From ae3294aaf9e72ad3fbb25d860fd795c085af0234 Mon Sep 17 00:00:00 2001 From: John Mazzitelli Date: Mon, 11 Dec 2023 10:00:03 -0500 Subject: [PATCH] [kiali] update kiali Signed-off-by: John Mazzitelli --- operators/kiali/1.77.0/bundle.Dockerfile | 11 + .../kiali/1.77.0/manifests/kiali.crd.yaml | 24 + .../kiali.v1.77.0.clusterserviceversion.yaml | 599 +++++++++++++++++ .../1.77.0/manifests/ossmconsole.crd.yaml | 25 + .../kiali/1.77.0/metadata/annotations.yaml | 7 + operators/kiali/1.78.0/bundle.Dockerfile | 11 + .../kiali/1.78.0/manifests/kiali.crd.yaml | 24 + .../kiali.v1.78.0.clusterserviceversion.yaml | 604 ++++++++++++++++++ .../1.78.0/manifests/ossmconsole.crd.yaml | 25 + .../kiali/1.78.0/metadata/annotations.yaml | 7 + 10 files changed, 1337 insertions(+) create mode 100644 operators/kiali/1.77.0/bundle.Dockerfile create mode 100644 operators/kiali/1.77.0/manifests/kiali.crd.yaml create mode 100644 operators/kiali/1.77.0/manifests/kiali.v1.77.0.clusterserviceversion.yaml create mode 100644 operators/kiali/1.77.0/manifests/ossmconsole.crd.yaml create mode 100644 operators/kiali/1.77.0/metadata/annotations.yaml create mode 100644 operators/kiali/1.78.0/bundle.Dockerfile create mode 100644 operators/kiali/1.78.0/manifests/kiali.crd.yaml create mode 100644 operators/kiali/1.78.0/manifests/kiali.v1.78.0.clusterserviceversion.yaml create mode 100644 operators/kiali/1.78.0/manifests/ossmconsole.crd.yaml create mode 100644 operators/kiali/1.78.0/metadata/annotations.yaml diff --git a/operators/kiali/1.77.0/bundle.Dockerfile b/operators/kiali/1.77.0/bundle.Dockerfile new file mode 100644 index 00000000000..8da943083bc --- /dev/null +++ b/operators/kiali/1.77.0/bundle.Dockerfile @@ -0,0 +1,11 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=kiali +LABEL operators.operatorframework.io.bundle.channels.v1=alpha,stable +LABEL operators.operatorframework.io.bundle.channel.default.v1=stable + +COPY manifests /manifests/ +COPY metadata /metadata/ diff --git a/operators/kiali/1.77.0/manifests/kiali.crd.yaml b/operators/kiali/1.77.0/manifests/kiali.crd.yaml new file mode 100644 index 00000000000..4f364831826 --- /dev/null +++ b/operators/kiali/1.77.0/manifests/kiali.crd.yaml @@ -0,0 +1,24 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kialis.kiali.io + labels: + app: kiali-operator +spec: + group: kiali.io + names: + kind: Kiali + listKind: KialiList + plural: kialis + singular: kiali + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true diff --git a/operators/kiali/1.77.0/manifests/kiali.v1.77.0.clusterserviceversion.yaml b/operators/kiali/1.77.0/manifests/kiali.v1.77.0.clusterserviceversion.yaml new file mode 100644 index 00000000000..0fb76910ea5 --- /dev/null +++ b/operators/kiali/1.77.0/manifests/kiali.v1.77.0.clusterserviceversion.yaml @@ -0,0 +1,599 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: kiali-operator.v1.77.0 + namespace: placeholder + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.s390x: supported + operatorframework.io/arch.ppc64le: supported + operatorframework.io/arch.arm64: supported + annotations: + olm.skipRange: '>=1.0.0 <1.77.0' + categories: Monitoring,Logging & Tracing + certified: "false" + containerImage: quay.io/kiali/kiali-operator:v1.77.0 + capabilities: Deep Insights + support: Kiali + description: "This community operator provides Kiali and OSSMC. Kiali is the Istio observability and management Console. OSSMC is the OpenShift Service Mesh Console plugin, powered by Kiali." + repository: https://github.com/kiali/kiali + createdAt: 2023-11-20T07:13:37Z + alm-examples: |- + [ + { + "apiVersion": "kiali.io/v1alpha1", + "kind": "Kiali", + "metadata": { + "name": "kiali" + }, + "spec": { + "version": "default", + "istio_namespace": "istio-system", + "deployment": { + "logger": { + "log_level": "info" + }, + "view_only_mode": false + } + } + }, + { + "apiVersion": "kiali.io/v1alpha1", + "kind": "OSSMConsole", + "metadata": { + "name": "ossmconsole" + }, + "spec": { + "version": "default", + "kiali": { + "serviceName": "", + "serviceNamespace": "" + } + } + } + ] +spec: + version: 1.77.0 + maturity: stable + replaces: kiali-operator.v1.76.0 + displayName: Kiali Community Operator + description: |- + ## About the managed application + + A Microservice Architecture breaks up the monolith into many