From 817b128282209ca9a90229aca1d8d7c4c116513f Mon Sep 17 00:00:00 2001 From: Agil Antony Date: Wed, 3 Sep 2025 17:07:04 +0530 Subject: [PATCH] ROX30089 Document Operator Subscription Config for Infra Nodes ROX30089 Review comments ROX30089 Review comments --- .../cloud-install-operator.adoc | 2 + .../installing_ocp/install-central-ocp.adoc | 2 + ...acs-operator-for-infrastructure-nodes.adoc | 47 +++++++++++++++++++ modules/install-acs-operator-cloud.adoc | 3 +- modules/install-acs-operator.adoc | 6 +-- 5 files changed, 56 insertions(+), 4 deletions(-) create mode 100644 modules/configuring-the-rhacs-operator-for-infrastructure-nodes.adoc diff --git a/cloud_service/installing_cloud_ocp/cloud-install-operator.adoc b/cloud_service/installing_cloud_ocp/cloud-install-operator.adoc index 1bc656ba10e8..a3512443c680 100644 --- a/cloud_service/installing_cloud_ocp/cloud-install-operator.adoc +++ b/cloud_service/installing_cloud_ocp/cloud-install-operator.adoc @@ -11,6 +11,8 @@ Install the {product-title-short} Operator on your secured clusters. include::modules/install-acs-operator-cloud.adoc[leveloffset=+1] +include::modules/configuring-the-rhacs-operator-for-infrastructure-nodes.adoc[leveloffset=+2] + [id="next-steps_cloud-install-operator"] == Next steps diff --git a/installing/installing_ocp/install-central-ocp.adoc b/installing/installing_ocp/install-central-ocp.adoc index 6f2a5b1bf9ef..c415ef732523 100644 --- a/installing/installing_ocp/install-central-ocp.adoc +++ b/installing/installing_ocp/install-central-ocp.adoc @@ -23,6 +23,8 @@ You can install Central on your {ocp} or Kubernetes cluster by using one of the include::modules/install-acs-operator.adoc[leveloffset=+2] +include::modules/configuring-the-rhacs-operator-for-infrastructure-nodes.adoc[leveloffset=+3] + include::modules/install-central-operator.adoc[leveloffset=+2] [role="_additional-resources"] diff --git a/modules/configuring-the-rhacs-operator-for-infrastructure-nodes.adoc b/modules/configuring-the-rhacs-operator-for-infrastructure-nodes.adoc new file mode 100644 index 000000000000..594ae6c61b37 --- /dev/null +++ b/modules/configuring-the-rhacs-operator-for-infrastructure-nodes.adoc @@ -0,0 +1,47 @@ +// Module included in the following assemblies: +// +// * installing/installing_ocp/install-central-ocp.adoc +// * cloud_service/installing_cloud_ocp/cloud-install-operator.adoc + +:_mod-docs-content-type: PROCEDURE +[id="configuring-the-rhacs-operator-for-infrastructure-nodes_{context}"] += Configuring the {product-title-short} Operator for infrastructure nodes + +To deploy the {rh-rhacs-first} Operator on infrastructure nodes, you can modify its subscription YAML to include `nodeSelector` and `tolerations` to ensure that its pods are scheduled correctly. + +.Procedure + +. Configure the {product-title-short} Operator with the necessary `nodeSelector` and `tolerations` for infrastructure nodes before you apply the {olm-first} subscription by using the following content, for example: ++ +[source,yaml] +---- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + labels: + operators.coreos.com/rhacs-operator.rhacs-operator: "" + name: rhacs-operator + namespace: rhacs-operator +spec: + channel: stable + config: + nodeSelector: + node-role.kubernetes.io/infra: "" # <1> + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/infra # <2> + operator: Exists + installPlanApproval: Automatic + name: rhacs-operator + source: redhat-operators + sourceNamespace: openshift-marketplace +---- ++ +-- +<1> The `nodeSelector` key and value instruct the Kubernetes scheduler to place the Operator pods on nodes that have the label `node-role.kubernetes.io/infra: ""`. +<2> The `tolerations` entry allows the Operator pods to be scheduled on nodes that have a taint with the `node-role.kubernetes.io/infra` key. This is necessary as infrastructure nodes are usually provided with a taint to prevent non-infrastructure workloads from being scheduled on them. +-- + +. Save the YAML file and apply it by using the OpenShift CLI (`oc`). + +When you apply the YAML file, you update the subscription for the {product-title-short} Operator. This in turn configures where the {product-title-short} Operator pods can be scheduled. The `rhacs-operator` namespace is the designated location for the {product-title-short} Operator. \ No newline at end of file diff --git a/modules/install-acs-operator-cloud.adoc b/modules/install-acs-operator-cloud.adoc index 8f22cfb2961d..489c2dd184f3 100644 --- a/modules/install-acs-operator-cloud.adoc +++ b/modules/install-acs-operator-cloud.adoc @@ -1,6 +1,7 @@ // Module included in the following assemblies: // -// * installing/installing_cloud_ocp/cloud-install-operator.adoc +// * cloud_service/installing_cloud_ocp/cloud-install-operator.adoc + :_mod-docs-content-type: PROCEDURE [id="install-acs-operator-cloud_{context}"] = Installing the {product-title-short} Operator for {product-title-managed-short} diff --git a/modules/install-acs-operator.adoc b/modules/install-acs-operator.adoc index 6adcb9b8b1c6..49363f243df8 100644 --- a/modules/install-acs-operator.adoc +++ b/modules/install-acs-operator.adoc @@ -1,6 +1,7 @@ // Module included in the following assemblies: // -// * installing/install-ocp-operator.adoc +// * installing/installing_ocp/install-central-ocp.adoc + :_mod-docs-content-type: PROCEDURE [id="install-acs-operator_{context}"] = Installing the {product-title} Operator @@ -41,5 +42,4 @@ If you choose manual updates, you must update the {product-title-short} Operator .Verification * After the installation completes, go to *Operators* -> *Installed Operators* to verify that the {product-title} Operator is listed with the status of *Succeeded*. -.Next Step -* You installed the Operator into the *rhacs-operator* project. Using that Operator, install, configure, and deploy the `Central` custom resource into the `stackrox` project. +After you install the Operator into the *rhacs-operator* project, you can install, configure, and deploy the `Central` custom resource (CR) into the `stackrox` project by using the installed Operator. \ No newline at end of file