Specifying images for "disconnected mode"
117 views
Skip to first unread message
Marcin Owsiany
Apr 26, 2021, 7:10:56 AM4/26/21
to Operator Framework
Hi,
I found a couple of references in the documentation about the fact that special care should be taken with regard to image names when it comes to support for running an operator in "air-gapped" mode:
- https://docs.openshift.com/container-platform/4.7/operators/operator_sdk/osdk-generating-csvs.html#olm-enabling-operator-for-restricted-network_osdk-generating-csvs
- https://redhat-connect.gitbook.io/certified-operator-guide/troubleshooting-and-resources/offline-enabled-operators#golang-operators and the following section.
I guess that the idea here is that given the relatedImages metadata and an environment variable naming convention for CSV spec.install.spec.deployments[].spec.template.spec.containers[].env[].name, a user or cluster admin will be able to override the images at runtime via some OLM UI? However I still don't get how exactly this is supposed to work. Is there some more comprehensive documentation on this topic that I missed?
thanks,
Marcin
Chris Johnson
Apr 26, 2021, 11:31:51 AM4/26/21
to Operator Framework
I think there are a couple of use cases:
1. The Operator Certification pipeline will update your CSV's related images if they find a need to rebuild your image due to a CVE, for example.
2. The Customer can update the CSV (post deployment) via the YAML editor and update some of the related images (e.g. operand images) in the case of a Hotfix needed. OLM will NOT attempt to re-reconcile the CSV once installed.
We are adding some test cases to ensure that this hotfix behavior doesn't change, but it looks like the doc never was updated.
Marcin Owsiany
Apr 27, 2021, 5:25:55 AM4/27/21
to Chris Johnson, Operator Framework
I guess what I'm asking is: does it matter what the names are? I mean the name of the environment variable in deployment spec, or the name field of the relatedImages list?
As operator developer, do I need to adhere to any naming conventions for the pipeline to be able to connect the dots?
--
You received this message because you are subscribed to a topic in the Google Groups "Operator Framework" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/operator-framework/UthA2zQMfmw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to operator-framew...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework/8845319b-8eb5-4a86-8b26-568995d737ban%40googlegroups.com.
Daniel Messer
Apr 27, 2021, 7:59:31 AM4/27/21
to Marcin Owsiany, Chris Johnson, Operator Framework
There is no naming convention that matters. The environment variables are mainly a convenience piece to easily allow overriding images used. In disconnected environments transparent image pull spec rewriting is occurring at the container runtime layer to point to an internal / offline registry. The list of images to mirror into this offline registry was obtained for the spec.relatedImages list.
You received this message because you are subscribed to the Google Groups "Operator Framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to operator-framew...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework/CAJY8AU6y2JzYjRrc5Hi30ZsQZz4%3DW9S6uN4KkTfvsdeNH34UOA%40mail.gmail.com.
Daniel Messer
Product Manager Operator Framework & Quay
Red Hat OpenShift
Reply all
Reply to author
Forward
0 new messages