OpenShift 4.6方式下OperatorHub的变化

OpenShift 4.6版本下OperatorHub新增了opm命令,用于在OperatorHub中添加客户化的index image 或者删除已有的组件,形成新的index image.

因为添加需要准备Operator的Bundle,所以相对比较麻烦,这里验证了一个做离线OperatorHub经常用的场景,就是删除,然后准备下载的mapping文件。

1.下载opm

因为opm依赖于glibc-2.28的包,而这个包只有在rhel8环境下才有,所以建议安装rhel8,然后按照下面命令下载

oc image extract registry.redhat.io/openshift4/ose-operator-registry:v4.6    --path /usr/bin/opm:.     --confirm

如果觉得比较慢,可以先下载到本地,然后再extract
podman pull registry.redhat.io/openshift4/ose-operator-registry:v4.6  

podman tag registry.redhat.io/openshift4/ose-operator-registry:v4.6 registry.example.com:5443/openshift4/ose-operator-registry:v4.6

podman push registry.example.com:5443/openshift4/ose-operator-registry:v4.6

oc image extract registry.example.com:5443/openshift4/ose-operator-registry:v4.6    --path /usr/bin/opm:.     --confirm

 

chmod +x ./opm

mv ./opm /usr/local/bin/

 

2.了解需要下载的Operator的名称

这个比较重要,否则只能靠猜了

[root@registry 4.6]# podman run -p50051:50051 \
>     -it registry.redhat.io/redhat/redhat-operator-index:v4.6
WARN[0000] unable to set termination log path            error="open /dev/termination-log: permission denied"
INFO[0000] serving registry                              database=/database/index.db port=50051

然后通过grpcurl

[root@registry 4.6]# grpcurl -plaintext localhost:50051 api.Registry/ListPackages > packages.out

会形成一个packages.out文件,打开再里面找自己需要的Operator

{
  "name": "3scale-operator"
}
{
  "name": "advanced-cluster-management"
}
{
  "name": "amq-broker"
}
{
  "name": "amq-broker-lts"
}
{
  "name": "amq-online"
}
{
  "name": "amq-streams"
}
{
  "name": "amq7-interconnect-operator"
}

3.选择需要的Operator形成新的index images

比如我需要安装service mesh, cluster-logging功能的,那需要把相关的jaeger,elasticsearch, kiali的组件都下载下来。

 

opm index prune     -f registry.example.com:5443/redhat/redhat-operator-index:v4.6     -p servicemeshoperator,cluster-logging,elasticsearch-operator,jaeger-product,kiali-ossm     -t registry.example.com:5443/redhat/redhat-operator-index:my1v4.6
......

INFO[0017] input has been sanitized                      pkg=service-registry-operator
INFO[0017] packages: [service-registry-operator]         pkg=service-registry-operator
INFO[0017] deleting packages                             pkg=sriov-network-operator
INFO[0017] input has been sanitized                      pkg=sriov-network-operator
INFO[0017] packages: [sriov-network-operator]            pkg=sriov-network-operator
INFO[0017] deleting packages                             pkg=vertical-pod-autoscaler
INFO[0017] input has been sanitized                      pkg=vertical-pod-autoscaler
INFO[0017] packages: [vertical-pod-autoscaler]           pkg=vertical-pod-autoscaler
INFO[0017] deleting packages                             pkg=web-terminal
INFO[0017] input has been sanitized                      pkg=web-terminal
INFO[0017] packages: [web-terminal]                      pkg=web-terminal
INFO[0017] Generating dockerfile                         packages="[servicemeshoperator cluster-logging elasticsearch-operator jaeger-product kiali-ossm]"
INFO[0017] writing dockerfile: index.Dockerfile451780153  packages="[servicemeshoperator cluster-logging elasticsearch-operator jaeger-product kiali-ossm]"
INFO[0017] running podman build                          packages="[servicemeshoperator cluster-logging elasticsearch-operator jaeger-product kiali-ossm]"
INFO[0017] [podman build --format docker -f index.Dockerfile451780153 -t registry.example.com:5443/redhat/redhat-operator-index:my1v4.6 .]  packages="[servicemeshoperator cluster-logging elasticsearch-operator jaeger-product kiali-ossm]"

 

形成新的镜像在本地,需要然后push到镜像仓库去。

podman push registry.example.com:5443/redhat/redhat-operator-index:my1v4.6
Getting image source signatures
Copying blob 89c36445dd4e done  
Copying blob ace0eda3e3be skipped: already exists  
Copying blob fbe39d558281 skipped: already exists  
Copying blob e105a1e44712 skipped: already exists  
Copying blob 371d4702865c skipped: already exists  
Copying blob 4570b0d18853 skipped: already exists  
Copying config 3bc89f122d done  
Writing manifest to image destination
Storing signatures

 

4.拿下来验证一下

[root@registry 4.6]oc adm  catalog mirror  --manifests-only  registry.example.com:5443/redhat/redhat-operator-index:my1v4.6   registry.example.com:5443  --insecure
src image has index label for database path: /database/index.db
using database path mapping: /database/index.db:/tmp/439829874
wrote database to /tmp/439829874
using database at: /tmp/439829874/index.db
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.10, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.12, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7:1.12.7, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.12.7, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.6, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7:1.0.8, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.9, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.7, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.11, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/distributed-tracing/jaeger-rhel7-operator:1.13.2, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.8, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7:1.0.7, skip writing to ImageContentSourcePolicy
no digest mapping available for registry.redhat.io/openshift-service-mesh/kiali-rhel7-operator:1.0.5, skip writing to ImageContentSourcePolicy
wrote mirroring manifests to redhat-operator-index-manifests

忽略告警信息,进入redhat-operator-index-manifests目录,发现确实在mapping文件中已经只剩下我们需要的几个Operator了

遗憾的是也还有360多行,和之前手工做的模式差不多。

 

posted @ 2020-11-30 17:47  ericnie  阅读(264)  评论(0编辑  收藏