Try   HackMD

Scoped Operators Landing Page

Release Signoff Checklist

  • Enhancement is implementable
  • Design details are appropriately documented from clear requirements
  • Test plan is defined
  • Graduation criteria for dev preview, tech preview, GA

Background

Before diving into this document, please review:

This document acts as a landing page for ongoing work in transitioning to the proposed Descoped Operator Model.

Summary

As part of the Operator Framework's effort to move towards Descoped Operators we must identify how OLM V1.0 will configure operators to reconcile events in specific namespaces based on available Role Based Access Controls (RBAC).

Motivation

Today, OLM scopes an operator to a set watched namespaces through the operatorGroup resource. Historically, the operatorGroup supported OLM's multitenancy strategy by providing ways to:

  • Define an operator's watched namespaces.
  • Allow multiple installations of an operator (possibly at different versions) provided that none of the operators' watched namespaces overlapped.

This approach supported multiple installs of an operator at different versions, but lead to a poor user experience surrounding the operator's CustomResourceDefinitions. Consider the following painpoints:

  • Most operators regularly introduce new fields to a CRD without bumping its version. If multiple versions of an operator are installed on cluster, the user experience changes based on the version of the operator reconciling the CR.
  • An operator in one namespace may be unable to upgrade due to a separate instance of the operator. For example, a customer may have a version of an operator installed that requires V1Beta1 of a CRD, but the latest version of the operator dropped support for V1Beta1 of the CRD.
  • Managing Validating Webhooks and Mutating Webhooks becomes very difficult as their implementation details can change between version. OLM cannot simply install the latest version of these webhooks because they may not work with older versions of the operator. As such, there is a requirement that webhooks are backwards compatible with versions of the operator.
  • With the introduction of Conversion Webhooks, a single service may be specified to handle conversions for a CRD and its versions. It is rarely clear which operator installation "owns" the conversion webhook.

Many of the painpoints listed above are improved significantly if an operator is treated as a cluster singleton. This does not necessarily mean that only one controller will be responsible for reconciling the events of a CRD accross a cluster, but it does imply that a single bundle will "own" the CRD, its versions, and webhooks.

As we move towards the proposed descoped model, we must define key initiatives

Ongoing Initiatives

Operator RBAC Generation

  • How a Cluster Admin will generate RBAC for an operator in one, many or all namespaces. Explored in this document.

RBAC based Informers and Caches

  • How an operator's informer and cache can be configured dynamically based on RBAC granted to its serviceAccount. Explored in this document.
Last changed by 
OLM
https://github.com/operator-framework/operator-lifecycle-manager
2
311

Read more

OLM Personas

A draft distillation of the miro board persona mind-map https://miro.com/app/board/uXjVMhe8hGM=/

Feb 27, 2025
OCPBUGS-35210: missing serviceaccount-token secrets on operator upgrade

https://issues.redhat.com/browse/OCPBUGS-35210

Oct 30, 2024
Deprecating channels

This document investigates methods of including channel deprecation metadata in file-based catalogs (FBCs) and the potential side effects of the different approaches. You can track the progress of this investigation on the OLM Jira board: https://issues.redhat.com/browse/OLM-2707. This is meant only for FBC based indices, not for SQLite.

Oct 3, 2024
catalogd states

catalogd states

Sep 11, 2024
Read more from OLM
Published on HackMD