Jump To Close Expand all Collapse all Table of contents Operators 1. Understanding Operators Expand section "1. Understanding Operators" Collapse section "1. Understanding Operators" 1.1. What are Operators? Expand section "1.1. What are Operators?" Collapse section "1.1. What are Operators?" 1.1.1. Why use Operators? 1.1.2. Operator Framework 1.1.3. Operator maturity model 1.2. Operator Framework glossary of common terms Expand section "1.2. Operator Framework glossary of common terms" Collapse section "1.2. Operator Framework glossary of common terms" 1.2.1. Common Operator Framework terms Expand section "1.2.1. Common Operator Framework terms" Collapse section "1.2.1. Common Operator Framework terms" 1.2.1.1. Bundle 1.2.1.2. Bundle image 1.2.1.3. Catalog source 1.2.1.4. Catalog image 1.2.1.5. Channel 1.2.1.6. Channel head 1.2.1.7. Cluster service version 1.2.1.8. Dependency 1.2.1.9. Index image 1.2.1.10. Install plan 1.2.1.11. Operator group 1.2.1.12. Package 1.2.1.13. Registry 1.2.1.14. Subscription 1.2.1.15. Update graph 1.3. Operator Framework packaging formats Expand section "1.3. Operator Framework packaging formats" Collapse section "1.3. Operator Framework packaging formats" 1.3.1. Package Manifest Format 1.3.2. Bundle Format Expand section "1.3.2. Bundle Format" Collapse section "1.3.2. Bundle Format" 1.3.2.1. Manifests 1.3.2.2. Annotations 1.3.2.3. Dependencies 1.3.2.4. opm CLI 1.4. Operator Lifecycle Manager (OLM) Expand section "1.4. Operator Lifecycle Manager (OLM)" Collapse section "1.4. Operator Lifecycle Manager (OLM)" 1.4.1. Operator Lifecycle Manager concepts Expand section "1.4.1. Operator Lifecycle Manager concepts" Collapse section "1.4.1. Operator Lifecycle Manager concepts" 1.4.1.1. What is Operator Lifecycle Manager? 1.4.1.2. OLM resources Expand section "1.4.1.2. OLM resources" Collapse section "1.4.1.2. OLM resources" 1.4.1.2.1. Cluster service version 1.4.1.2.2. Catalog source 1.4.1.2.3. Subscription 1.4.1.2.4. Install plan 1.4.1.2.5. Operator groups 1.4.2. Operator Lifecycle Manager architecture Expand section "1.4.2. Operator Lifecycle Manager architecture" Collapse section "1.4.2. Operator Lifecycle Manager architecture" 1.4.2.1. Component responsibilities 1.4.2.2. OLM Operator 1.4.2.3. Catalog Operator 1.4.2.4. Catalog Registry 1.4.3. Operator Lifecycle Manager workflow Expand section "1.4.3. Operator Lifecycle Manager workflow" Collapse section "1.4.3. Operator Lifecycle Manager workflow" 1.4.3.1. Operator installation and upgrade workflow in OLM Expand section "1.4.3.1. Operator installation and upgrade workflow in OLM" Collapse section "1.4.3.1. Operator installation and upgrade workflow in OLM" 1.4.3.1.1. Example upgrade path 1.4.3.1.2. Skipping upgrades 1.4.3.1.3. Replacing multiple Operators 1.4.3.1.4. Z-stream support 1.4.4. Operator Lifecycle Manager dependency resolution Expand section "1.4.4. Operator Lifecycle Manager dependency resolution" Collapse section "1.4.4. Operator Lifecycle Manager dependency resolution" 1.4.4.1. About dependency resolution 1.4.4.2. CRD upgrades Expand section "1.4.4.2. CRD upgrades" Collapse section "1.4.4.2. CRD upgrades" 1.4.4.2.1. Adding a new CRD version 1.4.4.2.2. Deprecating or removing a CRD version 1.4.4.3. Example dependency resolution scenarios 1.4.5. Operator groups Expand section "1.4.5. Operator groups" Collapse section "1.4.5. Operator groups" 1.4.5.1. About Operator groups 1.4.5.2. Operator group membership 1.4.5.3. Target namespace selection 1.4.5.4. Operator group CSV annotations 1.4.5.5. Provided APIs annotation 1.4.5.6. Role-based access control 1.4.5.7. Copied CSVs 1.4.5.8. Static Operator groups 