smaller pieces + that are composed together. Patterns to secure the communication between + services like fault tolerance (via timeout, retry, circuit breaking, etc.) + have come up as well as distributed tracing to be able to see where calls + are going. + + A service mesh can now provide these services on a platform level and frees + the application writers from those tasks. Routing decisions are done at the + mesh level. + + Kiali works with Istio, in OpenShift or Kubernetes, to visualize the service + mesh topology, to provide visibility into features like circuit breakers, + request rates and more. It offers insights about the mesh components at + different levels, from abstract Applications to Services and Workloads. + + See [https://www.kiali.io](https://www.kiali.io) to read more. + + ### Accessing the UI + + By default, the Kiali operator exposes the Kiali UI as an OpenShift Route. + + If on OpenShift, you can create an OSSMConsole CR to have the operator + install the OpenShift ServiceMesh Console plugin to the OpenShift Console + thus providing an interface directly integrated with the OpenShift Console. + + ## About this Operator + + ### Kiali Custom Resource Configuration Settings + + For quick descriptions of all the settings you can configure in the Kiali + Custom Resource (CR), see + [the kiali.io docs](https://kiali.io/docs/configuration/kialis.kiali.io/). + + ## Prerequisites for enabling this Operator + + Today Kiali works with Istio. So before you install Kiali, you must have + already installed Istio. + If you already have Kiali in your Istio environment and you want to + install Kiali via the Kiali Operator, uninstall the installed Kiali first. + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIyLjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAxMjgwIDEyODAiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDEyODAgMTI4MDsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMwMTMxNDQ7fQoJLnN0MXtmaWxsOiMwMDkzREQ7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04MTAuOSwxODAuOWMtMjUzLjYsMC00NTkuMSwyMDUuNS00NTkuMSw0NTkuMXMyMDUuNSw0NTkuMSw0NTkuMSw0NTkuMVMxMjcwLDg5My42LDEyNzAsNjQwCgkJUzEwNjQuNSwxODAuOSw4MTAuOSwxODAuOXogTTgxMC45LDEwMjkuMmMtMjE1LDAtMzg5LjItMTc0LjMtMzg5LjItMzg5LjJjMC0yMTUsMTc0LjMtMzg5LjIsMzg5LjItMzg5LjJTMTIwMC4xLDQyNSwxMjAwLjEsNjQwCgkJUzEwMjUuOSwxMDI5LjIsODEwLjksMTAyOS4yeiIvPgoJPHBhdGggY2xhc3M9InN0MSIgZD0iTTY1My4zLDI4NGMtMTM2LjQsNjAuNS0yMzEuNiwxOTcuMS0yMzEuNiwzNTZjMCwxNTguOCw5NS4yLDI5NS41LDIzMS42LDM1NmM5OC40LTg3LjEsMTYwLjQtMjE0LjMsMTYwLjQtMzU2CgkJQzgxMy43LDQ5OC4zLDc1MS42LDM3MS4xLDY1My4zLDI4NHoiLz4KCTxwYXRoIGNsYXNzPSJzdDEiIGQ9Ik0zNTEuOCw2NDBjMC0xMDkuOCwzOC42LTIxMC41LDEwMi44LTI4OS41Yy0zOS42LTE4LjItODMuNi0yOC4zLTEzMC0yOC4zQzE1MC45LDMyMi4yLDEwLDQ2NC41LDEwLDY0MAoJCXMxNDAuOSwzMTcuOCwzMTQuNiwzMTcuOGM0Ni4zLDAsOTAuNC0xMC4xLDEzMC0yOC4zQzM5MC4zLDg1MC41LDM1MS44LDc0OS44LDM1MS44LDY0MHoiLz4KPC9nPgo8L3N2Zz4K + mediatype: image/svg+xml + keywords: ['service-mesh', 'observability', 'monitoring', 'maistra', 'istio'] + maintainers: + - name: Kiali Developers Google Group + email: kiali-dev@googlegroups.com + provider: + name: Kiali + labels: + name: kiali-operator + selector: + matchLabels: + name: kiali-operator + links: + - name: Installation Guide + url: https://www.kiali.io/docs/installation + - name: Features + url: https://www.kiali.io/docs/features + - name: Documentation Home + url: https://www.kiali.io + - name: Blogs and Articles + url: https://medium.com/kialiproject + - name: Server and UI Source Code + url: https://github.com/kiali/kiali + - name: Operator Source Code + url: https://github.com/kiali/kiali-operator + - name: OpenShift Service Mesh Console Code + url: https://github.com/kiali/openshift-servicemesh-plugin + installModes: + - type: OwnNamespace + supported: false + - type: SingleNamespace + supported: false + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + customresourcedefinitions: + owned: + - name: kialis.kiali.io + group: kiali.io + description: A configuration file for a Kiali installation. + displayName: Kiali + kind: Kiali + version: v1alpha1 + resources: + - kind: Deployment + version: apps/v1 + - kind: Pod + version: v1 + - kind: Service + version: v1 + - kind: ConfigMap + version: v1 + - kind: OAuthClient + version: oauth.openshift.io/v1 + - kind: Route + version: