Operator Lifecycle Manager workflow
In the Operator Lifecycle Manager (OLM) ecosystem, the following resources are used to resolve Operator installations and upgrades:
(CSV)
CatalogSource
Operator metadata, defined in CSVs, can be stored in a collection called a catalog source. OLM uses catalog sources, which use the , to query for available Operators as well as upgrades for installed Operators.
Figure 1. Catalog source overview
Within a catalog source, Operators are organized into packages and streams of updates called channels, which should be a familiar update pattern from OKD or other software on a continuous release cycle like web browsers.
Figure 2. Packages and channels in a Catalog source
A user indicates a particular package and channel in a particular catalog source in a subscription, for example an etcd
package and its alpha
channel. If a subscription is made to a package that has not yet been installed in the namespace, the latest Operator for that package is installed.
Each CSV has a replaces
parameter that indicates which Operator it replaces. This builds a graph of CSVs that can be queried by OLM, and updates can be shared between channels. Channels can be thought of as entry points into the graph of updates:
Figure 3. OLM graph of available channel updates
Example channels in a package
For OLM to successfully query for updates, given a catalog source, package, channel, and CSV, a catalog must be able to return, unambiguously and deterministically, a single CSV that replaces
the input CSV.
OLM walks back from the channel head to previous versions via the replaces
field specified in the CSVs to determine the upgrade path 0.1.3
→ 0.1.2
→ 0.1.1
; the direction of the arrow indicates that the former replaces the latter. OLM upgrades the Operator one version at the time until it reaches the channel head.
For this given scenario, OLM installs Operator version 0.1.2
to replace the existing Operator version 0.1.1
. Then, it installs Operator version 0.1.3
to replace the previously installed Operator version . At this point, the installed operator version 0.1.3
matches the channel head and the upgrade is completed.
The basic path for upgrades in OLM is:
A catalog source is updated with one or more updates to an Operator.
OLM traverses every version of the Operator until reaching the latest version the catalog source contains.
However, sometimes this is not a safe operation to perform. There will be cases where a published version of an Operator should never be installed on a cluster if it has not already, for example because a version introduces a serious vulnerability.
In those cases, OLM must consider two cluster states and provide an update graph that supports both:
The “bad” intermediate Operator has been seen by the cluster and installed.
The “bad” intermediate Operator has not yet been installed onto the cluster.
By shipping a new catalog and adding a skipped release, OLM is ensured that it can always get a single unique update regardless of the cluster state and whether it has seen the bad update yet.
Example CSV with skipped release
Consider the following example of Old CatalogSource and New CatalogSource.
Figure 4. Skipping updates
This graph maintains that:
Any Operator found in Old CatalogSource has a single replacement in New CatalogSource.
Any Operator found in New CatalogSource has a single replacement in New CatalogSource.
Creating New CatalogSource as described requires publishing CSVs that replace
one Operator, but can skip
several. This can be accomplished using the skipRange
annotation:
where <semver_range>
has the version range format supported by the .
When searching catalogs for updates, if the head of a channel has a skipRange
annotation and the currently installed Operator has a version field that falls in the range, OLM updates to the latest entry in the channel.
The order of precedence is:
The next Operator that replaces the current one, in the source specified by
sourceName
.Channel head in another source that is visible to the subscription, if the other criteria for skipping are met.
The next Operator that replaces the current one in any source visible to the subscription.
Example CSV with
A z-stream, or patch release, must replace all previous z-stream releases for the same minor version. OLM does not consider major, minor, or patch versions, it just needs to build the correct graph in a catalog.
In other words, OLM must be able to take a graph as in Old CatalogSource and, similar to before, generate a graph as in New CatalogSource:
Figure 5. Replacing several Operators
This graph maintains that:
Any Operator found in Old CatalogSource has a single replacement in New CatalogSource.
Any Operator found in New CatalogSource has a single replacement in New CatalogSource.
Any z-stream release in Old CatalogSource will update to the latest z-stream release in New CatalogSource.