This article provides an easy way to patch the K10 operand to make changes to the k10 configuration in an operator based installation
K10 is available for installation in an OCP cluster through either helm charts or through Red Hat Marketplace operator.
When using helm, configuration changes to K10 can be made through helm upgrades, which supports the use of either a values file or helm values as arguments with --set or --set-string.
On the other hand, the K10 operator is a helm-based operator that allows configuration of K10 values using an operand CR called k10s.apik10.kasten.io. Updating the K10 configuration requires modifying this resource.
However, this resource is a large file with over thousand lines, making manual editing extremely difficult. This article aims to provide an easier method for modifying the contents of the K10 operand using kubectl patch.
Below is an example of how to enable OpenShift OAuth integration in K10 with comparison between helm and operator-based installation.
Helm
Simply run the following command with the specified values provided as helm arguments using --set parameter.
helm install k10 kasten/k10 --namespace=kasten-io \
--set scc.create=true \
--set route.enabled=true \
--set route.tls.enabled=true \
--set auth.openshift.enabled=true \
--set auth.openshift.serviceAccount=k10-dex-sa \
--set auth.openshift.clientSecret=${DEX_TOKEN} \
--set auth.openshift.dashboardURL=https://k10-route-kasten-io.${APPS_BASE_DOMAIN}/k10/ \
--set auth.openshift.openshiftURL=https://${API_BASE_DOMAIN}:6443 \
--set auth.openshift.insecureCA=true
Alternatively, the following values can be specified in a YAML file and used for upgrade.
# values.yaml
scc:
create: true
route:
enabled: true
tls:
enabled: true
auth:
openshift:
enabled: true
serviceAccount: k10-dex-sa
clientSecret: ${DEX_TOKEN}
dashboardURL: https://k10-route-kasten-io.${APPS_BASE_DOMAIN}/k10/
openshiftURL: https://${API_BASE_DOMAIN}:6443
insecureCA: true
K10 instance can be upgraded using the following helm upgrade command, assuming the above values are saved in the values.yaml file.
helm upgrade k10 --namespace kasten-io -f values.yaml
K10 Operand
Making the same changes mentioned above by editing the K10 operand can be a bit cumbersome. The K10 operand manifest contains the values for configuring K10, following a similar schema as the helm values file.
All the values are listed under a top-level object called spec. For example, if the helm values used scc.create, in the operand, it would be spec.scc.create. Similarly, route.enabled in helm would be spec.route.enabled in the operand.
Hence, the provided patch file can be used to configure the same values in the K10 operator.
spec:
scc:
create: true
route:
enabled: true
tls:
enabled: true
auth:
openshift:
enabled: true
serviceAccount: k10-dex-sa
clientSecret: ${DEX_TOKEN}
dashboardURL: https://k10-route-kasten-io.${APPS_BASE_DOMAIN}/k10/
openshiftURL: https://${API_BASE_DOMAIN}:6443
insecureCA: true
To upgrade the K10 operator-based installation, following patch command can be used, assuming the above values are saved in the `patch.yaml` file.
kubectl patch k10s.apik10.kasten.io k10 -n kasten-io --type=merge --patch-file patch.yaml