route.openshift.io/v1 + - kind: ConsoleLink + version: consolelinks.console.openshift.io/v1 + specDescriptors: + - displayName: Version + description: "The version of the Kiali Server to install. This is specified in the form 'vX.Y'. Check the documentation for the values that are valid and supported. When not specified, or when set to the string 'default', the latest supported version of the Kiali Server will be installed. Default: default" + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Istio Namespace + description: "The namespace where the Istio control plane is installed. Default: istio-system" + path: deployment.istio_namespace + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Log Level + description: "Determines the priority levels of log messages Kiali will output. Typical values are 'info', 'debug', or 'trace'. Default: info" + path: deployment.logger.log_level + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:select:info' + - 'urn:alm:descriptor:com.tectonic.ui:select:debug' + - 'urn:alm:descriptor:com.tectonic.ui:select:trace' + - 'urn:alm:descriptor:com.tectonic.ui:select:warn' + - 'urn:alm:descriptor:com.tectonic.ui:select:error' + - displayName: View Only Mode + description: "When true, Kiali will be in 'view only' mode, allowing the user to view and retrieve management and monitoring data for the service mesh, but not allow the user to modify the service mesh. Default: false" + path: deployment.view_only_mode + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - name: ossmconsoles.kiali.io + group: kiali.io + description: A configuration file for a OpenShift Service Mesh Console installation. + displayName: OpenShift Service Mesh Console + kind: OSSMConsole + version: v1alpha1 + resources: + - kind: Deployment + version: apps/v1 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + specDescriptors: + - displayName: Version + description: "The version of OSSMC to install. This is specified in the form 'vX.Y'. Check the documentation for the values that are valid and supported. When not specified, or when set to the string 'default', the latest supported version of OSSMC will be installed. You must ensure this value is the same as the spec.version field in the Kiali CR that was used to install the Kiali Server, otherwise you are not guaranteed OSSMC will work properly. Default: default" + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Kiali Service Name + description: "The internal Kiali service that the OS Console will use to proxy API calls. If empty, an attempt will be made to auto-discover it from the Kiali OpenShift Route." + path: kiali.serviceName + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Kiali Service Namespace + description: "The namespace where the Kiali service is deployed. If empty, an attempt will be made to auto-discover it from the Kiali OpenShift Route. It will assume that the OpenShift Route and the Kiali service are deployed in the same namespace." + path: kiali.serviceNamespace + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + apiservicedefinitions: {} + install: + strategy: deployment + spec: + deployments: + - name: kiali-operator + spec: + replicas: 1 + selector: + matchLabels: + app: kiali-operator + template: + metadata: + name: kiali-operator + labels: + app: kiali-operator + # required for the operator SDK metric service selector + name: kiali-operator + version: v1.77.0 + app.kubernetes.io/name: kiali-operator + app.kubernetes.io/version: v1.77.0 + app.kubernetes.io/part-of: kiali-operator + annotations: + prometheus.io/scrape: "true" + prometheus.io/path: /metrics + prometheus.io/port: "8080" + spec: + serviceAccountName: kiali-operator + containers: + - name: operator + image: quay.io/kiali/kiali-operator:v1.77.0 + imagePullPolicy: "IfNotPresent" + args: + - "--zap-log-level=info" + - "--leader-election-id=kiali-operator" + - "--watches-file=./watches-os.yaml" + securityContext: + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /tmp/ansible-operator/runner + name: runner + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ALLOW_AD_HOC_KIALI_NAMESPACE + value: "false" + - name: ALLOW_AD_HOC_KIALI_IMAGE + value: "false" + - name: ALLOW_AD_HOC_OSSMCONSOLE_IMAGE + value: "false" + - name: ALLOW_SECURITY_CONTEXT_OVERRIDE + value: "false" + - name: ALLOW_ALL_ACCESSIBLE_NAMESPACES + value: "true" + - name: ACCESSIBLE_NAMESPACES_LABEL + value: "" + - name: PROFILE_TASKS_TASK_OUTPUT_LIMIT + value: "100" + - name: ANSIBLE_DEBUG_LOGS + value: "True" + - name: ANSIBLE_VERBOSITY_KIALI_KIALI_IO + value: "1" + - name: ANSIBLE_VERBOSITY_OSSMCONSOLE_KIALI_IO + value: "1" + - name: ANSIBLE_CONFIG + value: "/etc/ansible/ansible.cfg" + ports: + - name: http-metrics + containerPort: 8080 + resources: + requests: + cpu: "10m" + memory: "64Mi" + volumes: + - name: runner + emptyDir: {} + clusterPermissions: + - rules: + - apiGroups: [""] + resources: + - configmaps + - endpoints + - pods + - serviceaccounts + - services + - services/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: [""] + resources: + - namespaces + verbs: + - get + - list + - patch + - apiGroups: [""] + resources: + - secrets + verbs: + - create + - list + - watch + - apiGroups: [""] + resourceNames: + - cacerts + - istio-ca-secret + resources: + - secrets + verbs: + - get + - apiGroups: [""] + resourceNames: + - kiali-signing-key + resources: + - secrets + verbs: + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["apps"] + resources: + - deployments + - replicasets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["monitoring.coreos.com"] + resources: + - servicemonitors + verbs: + - create + - get + - apiGroups: ["apps"] + resourceNames: + - kiali-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: ["kiali.io"] + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["authorization.k8s.io"] + resources: + - selfsubjectaccessreviews + verbs: + - list + - apiGroups: ["rbac.authorization.k8s.io"] + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["apiextensions.k8s.io"] + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - apiGroups: ["extensions", "networking.k8s.io"] + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["route.openshift.io"] + resources: + - routes + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["oauth.openshift.io"] + resources: + - oauthclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["config.openshift.io"] + resources: + - clusteroperators + verbs: + - list + - watch + - apiGroups: ["config.openshift.io"] + resourceNames: + - kube-apiserver + resources: + - clusteroperators + verbs: + - get + - apiGroups: ["console.openshift.io"] + resources: + - consolelinks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + # The permissions below are for OSSMC operator capabilities + - apiGroups: ["console.openshift.io"] + resources: + - consoleplugins + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["operator.openshift.io"] + resources: + - consoles + verbs: + - get + - list + - patch + - update + - watch + # The permissions below are for Kiali itself; operator needs these so it can escalate when creating Kiali's roles + - apiGroups: [""] + resources: + - configmaps + - endpoints + - pods/log + verbs: + - get + - list + - watch + - apiGroups: [""] + resources: + - namespaces + - pods + - replicationcontrollers + - services + verbs: + - get + - list + - watch + - patch + - apiGroups: [""] + resources: + - pods/portforward + verbs: + - create + - post + - apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - watch + - patch + - apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch + - patch + - apiGroups: + - config.istio.io + - networking.istio.io + - authentication.istio.io + - rbac.istio.io + - security.istio.io + - extensions.istio.io + - telemetry.istio.io + - gateway.networking.k8s.io + resources: ["*"] + verbs: + - get + - list + - watch + - create + - delete + - patch + - apiGroups: ["apps.openshift.io"] + resources: + - deploymentconfigs + verbs: + - get + - list + - watch + - patch + - apiGroups: ["project.openshift.io"] + resources: + - projects + verbs: + - get + - apiGroups: ["route.openshift.io"] + resources: + - routes + verbs: + - get + - apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: + - create + serviceAccountName: kiali-operator diff --git a/operators/kiali/1.77.0/manifests/ossmconsole.crd.yaml b/operators/kiali/1.77.0/manifests/ossmconsole.crd.yaml new file mode 100644 index 00000000000..9975b532297 --- /dev/null +++ b/operators/kiali/1.77.0/manifests/ossmconsole.crd.yaml @@ -0,0 +1,25 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: ossmconsoles.kiali.io + labels: + app: kiali-operator + app.kubernetes.io/name: kiali-operator +spec: + group: kiali.io + names: + kind: OSSMConsole + listKind: OSSMConsoleList + plural: ossmconsoles + singular: ossmconsole + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true diff --git a/operators/kiali/1.77.0/metadata/annotations.yaml b/operators/kiali/1.77.0/metadata/annotations.yaml new file mode 100644 index 00000000000..3131689b5d3 --- /dev/null +++ b/operators/kiali/1.77.0/metadata/annotations.yaml @@ -0,0 +1,7 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.bundle.channels.v1: alpha,stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: kiali diff --git a/operators/kiali/1.78.0/bundle.Dockerfile b/operators/kiali/1.78.0/bundle.Dockerfile new file mode 100644 index 00000000000..8da943083bc --- /dev/null +++ b/operators/kiali/1.78.0/bundle.Dockerfile @@ -0,0 +1,11 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=kiali +LABEL operators.operatorframework.io.bundle.channels.v1=alpha,stable +LABEL operators.operatorframework.io.bundle.channel.default.v1=stable + +COPY manifests /manifests/ +COPY metadata /metadata/ diff --git a/operators/kiali/1.78.0/manifests/kiali.crd.yaml b/operators/kiali/1.78.0/manifests/kiali.crd.yaml new file mode 100644 index 00000000000..4f364831826 --- /dev/null +++ b/operators/kiali/1.78.0/manifests/kiali.crd.yaml @@ -0,0 +1,24 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kialis.kiali.io + labels: + app: kiali-operator +spec: + group: kiali.io + names: + kind: Kiali + listKind: KialiList + plural: kialis + singular: kiali + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true diff --git a/operators/kiali/1.78.0/manifests/kiali.v1.78.0.clusterserviceversion.yaml b/operators/kiali/1.78.0/manifests/kiali.v1.78.0.clusterserviceversion.yaml new file mode 100644 index 00000000000..04087195423 --- /dev/null +++ b/operators/kiali/1.78.0/manifests/kiali.v1.78.0.clusterserviceversion.yaml @@ -0,0 +1,604 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: kiali-operator.v1.78.0 + namespace: placeholder + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.s390x: supported + operatorframework.io/arch.ppc64le: supported + operatorframework.io/arch.arm64: supported + annotations: + olm.skipRange: '>=1.0.0 <1.78.0' + categories: Monitoring,Logging & Tracing + certified: "false" + containerImage: quay.io/kiali/kiali-operator:v1.78.0 + capabilities: Deep Insights + support: Kiali + description: "This community operator provides Kiali and OSSMC. Kiali is the Istio observability and management Console. OSSMC is the OpenShift Service Mesh Console plugin, powered by Kiali." + repository: https://github.com/kiali/kiali + createdAt: 2023-11-20T07:13:42Z + alm-examples: |- + [ + { + "apiVersion": "kiali.io/v1alpha1", + "kind": "Kiali", + "metadata": { + "name": "kiali" + }, + "spec": { + "version": "default", + "istio_namespace": "istio-system", + "deployment": { + "logger": { + "log_level": "info" + }, + "view_only_mode": false + } + } + }, + { + "apiVersion": "kiali.io/v1alpha1", + "kind": "OSSMConsole", + "metadata": { + "name": "ossmconsole" + }, + "spec": { + "version": "default", + "kiali": { + "serviceName": "", + "serviceNamespace": "" + } + } + } + ] +spec: + version: 1.78.0 + maturity: stable + replaces: kiali-operator.v1.77.0 + displayName: Kiali Community Operator + description: |- + ## About the managed application + + A Microservice Architecture breaks up the monolith into many smaller pieces + that are composed together. Patterns to secure the communication between + services like fault tolerance (via timeout, retry, circuit breaking, etc.) + have come up as well as distributed tracing to be able to see where calls + are going. + + A service mesh can now provide these services on a platform level and frees + the application writers from those tasks. Routing decisions are done at the + mesh level. + + Kiali works with Istio, in OpenShift or Kubernetes, to visualize the service + mesh topology, to provide visibility into features like circuit breakers, + request rates and more. It offers insights about the mesh components at + different levels, from abstract Applications to Services and Workloads. + + See [https://www.kiali.io](https://www.kiali.io) to read more. + + ### Accessing the UI + + By default, the