Installing Service Binding Operator

The Service Binding Operator can be installed on the following version of Kubernetes and OpenShift:

Installing on Kubernetes

You can install the Service Binding Operator using one of the following methods:

  1. Installing the Service Binding Operator using Operator Lifecycle Manager (OLM)

    Procedure

    1. Go to OperatorHub.io.

    2. Click on the blue Install button.

    3. Follow the instructions to install the Service Binding Operator.

  2. Installing the Service Binding Operator using Helm chart

  3. Installing the Service Binding Operator without OLM

    Procedure

    • Install the Service Binding Operator using the released resources:

      kubectl apply -f https://github.com/redhat-developer/service-binding-operator/releases/latest/download/release.yaml

Installing the Service Binding Operator from the OpenShift Container Platform web UI

Prerequisites:
Procedure

  1. Navigate in the web console to the OperatorHub page and type Service Binding into the Filter by keyword box:

    ocp_operathub

  2. Click Service Binding Operator from the result. A page to install the Operator is displayed with additional information about the Operator.

    sbo_intall_landing

  3. Click Install. The Install Operator page is displayed.

  4. Select the options as per your requirements and click Install. After the installation is complete, a page with the Installed Operator – ready for use message is displayed.

    sbo_install_options

  5. Click View Operator. The Service Binding Operator page is displayed with the Operator details.

    sbo_post_install

Installing the Service Binding Operator using Helm chart

The Helm chart installation involves the following steps:

  1. Adding the service-binding-operator-helm-chart repository.

  2. Installing the Service Binding Operator Helm chart.

  3. Running a Helm test.

If you are not installing the Service Binding Operator through Operator Lifecycle Manager (OLM), you must install cert-manager on the cluster. Installing the cert-manager automates TLS certificates for Kubernetes and OpenShift workloads. Cert-manager ensures that the certificates are valid and up-to-date, and attempts to renew certificates at a configured time before expiry. You can install cert-manager by running the following command:

kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.0/cert-manager.yaml
Prerequisites:

  1. You have access to a Kubernetes or an OpenShift Container Platform (OCP) cluster using an account with cluster-admin permissions.

  2. You have the cert-manager installed on the cluster if you are not installing the Service Binding Operator through OLM.

  3. You have installed the Helm CLI.

  4. You have installed the kubectl or oc CLI.

Adding the Helm chart repository

Procedure

  1. Add the service-binding-operator-helm-chart repository to your local repository and name the repository as per your convenience:

    helm repo add service-binding-operator-helm-chart https://redhat-developer.github.io/service-binding-operator-helm-chart/
    Example output
    "service-binding-operator-helm-chart" has been added to your repositories

  2. Verify your Helm repository by listing it:

    helm repo list
    Example output
    NAME                 	                        URL
service-binding-operator-helm-chart          	https://redhat-developer.github.io/service-binding-operator-helm-chart/

    The output verifies that the service-binding-operator-helm-chart repository is added to your local helm repository.

Installing the Helm chart

Procedure

  1. Search the repository:

    helm search repo service-binding-operator-helm-chart
    Example output
    NAME                                                            CHART VERSION	APP VERSION	DESCRIPTION
service-binding-operator-helm-chart/service-binding-operator    1.0.0        	1.0.1      	A Helm chart to deploy service binding operator

  2. Create a Helm chart release and specify the namespace required with the --create-namespace flag:

    helm install service-binding-operator-release \
service-binding-operator-helm-chart/service-binding-operator \
--namespace service-binding-operator --create-namespace

  3. Optional: If you wish to install the chart on the default namespace, remove the --namespace and --create-namespace flags.

    As part of the Helm test, objects such as deployment, service binding resources, and secrets used for testing the Operator are deleted.

  4. Optional: To view the resources created for testing, install the chart with the keepTestResources flag value set to true:

    helm install service-binding-operator-release \
service-binding-operator-helm-chart/service-binding-operator \
--namespace service-binding-operator --create-namespace \
--set keepTestResources=true
    Example output
    NAME: service-binding-operator-release
LAST DEPLOYED: Mon May 16 09:15:16 2022
NAMESPACE: service-binding-operator
STATUS: deployed
REVISION: 1

  5. Verify that the chart is succesfully installed:

    kubectl get pods --namespace service-binding-operator
    Example output
    NAME                                        READY   STATUS    RESTARTS   AGE
service-binding-operator-78c6444b4d-kswhk   1/1     Running   0          21s

Running a Helm test

If you are installing the chart on the Amazon Elastic Kubernetes Service (Amazon EKS) cluster, then perform the following steps to get appropriate kubeconfig file required by the Helm test:

Procedure

  1. Modify the aws-auth config map:

    kubectl edit -n kube-system cm/aws-auth

  2. Add -system:masters to mapRoles and save.

  3. After editing the config map, update the EKS kubeconfig file:

    aws eks update-kubeconfig --name <cluster-name>

  4. Continue with the following steps.
Procedure

  1. Create a my-k-config secret from your kubeconfig file and specify the required namespace:

    kubectl create secret generic my-k-config --from-file=kubeconfig=<PATH TO YOUR KUBECONFIG> --namespace service-binding-operator
    Example output
    secret/my-k-config created

    The output verifies that the my-k-config secret is created.

  2. Run the Helm test and specify the namespace if applicable:

    helm test service-binding-operator-release --namespace service-binding-operator
    Example output
    NAME: service-binding-operator-release
LAST DEPLOYED: Mon May 16 10:44:53 2022
NAMESPACE: service-binding-operator
STATUS: deployed
REVISION: 1
TEST SUITE:     service-binding-operator-release-test
Last Started:   Mon May 16 11:01:10 2022
Last Completed: Mon May 16 11:01:22 2022
Phase:          Succeeded

    The Succeeded phase from the output indicates that the Helm test has run successfully.

  3. Verify that the Helm test has run successfully:

    kubectl get pods --namespace service-binding-operator
    Example output
    NAME                                    READY   STATUS      RESTARTS   AGE
service-binding-operator-release-test   0/1     Completed   0          4m28s

    The output verifies that you have successfully installed the Service Binding Operator using a Helm chart and are able to bind your workload to backing services.

  4. As a safety measure, delete the secret created and specify the namespace if applicable:

    kubectl delete secret my-k-config  --namespace service-binding-operator
    Example output
    secret/my-k-config deleted

    The output verifies that the secret you had created is now deleted.

    Deleting the secret avoids exposing the secret credentials of the cluster to which you are connected.