1.4.5.9. Operator group intersection 1.4.5.10. Troubleshooting Operator groups 1.4.6. Operator Lifecycle Manager metrics Expand section "1.4.6. Operator Lifecycle Manager metrics" Collapse section "1.4.6. Operator Lifecycle Manager metrics" 1.4.6.1. Exposed metrics 1.5. Understanding OperatorHub Expand section "1.5. Understanding OperatorHub" Collapse section "1.5. Understanding OperatorHub" 1.5.1. About OperatorHub 1.5.2. OperatorHub architecture Expand section "1.5.2. OperatorHub architecture" Collapse section "1.5.2. OperatorHub architecture" 1.5.2.1. OperatorHub CRD 1.5.2.2. OperatorSource CRD 1.5.3. Additional resources 1.6. CRDs Expand section "1.6. CRDs" Collapse section "1.6. CRDs" 1.6.1. Extending the Kubernetes API with custom resource definitions Expand section "1.6.1. Extending the Kubernetes API with custom resource definitions" Collapse section "1.6.1. Extending the Kubernetes API with custom resource definitions" 1.6.1.1. Custom resource definitions 1.6.1.2. Creating a custom resource definition 1.6.1.3. Creating cluster roles for custom resource definitions 1.6.1.4. Creating custom resources from a file 1.6.1.5. Inspecting custom resources 1.6.2. Managing resources from custom resource definitions Expand section "1.6.2. Managing resources from custom resource definitions" Collapse section "1.6.2. Managing resources from custom resource definitions" 1.6.2.1. Custom resource definitions 1.6.2.2. Creating custom resources from a file 1.6.2.3. Inspecting custom resources 2. User tasks Expand section "2. User tasks" Collapse section "2. User tasks" 2.1. Creating applications from installed Operators Expand section "2.1. Creating applications from installed Operators" Collapse section "2.1. Creating applications from installed Operators" 2.1.1. Creating an etcd cluster using an Operator 2.2. Installing Operators in your namespace Expand section "2.2. Installing Operators in your namespace" Collapse section "2.2. Installing Operators in your namespace" 2.2.1. Prerequisites 2.2.2. Operator installation with OperatorHub 2.2.3. Installing from OperatorHub using the web console 2.2.4. Installing from OperatorHub using the CLI 2.2.5. Installing a specific version of an Operator 2.3. Managing admission webhooks in Operator Lifecycle Manager Expand section "2.3. Managing admission webhooks in Operator Lifecycle Manager" Collapse section "2.3. Managing admission webhooks in Operator Lifecycle Manager" 2.3.1. Defining webhooks in a CSV 2.3.2. Webhook considerations 2.3.3. Additional resources 3. Administrator tasks Expand section "3. Administrator tasks" Collapse section "3. Administrator tasks" 3.1. Adding Operators to a cluster Expand section "3.1. Adding Operators to a cluster" Collapse section "3.1. Adding Operators to a cluster" 3.1.1. Operator installation with OperatorHub 3.1.2. Installing from OperatorHub using the web console 3.1.3. Installing from OperatorHub using the CLI 3.1.4. Installing a specific version of an Operator 3.2. Upgrading installed Operators Expand section "3.2. Upgrading installed Operators" Collapse section "3.2. Upgrading installed Operators" 3.2.1. Changing the update channel for an Operator 3.2.2. Manually approving a pending Operator upgrade 3.3. Deleting Operators from a cluster Expand section "3.3. Deleting Operators from a cluster" Collapse section "3.3. Deleting Operators from a cluster" 3.3.1. Deleting Operators from a cluster using the web console 3.3.2. Deleting Operators from a cluster using the CLI 3.4. Configuring proxy support in Operator Lifecycle Manager Expand section "3.4. Configuring proxy support in Operator Lifecycle Manager" Collapse section "3.4. Configuring proxy support in Operator Lifecycle Manager" 3.4.1. Overriding proxy settings of an Operator 3.4.2. Injecting a custom CA certificate 3.5. Viewing Operator status Expand section "3.5. Viewing Operator status" Collapse section "3.5. Viewing Operator status" 3.5.1. Operator subscription condition types 3.5.2. Viewing Operator subscription status using the CLI 3.6. Allowing non-cluster administrators to install Operators Expand section "3.6. Allowing non-cluster administrators to install Operators" Collapse section "3.6. Allowing non-cluster administrators to install Operators" 3.6.1. Understanding Operator installation policy Expand section "3.6.1. Understanding Operator installation policy" Collapse section "3.6.1. Understanding Operator installation policy" 3.6.1.1. Installation scenarios 3.6.1.2. Installation workflow 3.6.2. Scoping Operator installations Expand section "3.6.2. Scoping Operator installations" Collapse section "3.6.2. Scoping Operator installations" 3.6.2.1. Fine-grained permissions 3.6.3. Troubleshooting permission failures 3.7. Managing custom catalogs Expand section "3.7. Managing custom catalogs" Collapse section "3.7. Managing custom catalogs" 3.7.1. Custom catalogs using Package Manifest Format Expand section "3.7.1. Custom catalogs using Package Manifest Format" Collapse section "3.7.1. Custom catalogs using Package Manifest Format" 3.7.1.1. Understanding Operator catalog images 3.7.1.2. Building an Operator catalog image 3.7.1.3. Mirroring an Operator catalog image 3.7.1.4. Updating an Operator catalog image 3.7.1.5. Testing an Operator catalog image 3.7.2. Custom catalogs using Bundle Format Expand section "3.7.2. Custom catalogs using Bundle Format" Collapse section "3.7.2. Custom catalogs using Bundle Format" 3.7.2.1. opm CLI 3.7.2.2. Installing opm 3.7.2.3. Creating an index image 3.7.2.4. Creating a catalog from an index image 3.7.2.5. Updating an index image 3.8. Using Operator Lifecycle Manager on restricted networks Expand section "3.8. Using Operator Lifecycle Manager on restricted networks" Collapse section "3.8. Using Operator Lifecycle Manager on restricted networks" 3.8.1. Understanding Operator catalog images 3.8.2. Building an Operator catalog image 3.8.3. Configuring OperatorHub for restricted networks 3.8.4. Updating an Operator catalog image 3.8.5. Testing an Operator catalog image 4. Developing Operators Expand section "4. Developing Operators" Collapse section "4. Developing Operators" 4.1. Getting started with the Operator SDK Expand section "4.1. Getting started with the Operator SDK" Collapse section "4.1. Getting started with the Operator SDK" 4.1.1. Architecture of the Operator SDK Expand section "4.1.1. Architecture of the Operator SDK" Collapse section "4.1.1. Architecture of the Operator SDK" 4.1.1.1. Workflow 4.1.1.2. Manager file 4.1.1.3. Prometheus Operator support 4.1.2. Installing the Operator SDK CLI Expand section "4.1.2. Installing the Operator SDK CLI" Collapse section "4.1.2. Installing the Operator SDK CLI" 4.1.2.1. Installing from GitHub release 4.1.2.2. Installing from Homebrew 4.1.2.3. Compiling and installing from source 4.1.3. Building a Go-based Operator using the Operator SDK 4.1.4. Managing a Go-based Operator using Operator Lifecycle Manager 4.1.5. Additional resources 4.2. Creating Ansible-based Operators Expand section "4.2. Creating Ansible-based Operators" Collapse section "4.2. Creating Ansible-based Operators" 4.2.1. Ansible support in the Operator SDK Expand section "4.2.1. Ansible support in the Operator SDK" Collapse section "4.2.1. Ansible support in the Operator SDK" 4.2.1.1. Custom