Kiali operator exposes the Kiali UI as an OpenShift Route. + + If on OpenShift, you can create an OSSMConsole CR to have the operator + install the OpenShift ServiceMesh Console plugin to the OpenShift Console + thus providing an interface directly integrated with the OpenShift Console. + + ## About this Operator + + ### Kiali Custom Resource Configuration Settings + + For quick descriptions of all the settings you can configure in the Kiali + Custom Resource (CR), see + [the kiali.io docs](https://kiali.io/docs/configuration/kialis.kiali.io/). + + ## Prerequisites for enabling this Operator + + Today Kiali works with Istio. So before you install Kiali, you must have + already installed Istio. + If you already have Kiali in your Istio environment and you want to + install Kiali via the Kiali Operator, uninstall the installed Kiali first. + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIyLjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IgoJIHZpZXdCb3g9IjAgMCAxMjgwIDEyODAiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDEyODAgMTI4MDsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMwMTMxNDQ7fQoJLnN0MXtmaWxsOiMwMDkzREQ7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04MTAuOSwxODAuOWMtMjUzLjYsMC00NTkuMSwyMDUuNS00NTkuMSw0NTkuMXMyMDUuNSw0NTkuMSw0NTkuMSw0NTkuMVMxMjcwLDg5My42LDEyNzAsNjQwCgkJUzEwNjQuNSwxODAuOSw4MTAuOSwxODAuOXogTTgxMC45LDEwMjkuMmMtMjE1LDAtMzg5LjItMTc0LjMtMzg5LjItMzg5LjJjMC0yMTUsMTc0LjMtMzg5LjIsMzg5LjItMzg5LjJTMTIwMC4xLDQyNSwxMjAwLjEsNjQwCgkJUzEwMjUuOSwxMDI5LjIsODEwLjksMTAyOS4yeiIvPgoJPHBhdGggY2xhc3M9InN0MSIgZD0iTTY1My4zLDI4NGMtMTM2LjQsNjAuNS0yMzEuNiwxOTcuMS0yMzEuNiwzNTZjMCwxNTguOCw5NS4yLDI5NS41LDIzMS42LDM1NmM5OC40LTg3LjEsMTYwLjQtMjE0LjMsMTYwLjQtMzU2CgkJQzgxMy43LDQ5OC4zLDc1MS42LDM3MS4xLDY1My4zLDI4NHoiLz4KCTxwYXRoIGNsYXNzPSJzdDEiIGQ9Ik0zNTEuOCw2NDBjMC0xMDkuOCwzOC42LTIxMC41LDEwMi44LTI4OS41Yy0zOS42LTE4LjItODMuNi0yOC4zLTEzMC0yOC4zQzE1MC45LDMyMi4yLDEwLDQ2NC41LDEwLDY0MAoJCXMxNDAuOSwzMTcuOCwzMTQuNiwzMTcuOGM0Ni4zLDAsOTAuNC0xMC4xLDEzMC0yOC4zQzM5MC4zLDg1MC41LDM1MS44LDc0OS44LDM1MS44LDY0MHoiLz4KPC9nPgo8L3N2Zz4K + mediatype: image/svg+xml + keywords: ['service-mesh', 'observability', 'monitoring', 'maistra', 'istio'] + maintainers: + - name: Kiali Developers Google Group + email: kiali-dev@googlegroups.com + provider: + name: Kiali + labels: + name: kiali-operator + selector: + matchLabels: + name: kiali-operator + links: + - name: Installation Guide + url: https://www.kiali.io/docs/installation + - name: Features + url: https://www.kiali.io/docs/features + - name: Documentation Home + url: https://www.kiali.io + - name: Blogs and Articles + url: https://medium.com/kialiproject + - name: Server and UI Source Code + url: https://github.com/kiali/kiali + - name: Operator Source Code + url: https://github.com/kiali/kiali-operator + - name: OpenShift Service Mesh Console Code + url: https://github.com/kiali/openshift-servicemesh-plugin + installModes: + - type: OwnNamespace + supported: false + - type: SingleNamespace + supported: false + - type: MultiNamespace + supported: false + - type: AllNamespaces + supported: true + customresourcedefinitions: + owned: + - name: kialis.kiali.io + group: kiali.io + description: A configuration file for a Kiali installation. + displayName: Kiali + kind: Kiali + version: v1alpha1 + resources: + - kind: Deployment + version: apps/v1 + - kind: Pod + version: v1 + - kind: Service + version: v1 + - kind: ConfigMap + version: v1 + - kind: OAuthClient + version: oauth.openshift.io/v1 + - kind: Route + version: route.openshift.io/v1 + - kind: ConsoleLink + version: consolelinks.console.openshift.io/v1 + specDescriptors: + - displayName: Version + description: "The version of the Kiali Server to install. This is specified in the form 'vX.Y'. Check the documentation for the values that are valid and supported. When not specified, or when set to the string 'default', the latest supported version of the Kiali Server will be installed. Default: default" + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Istio Namespace + description: "The namespace where the Istio control plane is installed. Default: istio-system" + path: deployment.istio_namespace + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Log Level + description: "Determines the priority levels of log messages Kiali will output. Typical