Understanding OpenShift's Operator Lifecycle Manager (OLM)

OpenShift's Operator Lifecycle Manager (OLM) is a powerful tool for managing Kubernetes Operators. It streamlines the deployment, updates, and overall lifecycle of these essential applications. This guide will delve into the core OLM components and their interactions, especially when utilizing Flat File Index (FBC) images for operator deployment.
Let's start by visualizing the end-to-end flow:
What's Managed by OLM?
Understanding what OLM manages and what falls under your responsibility is crucial:
Component
|
Managed by OLM?
|
Details
|
CatalogSource
|
✅ Yes
|
Registered source of operator bundles (e.g., FBC image)
|
Subscription
|
✅ Yes
|
Tracks which operator/version to install in a namespace
|
InstallPlan
|
✅ Yes
|
Automatically created by Subscription; lists CRDs, roles, deployments
|
CSV
|
✅ Yes
|
Describes the operator & owned APIs
|
Operator Pod
|
✅ (via CSV)
|
Runs operator logic; logs go here
|
CRDs
|
✅ (via CSV)
|
Installed from the operator bundle
|
CustomResource
|
❌ You
|
You (or your scripts) create this to trigger operator action
|
Reconciliation
|
❌ Operator
|
Custom logic runs based on CR state
|
Diving Deeper: OLM Core Components in OpenShift
Let's break down each key OLM component:
1. CatalogSource
-
Type: OLM Resource
-
Purpose: Defines the source of available operators (via an index image or gRPC endpoint).
-
Function: Points to an FBC index image or other registry location, listing all available Packages
(operators).
-
✅ Managed by Cluster Admins
-
📦 Backed by FBC (File-Based Catalog) or sqlite
index DB.
2. OperatorGroup
-
Type: OLM Resource
-
Purpose: Defines the set of namespaces an operator is scoped to watch.
-
Function: Associates operator deployments with target namespaces, supporting single-namespace, multi-namespace, or all-namespace mode.
-
🟡 Created in each operator namespace
3. Subscription
-
Type: OLM Resource
-
Purpose: Requests installation/upgrade of a specific operator from a CatalogSource.
-
Function: Automatically tracks updates to the operator and points to a channel
in a Package
.
-
🔁 Triggers creation of InstallPlan
.
4. InstallPlan
-
Type: OLM Resource (auto-generated)
-
Purpose: Execution plan to install CRDs, CSVs, Roles, and Deployments.
-
Function: Lists every resource to be installed or updated and applies them in order.
-
🔎 This is your go-to for debugging install failures.
5. ClusterServiceVersion
(CSV)
-
Type: OLM Resource (from bundle)
-
Purpose: Describes the installed operator, version, and its capabilities.
-
Function: Specifies the deployment spec of the operator pod, Custom Resource Definitions (CRDs), permissions and RBAC, and versioning info. Used to track the operator's lifecycle.
-
📜 One CSV per operator version in a namespace.
6. CustomResourceDefinition
(CRD)
-
Type: Kubernetes Resource
-
Purpose: Declares a new API (kind
) that the operator will manage.
-
Function: Defines schema and validation for the operator's CustomResource (CR). Comes from the bundle/CSV during install.
-
🛠 Not OLM-specific but handled by OLM during install.
7. CustomResource
(CR)
-
Type: Kubernetes Resource
-
Purpose: Your actual configuration input to the operator.
-
Function: Triggers the operator to perform work (e.g., install backend services). Managed by the operator runtime logic.
-
✏️ Created by you (user, script, or UI).
8. OLM Core Pods
These essential pods run in the openshift-operator-lifecycle-manager
namespace:
Pod Name
|
Component
|
Function
|
olm-operator
|
Global controller
|
Manages operator install logic
|
catalog-operator
|
Catalog manager
|
Watches CatalogSource and injects packages
|
packageserver
|
API provider
|
Serves the OLM APIs (e.g., via OperatorHub)
|
You can inspect them via:
What Happens When You oc apply
these YAMLs?
-
Apply CatalogSource: OLM sees a new catalog, pulls the index, and exposes operator packages.
-
Apply OperatorGroup: Defines the scope in which operators can run and watch CRs.
-
Apply Subscription: OLM creates an InstallPlan, chooses a CSV, and installs the operator.
-
Operator pod starts: Based on the Deployment spec in the CSV.
-
CRDs are installed: Your APIs become available.
-
User creates a CustomResource: Triggers the operator to act on it and deploy components.
Summary Table of OLM Component Commands
OLM Component
|
Command Example
|
Purpose
|
Flat File Index (FBC)
|
Referenced in CatalogSource
|
Operator registry (OCI image)
|
CatalogSource
|
oc get catalogsource -n openshift-marketplace
|
Operator source location
|
OperatorGroup
|
oc get operatorgroup -n <namespace>
|
Defines namespace(s) watched by operator
|
Subscription
|
oc get subscription -n <namespace>
|
Triggers operator installation
|
InstallPlan
|
oc get installplan -n <namespace>
|
Detailed steps for installing operator
|
CSV
|
oc get csv -n <namespace>
|
Operator metadata/version/permissions
|
Operator Pod
|
oc get pods -l name=<operator-name> -n <namespace>
|
Running controller logic
|
CRD
|
oc get crd | grep <crd-name>
|
Lists installed API types
|
CustomResource
|
oc get <kind> -n <namespace>
|
Triggers operator logic
|
Logs (Operator)
|
oc logs deploy/<operator-name> -n <namespace>
|
Investigate behavior/errors
|
Understanding these components and their interactions is crucial for anyone working with OpenShift Operators, enabling efficient deployment, management, and troubleshooting. The Flat File Index images simplify the cataloging process, making OLM even more robust for enterprise deployments.