resource files 4.2.1.2. watches.yaml file Expand section "4.2.1.2. watches.yaml file" Collapse section "4.2.1.2. watches.yaml file" 4.2.1.2.1. Advanced options 4.2.1.3. Extra variables sent to Ansible 4.2.1.4. Ansible Runner directory 4.2.2. Installing the Operator SDK CLI Expand section "4.2.2. Installing the Operator SDK CLI" Collapse section "4.2.2. Installing the Operator SDK CLI" 4.2.2.1. Installing from GitHub release 4.2.2.2. Installing from Homebrew 4.2.2.3. Compiling and installing from source 4.2.3. Building an Ansible-based Operator using the Operator SDK 4.2.4. Managing application lifecycle using the k8s Ansible module Expand section "4.2.4. Managing application lifecycle using the k8s Ansible module" Collapse section "4.2.4. Managing application lifecycle using the k8s Ansible module" 4.2.4.1. Installing the k8s Ansible module 4.2.4.2. Testing the k8s Ansible module locally 4.2.4.3. Testing the k8s Ansible module inside an Operator Expand section "4.2.4.3. Testing the k8s Ansible module inside an Operator" Collapse section "4.2.4.3. Testing the k8s Ansible module inside an Operator" 4.2.4.3.1. Testing an Ansible-based Operator locally 4.2.4.3.2. Testing an Ansible-based Operator on a cluster 4.2.5. Managing custom resource status using the operator_sdk.util Ansible collection 4.2.6. Additional resources 4.3. Creating Helm-based Operators Expand section "4.3. Creating Helm-based Operators" Collapse section "4.3. Creating Helm-based Operators" 4.3.1. Helm chart support in the Operator SDK 4.3.2. Installing the Operator SDK CLI Expand section "4.3.2. Installing the Operator SDK CLI" Collapse section "4.3.2. Installing the Operator SDK CLI" 4.3.2.1. Installing from GitHub release 4.3.2.2. Installing from Homebrew 4.3.2.3. Compiling and installing from source 4.3.3. Building a Helm-based Operator using the Operator SDK 4.3.4. Additional resources 4.4. Generating a cluster service version (CSV) Expand section "4.4. Generating a cluster service version (CSV)" Collapse section "4.4. Generating a cluster service version (CSV)" 4.4.1. How CSV generation works 4.4.2. CSV composition configuration 4.4.3. Manually-defined CSV fields 4.4.4. Generating a CSV 4.4.5. Enabling your Operator for restricted network environments 4.4.6. Enabling your Operator for multiple architectures and operating systems Expand section "4.4.6. Enabling your Operator for multiple architectures and operating systems" Collapse section "4.4.6. Enabling your Operator for multiple architectures and operating systems" 4.4.6.1. Architecture and operating system support for Operators 4.4.7. Setting a suggested namespace 4.4.8. Understanding your custom resource definitions (CRDs) Expand section "4.4.8. Understanding your custom resource definitions (CRDs)" Collapse section "4.4.8. Understanding your custom resource definitions (CRDs)" 4.4.8.1. Owned CRDs 4.4.8.2. Required CRDs 4.4.8.3. CRD templates 4.4.8.4. Hiding internal objects 4.4.9. Understanding your API services Expand section "4.4.9. Understanding your API services" Collapse section "4.4.9. Understanding your API services" 4.4.9.1. Owned API services Expand section "4.4.9.1. Owned API services" Collapse section "4.4.9.1. Owned API services" 4.4.9.1.1. API service resource creation 4.4.9.1.2. API service serving certificates 4.4.9.2. Required API services 4.5. Working with bundle images Expand section "4.5. Working with bundle images" Collapse section "4.5. Working with bundle images" 4.5.1. Building a bundle image 4.5.2. Additional resources 4.6. Validating Operators using the scorecard Expand section "4.6. Validating Operators using the scorecard" Collapse