values are 'info', 'debug', or 'trace'. Default: info" + path: deployment.logger.log_level + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:select:info' + - 'urn:alm:descriptor:com.tectonic.ui:select:debug' + - 'urn:alm:descriptor:com.tectonic.ui:select:trace' + - 'urn:alm:descriptor:com.tectonic.ui:select:warn' + - 'urn:alm:descriptor:com.tectonic.ui:select:error' + - displayName: View Only Mode + description: "When true, Kiali will be in 'view only' mode, allowing the user to view and retrieve management and monitoring data for the service mesh, but not allow the user to modify the service mesh. Default: false" + path: deployment.view_only_mode + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:booleanSwitch' + - name: ossmconsoles.kiali.io + group: kiali.io + description: A configuration file for a OpenShift Service Mesh Console installation. + displayName: OpenShift Service Mesh Console + kind: OSSMConsole + version: v1alpha1 + resources: + - kind: Deployment + version: apps/v1 + - kind: Pod + version: v1 + - kind: ConfigMap + version: v1 + specDescriptors: + - displayName: Version + description: "The version of OSSMC to install. This is specified in the form 'vX.Y'. Check the documentation for the values that are valid and supported. When not specified, or when set to the string 'default', the latest supported version of OSSMC will be installed. You must ensure this value is the same as the spec.version field in the Kiali CR that was used to install the Kiali Server, otherwise you are not guaranteed OSSMC will work properly. Default: default" + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Kiali Service Name + description: "The internal Kiali service that the OS Console will use to proxy API calls. If empty, an attempt will be made to auto-discover it from the Kiali OpenShift Route." + path: kiali.serviceName + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + - displayName: Kiali Service Namespace + description: "The namespace where the Kiali service is deployed. If empty, an attempt will be made to auto-discover it from the Kiali OpenShift Route. It will assume that the OpenShift Route and the Kiali service are deployed in the same namespace." + path: kiali.serviceNamespace + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:text' + apiservicedefinitions: {} + install: + strategy: deployment + spec: + deployments: + - name: kiali-operator + spec: + replicas: 1 + selector: + matchLabels: + app: kiali-operator + template: + metadata: + name: kiali-operator + labels: + app: kiali-operator + # required for the operator SDK metric service selector + name: kiali-operator + version: v1.78.0 + app.kubernetes.io/name: kiali-operator + app.kubernetes.io/version: v1.78.0 + app.kubernetes.io/part-of: kiali-operator + annotations: + prometheus.io/scrape: "true" + prometheus.io/path: /metrics + prometheus.io/port: "8080" + spec: + serviceAccountName: kiali-operator + containers: + - name: operator + image: quay.io/kiali/kiali-operator:v1.78.0 + imagePullPolicy: "IfNotPresent" + args: + - "--zap-log-level=info" + - "--leader-election-id=kiali-operator" + - "--watches-file=./watches-os.yaml" + securityContext: + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /tmp + name: tmp + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ALLOW_AD_HOC_KIALI_NAMESPACE + value: "false" + - name: ALLOW_AD_HOC_KIALI_IMAGE + value: "false" + - name: ALLOW_AD_HOC_OSSMCONSOLE_IMAGE + value: "false" + - name: ALLOW_SECURITY_CONTEXT_OVERRIDE + value: "false" + - name: ALLOW_ALL_ACCESSIBLE_NAMESPACES + value: "true" + - name: ACCESSIBLE_NAMESPACES_LABEL + value: "" + - name: PROFILE_TASKS_TASK_OUTPUT_LIMIT + value: "100" + - name: ANSIBLE_DEBUG_LOGS + value: "True" + - name: ANSIBLE_VERBOSITY_KIALI_KIALI_IO + value: "1" + - name: ANSIBLE_VERBOSITY_OSSMCONSOLE_KIALI_IO + value: "1" + - name: ANSIBLE_CONFIG + value: "/etc/ansible/ansible.cfg" + - name: ANSIBLE_LOCAL_TEMP + value: "/tmp/ansible/tmp" + - name: ANSIBLE_REMOTE_TEMP + value: "/tmp/ansible/tmp" + ports: + - name: http-metrics + containerPort: 8080 + resources: + requests: + cpu: "10m" + memory: "64Mi" + volumes: + - name: tmp + emptyDir: {} + clusterPermissions: + - rules: + - apiGroups: [""] + resources: + - configmaps + - endpoints + - pods + - serviceaccounts + - services + - services/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: [""] + resources: + - namespaces + verbs: + - get + - list + - patch + - apiGroups: [""] + resources: + - secrets + verbs: + - create + - list + - watch + - apiGroups: [""] + resourceNames: + - cacerts + - istio-ca-secret + resources: + - secrets + verbs: + - get + - apiGroups: [""] + resourceNames: + - kiali-signing-key + resources: + - secrets + verbs: + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["apps"] + resources: + - deployments + - replicasets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["monitoring.coreos.com"] + resources: + - servicemonitors + verbs: + - create + - get + - apiGroups: ["apps"] + resourceNames: + - kiali-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: ["kiali.io"] + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["authorization.k8s.io"] + resources: + - selfsubjectaccessreviews + verbs: + - list + - apiGroups: ["rbac.authorization.k8s.io"] + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["apiextensions.k8s.io"] + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - apiGroups: ["extensions", "networking.k8s.io"] + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["route.openshift.io"] + resources: + - routes + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["oauth.openshift.io"] + resources: + - oauthclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["config.openshift.io"] + resources: + - clusteroperators + verbs: + - list + - watch + - apiGroups: ["config.openshift.io"] + resourceNames: + - kube-apiserver + resources: + - clusteroperators + verbs: + - get + - apiGroups: ["console.openshift.io"] + resources: + - consolelinks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + # The permissions below are for OSSMC operator capabilities + - apiGroups: ["console.openshift.io"] + resources: + - consoleplugins + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: ["operator.openshift.io"] + resources: + - consoles + verbs: + - get + - list + - patch + - update + - watch + # The permissions below are for Kiali itself; operator needs these so it can escalate when creating Kiali's roles + - apiGroups: [""] + resources: + - configmaps + - endpoints + - pods/log + verbs: + - get + - list + - watch + - apiGroups: [""] + resources: + - namespaces + - pods + - replicationcontrollers + - services + verbs: + - get + - list + - watch + - patch + - apiGroups: [""] + resources: + - pods/portforward + verbs: + - create + - post + - apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - watch + - patch + - apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch + - patch + - apiGroups: + - config.istio.io + - networking.istio.io + - authentication.istio.io + - rbac.istio.io + - security.istio.io + - extensions.istio.io + - telemetry.istio.io + - gateway.networking.k8s.io + resources: ["*"] + verbs: + - get + - list + - watch + - create + - delete + - patch + - apiGroups: ["apps.openshift.io"] + resources: + - deploymentconfigs + verbs: + - get + - list + - watch + - patch + - apiGroups: ["project.openshift.io"] + resources: + - projects + verbs: + - get + - apiGroups: ["route.openshift.io"] + resources: + - routes + verbs: + - get + - apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: + - create + serviceAccountName: kiali-operator diff --git a/operators/kiali/1.78.0/manifests/ossmconsole.crd.yaml b/operators/kiali/1.78.0/manifests/ossmconsole.crd.yaml new file mode 100644 index 00000000000..9975b532297 --- /dev/null +++ b/operators/kiali/1.78.0/manifests/ossmconsole.crd.yaml @@ -0,0 +1,25 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: ossmconsoles.kiali.io + labels: + app: kiali-operator + app.kubernetes.io/name: kiali-operator +spec: + group: kiali.io + names: + kind: OSSMConsole + listKind: OSSMConsoleList + plural: ossmconsoles + singular: ossmconsole + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true diff --git a/operators/kiali/1.78.0/metadata/annotations.yaml b/operators/kiali/1.78.0/metadata/annotations.yaml new file mode 100644 index 00000000000..3131689b5d3 --- /dev/null +++ b/operators/kiali/1.78.0/metadata/annotations.yaml @@ -0,0 +1,7 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.bundle.channels.v1: alpha,stable + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: kiali