Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-1597

[Tech Preview/phase 4] Next-gen OLM (OLM v1)

XMLWordPrintable

    • BU Product Work
    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-27OLM V1: Operators, Operator Lifecycle Management, and Operator Hub
    • 0% To Do, 10% In Progress, 90% Done
    • 0
    • Program Call

      Feature Overview (aka. Goal Summary)  

      This ticket outlines the scope of the Tech Preview release for OCP 4.17

      This Tech Preview release grants early access to upcoming features in the next-generation Operator Lifecycle Manager (OLM v1).  Customers can now test these functionalities and provide valuable feedback during development.

      Goals (aka. expected user outcomes)

      Highlights of OLM v1 Phase 4 Preview:

      • Safe CRD upgrades: Prevent data loss due to CRD schema changes
      • Clear compatibility reporting: Improved status reporting for supported and unsupported operator bundles
      • Clear ownership: Prevent conflicts between multiple ClusterExtensions managing the same resources
      • Least privilege principle: Adhere to security best practices by using dedicated ServiceAccounts for installing/upgrading content
      • Secure communication: Protect catalog data with HTTPS encryption for catalogd webserver responses
      • Laying the groundwork for native Helm chart support: OLM v1 embeds Helm, doing the heavy lifting to enable future native support for Helm chart-packaged content

      Requirements (aka. Acceptance Criteria):

      All the expected user outcomes and the acceptance criteria in the engineering epics are covered.

      Background

      Leveraging learnings and customer feedback since OCP 4's inception, OLM v1 is designed to be a major overhaul.

      With OpenShift 4.17, we are one step closer to the highly anticipated general availability (GA) of the next-generation OLM.  

      See the OCPSTRAT feature for OLM v1 GA:

      Documentation Considerations

      • Safe CRD Upgrades: [TP release] Docs explain OLM v1's current approach to prevent data loss due to CRD schema changes during the ClusterExtension upgrade.
      • Clear compatibility reporting: [TP release] Docs introduce OLM v1's current approach to communicating the supported and unsupported operator bundles during installation.
      • Clear Ownership: [TP release] Docs explain OLM v1's effort to prevent conflicts between multiple ClusterExtensions managing the same resources.
      • Least Privilege Principle: [TP release] Docs explain OLM v1's design rationale behind adhering to security best practices by using dedicated ServiceAccounts for installing/upgrading content, showcasing the installation/upgrade flow with ServiceAccounts w/o and w/ enough permissions associated with it.
      • Secure Communication: [TP release] Docs explain OLM v1's security stance in protecting catalog data with HTTPS encryption for catalogd webserver responses.

       

            rhn-coreos-tunwu Tony Wu
            rhn-coreos-tunwu Tony Wu
            Jian Zhang Jian Zhang
            Matthew Werner Matthew Werner
            Joe Lanford Joe Lanford
            Eric Rich Eric Rich
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: