Installing the API K8s Operator¶
Follow the instructions given below to install and set up the API K8s Operator in your Kubernetes environment.
Before you begin¶
- Install kubectl.
-
Setup a Kubernetes cluster v1.14 or above.
- Minimum CPU : 2vCPU
- Minimum Memory : 2GB
Alternatively, you can run Kubernetes locally via Minikube.
Install the API K8s Operator in Standalone mode¶
Follow the steps given below to install the operator in standalone mode.
-
Install the API Operator:
kubectl apply -f https://github.com/wso2/k8s-api-operator/releases/download/2.0.2/api-operator-configs.yaml -
Verify the installation:
kubectl get pods Output: NAME READY STATUS RESTARTS AGE api-operator-776c79b5f6-c9n9n 1/1 Running 0 56s
Install K8s API Operator using OperatorHub.io¶
For information, see the installation instructions in the OperatorHub.io.
Install API K8s Operator in Cluster mode¶
By default, the K8s API operator is configured to watch the deployed namespace. That is, if the API Operator runs on the default namespace, it can only watch the custom resources that are deployed in the default namespace. By deploying in cluster mode, the API Operator is able to watch all the custom resources in all the namespaces.
-
Deploy the
ClusterRole:apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: api-operator rules: - apiGroups: - "" resources: - pods - services - endpoints - persistentvolumeclaims - events - configmaps - secrets - ingresses verbs: - '*' - apiGroups: - apps resources: - deployments - daemonsets - replicasets - statefulsets - ingresses verbs: - '*' - apiGroups: - monitoring.coreos.com resources: - servicemonitors verbs: - get - create - apiGroups: - apps resourceNames: - api-operator resources: - deployments/finalizers verbs: - update - apiGroups: - wso2.com resources: - '*' - ratelimitings - targetendpoints - securities - integrations verbs: - '*' - apiGroups: - batch resources: - '*' verbs: - '*' - apiGroups: - autoscaling resources: - '*' verbs: - '*' - apiGroups: - extensions - networking.k8s.io resources: - ingresses - ingress - ingressclasses verbs: - '*' - apiGroups: - serving.knative.dev resources: - '*' verbs: - get - list - create - update - delete - patch - watch - apiGroups: - route.openshift.io resources: - '*' verbs: - get - list - create - update - delete - patch - watch - apiGroups: - networking.istio.io resources: - '*' verbs: - get - list - create - update - delete - patch - watch -
Deploy the
ClusterRoleBinding:Be sure to replace
<OPERATOR_DEPLOYED_NAMESPACE>with the correct value.kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: api-operator subjects: - kind: ServiceAccount name: api-operator # Replace this with the namespace the operator is deployed in. namespace: <OPERATOR_DEPLOYED_NAMESPACE> roleRef: kind: ClusterRole name: api-operator apiGroup: rbac.authorization.k8s.io -
Update API operator to watch the cluster:
If the operator is already running in the Kubernetes cluster, use the following command to set the
WATCH_CLUSTER_LEVELconfiguration to true in the API operator deployment.kubectl set env deployment/api-operator WATCH_CLUSTER_LEVEL=true