this impact your work? |
| 176 | +- Does this enhancement involve coordinating behavior in the control plane and |
| 177 | + in the kubelet? How does an n-2 kubelet without this feature available behave |
| 178 | + when this feature is used? |
| 179 | +- Will any other components on the node change? For example, changes to CSI, CRI |
| 180 | + or CNI may require updating that component before the kubelet. |
| 181 | + |
| 182 | +## Implementation History |
| 183 | + |
| 184 | +Major milestones in the life cycle of a proposal should be tracked in `Implementation |
| 185 | +History`. |
| 186 | + |
| 187 | +## Drawbacks |
| 188 | + |
| 189 | +The idea is to find the best form of an argument why this enhancement should _not_ be implemented. |
| 190 | + |
| 191 | +## Alternatives |
| 192 | + |
| 193 | +Similar to the `Drawbacks` section the `Alternatives` section is used to |
| 194 | +highlight and record other possible approaches to delivering the value proposed |
| 195 | +by an enhancement. |
| 196 | + |
| 197 | +## Infrastructure Needed |
| 198 | + |
| 199 | +Use this section if you need things from the project. Examples include a new |
| 200 | +subproject, repos requested, github details, and/or testing infrastructure. |
| 201 | + |
| 202 | +Listing these here allows the community to get the process for these resources |
| 203 | +started right away. |
| 204 | + |
| 205 | +[olm]:https://github.com/operator-framework/operator-lifecycle-manager/ |
| 206 | +[olm-operatorgroup]:https://github.com/operator-framework/operator-lifecycle-manager/blob/1cb0681/doc/design/operatorgroups.md |
| 207 | +[olm-subscription]:https://github.com/operator-framework/community-operators/blob/master/docs/testing-operators.md#7-create-a-subscription |
| 208 | +[olm-catalogsource]:https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/design/philosophy.md#catalogsource |
| 209 | +[registry]:https://github.com/operator-framework/operator-registry/ |
| 210 | +[bundle]:https://github.com/operator-framework/operator-registry/#manifest-format |
| 211 | +[registry-image]:https://quay.io/organization/openshift/origin-operator-registry |
| 212 | +[of-api]:https://github.com/operator-framework/api |
0 commit comments