Installing the API K8s Operator

Follow the instructions given below to install and set up the API K8s Operator in your Kubernetes environment.

Before you begin

  1. Install kubectl.
  2. Setup a Kubernetes cluster v1.14 or above.

    • Minimum CPU : 2vCPU
    • Minimum Memory : 2GB

    Alternatively, you can run Kubernetes locally via Minikube.

Install the API K8s Operator in Standalone mode

Follow the steps given below to install the operator in standalone mode.

  1. Install the API Operator:

    kubectl apply -f https://github.com/wso2/k8s-api-operator/releases/download/v2.0.0/api-operator-configs.yaml
  2. Verify the installation:

    kubectl get pods
    
    Output:
    NAME                            READY   STATUS              RESTARTS   AGE
    api-operator-776c79b5f6-c9n9n   1/1     Running             0          56s

Install K8s API Operator using OperatorHub.io

For information, see the installation instructions in the OperatorHub.io.

Install API K8s Operator in Cluster mode

By default, the K8s API operator is configured to watch the deployed namespace. That is, if the API Operator runs on the default namespace, it can only watch the custom resources that are deployed in the default namespace. By deploying in cluster mode, the API Operator is able to watch all the custom resources in all the namespaces.

  • Deploy the ClusterRole:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRole
    metadata:
       name: api-operator
    rules:
       - apiGroups:
            - ""
         resources:
            - pods
            - services
            - endpoints
            - persistentvolumeclaims
            - events
            - configmaps
            - secrets
            - ingresses
         verbs:
            - '*'
       - apiGroups:
            - apps
         resources:
            - deployments
            - daemonsets
            - replicasets
            - statefulsets
            - ingresses
         verbs:
            - '*'
       - apiGroups:
            - monitoring.coreos.com
         resources:
            - servicemonitors
         verbs:
            - get
            - create
       - apiGroups:
            - apps
         resourceNames:
            - api-operator
         resources:
            - deployments/finalizers
         verbs:
            - update
       - apiGroups:
            - wso2.com
         resources:
            - '*'
            - ratelimitings
            - targetendpoints
            - securities
            - integrations
         verbs:
            - '*'
       - apiGroups:
            - batch
         resources:
            - '*'
         verbs:
            - '*'
       - apiGroups:
            - autoscaling
         resources:
            - '*'
         verbs:
            - '*'
       - apiGroups:
            - extensions
         resources:
            - ingresses
            - ingress
         verbs:
            - '*'
       - apiGroups:
            - serving.knative.dev
         resources:
            - '*'
         verbs:
            - get
            - list
            - create
            - update
            - delete
            - patch
            - watch
       - apiGroups:
            - route.openshift.io
         resources:
            - '*'
         verbs:
            - get
            - list
            - create
            - update
            - delete
            - patch
            - watch
       - apiGroups:
            - networking.istio.io
         resources:
            - '*'
         verbs:
            - get
            - list
            - create
            - update
            - delete
            - patch
            - watch
  • Deploy the ClusterRoleBinding:

    Be sure to replace <OPERATOR_DEPLOYED_NAMESPACE> with the correct value.

    kind: ClusterRoleBinding
    apiVersion: rbac.authorization.k8s.io/v1
    metadata:
       name: api-operator
    subjects:
       - kind: ServiceAccount
         name: api-operator
          # Replace this with the namespace the operator is deployed in.
         namespace: <OPERATOR_DEPLOYED_NAMESPACE>
    roleRef:
       kind: ClusterRole
       name: api-operator
       apiGroup: rbac.authorization.k8s.io
  • Update API operator to watch the cluster:

    If the operator is already running in the Kubernetes cluster, use the following command to set the WATCH_CLUSTER_LEVEL configuration to true in the API operator deployment.

    kubectl set env deployment/api-operator WATCH_CLUSTER_LEVEL=true

What's Next

Top