Chapter 3. Provisioning 3scale services and configurations via the operator (Capabilities)

3.1. Introduction

This document provides information about provisioning 3scale services and configurations via the 3scale operator.


The 3scale operator is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope.

3.1.1. Prerequisites

  • A 3scale 2.5 On-Premises instance
  • You must have the 3scale operator installed.
  • OpenShift Container Platform 3.11

    • A user account with administrator privileges in the OpenShift cluster

When using the operator to update API configurations in 3scale, the custom resource definitions (CRDs) are the source of truth. If changes are made in the Admin UI, they will not persist and eventually be overridden by the definition in the CRD.

3.3. Deploying optional tenants custom resource

Optionally, you may create other tenants deploying Tenant custom resource objects.

  1. Deploy a new tenant in your 3scale instance by creating a secret to store the administrator password:

    $ cat ecorp-admin-secret.yaml
    apiVersion: v1
    kind: Secret
      name: ecorp-admin-secret
    type: Opaque
      admin_password: <admin password value>
    $ oc create -f ecorp-admin-secret.yaml
    secret/ecorp-admin-secret created
  2. Create a new tenant CR YAML file with the following content:

    kind: Tenant
      name: ecorp-tenant
      username: admin
      systemMasterUrl: https://master.<wildcardDomain>
      organizationName: ECorp
        name: system-seed
        name: ecorp-admin-secret
        name: ecorp-tenant-secret
        namespace: operator-test

    For more information about the Tenant Custom Resource fields and possible values, refer to the Tenant CRD Reference documentation.

    export NAMESPACE="operator-test"
    oc project ${NAMESPACE}
    oc create -f <yaml-name>
    1. This should trigger the creation of a new tenant in your 3scale solution in the operator-test project.

Tenant provider_key and admin domain URL will be stored in a secret. You can specify the secret location by using tenantSecretRef tenant spec key.

3.4. Deleting created custom resources


Deleting the APIManager will delete the 3scale installation.

  • Delete the APIManager custom resource and the 3scale solution elements that have been deployed from it.

    • Deleting the APIManager will delete all 3scale related objects in where it has been deployed:

      oc delete -f <yaml-name-of-the-apimanager-custom-resource>
  • Delete the 3scale operator, its associated roles and service accounts.

    oc delete -f deploy/operator.yaml
    oc delete -f deploy/role_binding.yaml
    oc delete -f deploy/service_account.yaml
    oc delete -f deploy/role.yaml
  • Delete the APIManager and Capabilities related CRDs.

    oc delete -f deploy/crds/