section "4.6. Validating Operators using the scorecard" 4.6.1. About the scorecard tool 4.6.2. Scorecard configuration Expand section "4.6.2. Scorecard configuration" Collapse section "4.6.2. Scorecard configuration" 4.6.2.1. Configuration file 4.6.2.2. Command arguments 4.6.2.3. Configuration file options Expand section "4.6.2.3. Configuration file options" Collapse section "4.6.2.3. Configuration file options" 4.6.2.3.1. Basic and OLM plug-ins 4.6.3. Tests performed Expand section "4.6.3. Tests performed" Collapse section "4.6.3. Tests performed" 4.6.3.1. Basic plug-in 4.6.3.2. OLM plug-in 4.6.4. Running the scorecard 4.6.5. Running the scorecard with an OLM-managed Operator 4.7. Configuring built-in monitoring with Prometheus Expand section "4.7. Configuring built-in monitoring with Prometheus" Collapse section "4.7. Configuring built-in monitoring with Prometheus" 4.7.1. Prometheus Operator support 4.7.2. Metrics helper Expand section "4.7.2. Metrics helper" Collapse section "4.7.2. Metrics helper" 4.7.2.1. Modifying the metrics port 4.7.3. Service monitors Expand section "4.7.3. Service monitors" Collapse section "4.7.3. Service monitors" 4.7.3.1. Creating service monitors 4.8. Configuring leader election Expand section "4.8. Configuring leader election" Collapse section "4.8. Configuring leader election" 4.8.1. Using Leader-for-life election 4.8.2. Using Leader-with-lease election 4.9. Operator SDK CLI reference Expand section "4.9. Operator SDK CLI reference" Collapse section "4.9. Operator SDK CLI reference" 4.9.1. build 4.9.2. completion 4.9.3. print-deps 4.9.4. generate Expand section "4.9.4. generate" Collapse section "4.9.4. generate" 4.9.4.1. crds 4.9.4.2. csv 4.9.4.3. k8s 4.9.5. new 4.9.6. add 4.9.7. test Expand section "4.9.7. test" Collapse section "4.9.7. test" 4.9.7.1. local 4.9.8. run Expand section "4.9.8. run" Collapse section "4.9.8. run" 4.9.8.1. --local 4.10. Appendices Expand section "4.10. Appendices" Collapse section "4.10. Appendices" 4.10.1. Operator project scaffolding layout Expand section "4.10.1. Operator project scaffolding layout" Collapse section "4.10.1. Operator project scaffolding layout" 4.10.1.1. Go-based projects 4.10.1.2. Helm-based projects 5. Red Hat Operators Expand section "5. Red Hat Operators" Collapse section "5. Red Hat Operators" 5.1. Cloud Credential Operator 5.2. Cluster Authentication Operator 5.3. Cluster Autoscaler Operator 5.4. Cluster Image Registry Operator 5.5. Cluster Monitoring Operator 5.6. Cluster Network Operator 5.7. OpenShift Controller Manager Operator 5.8. Cluster Samples Operator 5.9. Cluster Storage Operator 5.10. Cluster Version Operator 5.11. Console Operator 5.12. DNS Operator 5.13. etcd cluster Operator 5.14. Ingress Operator 5.15. Kubernetes API Server Operator 5.16. Kubernetes Controller Manager Operator 5.17. Kubernetes Scheduler Operator 5.18. Machine API Operator 5.19. Machine Config Operator 5.20. Marketplace Operator 5.21. Node Tuning Operator 5.22. Operator Lifecycle Manager Operators 5.23. OpenShift API Server Operator 5.24. Prometheus Operator 法律通告 Settings Close Language: 简体中文 日本語 English Language: 简体中文 日本語 English Format: Multi-page Single-page Format: Multi-page Single-page Language and Page Formatting Options Language: 简体中文 日本語 English Language: 简体中文 日本語 English Format: Multi-page Single-page Format: Multi-page Single-page 5.2. Cluster Authentication Operator Purpose The Cluster Authentication Operator installs and maintains the Authentication custom resource in a cluster and can be viewed with: $ oc get clusteroperator authentication -o yamlProject cluster-authentication-operator Previous Next