Update documented process for setting global catalog namespace

[lagivan]

Bug Report

My main goal is to use a non-default global catalog namespace instead of olm but I've got an issue with it using the documented approach.

What did you do? I've installed OLM from yaml files:

kubectl apply --server-side=true -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.22.0/crds.yaml
kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.22.0/olm.yaml

Then I've patched the catalog operator deployment with environment variable GLOBAL_CATALOG_NAMESPACE set to a openshift-marketplace value:

kubectl patch deployment catalog-operator -n olm --patch-file olm-deployment-patch.yaml

Where the olm-deployment-patch.yaml is the following:

spec:
  template:
    spec:
      containers:
        - name: catalog-operator
          env:
            - name: GLOBAL_CATALOG_NAMESPACE
              value: "openshift-marketplace"

Now it's possible to install an operator from the chosen global catalog namespace:

apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: ibm-operator-catalog
  namespace: openshift-marketplace
spec:
  displayName: IBM Operator Catalog
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-operator-catalog:latest
  updateStrategy:
    registryPoll:
      interval: 45m
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: ibm-sls
  namespace: ibm-sls
spec:
  channel: 3.x
  name: ibm-sls
  source: ibm-operator-catalog
  sourceNamespace: openshift-marketplace
  installPlanApproval: Automatic

Till this point it works as expected. Without GLOBAL_CATALOG_NAMESPACE env variable the operator would not install at all so the global catalog namespace setting is partially working.

What did you expect to see? I expect that retrieving the list of available operators via namespaced packagemanifest should list operators from the new global catalog namespace as well (as documented here - https://operator-framework.github.io/olm-book/docs/list-available-operators.html). So the command kubectl get packagemanifest -n custom should list the operators from ibm-operator-catalog in openshift-marketplace namespace which is global catalog namespace.

What did you see instead? Under which circumstances? However, when retrieving the list of available operators via namespaced packagemanifest, it shows only the Community Operators from "olm" namespace (operatorhubio-catalog):

kubectl get packagemanifest -n custom

will show

NAME                                       CATALOG               AGE
ack-elasticache-controller                 Community Operators   19h
redis-operator                             Community Operators   19h
...

At the same time non-namespaces packagemanifest will list all operators, both from operatorhubio-catalog and ibm-operator-catalog which proves there is no issue with catalogs themselves:

kubectl get packagemanifest --all-namespaces

will show:

NAMESPACE               NAME                                              CATALOG                AGE
openshift-marketplace   ibm-cert-manager-operator                         IBM Operator Catalog   20h
olm                     topolvm-operator                                  Community Operators    19h
...

An addition the HTTP call to Kubernetes apiserver shows the same issue: https://:443/apis/packages.operators.coreos.com/v1/namespaces/custom/packagemanifests will show only community operators. Unfortunately, I have a hard dependency on this HTTP call so I need packagemanifests to work with custom global catalog namespace.

Environment

• operator-lifecycle-manager version: 0.22.0

• Kubernetes version information:

  Server Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.9-gke.900", GitCommit:"4591559666ae110a6311aea09049f45c459d2da8", GitTreeState:"clean", BuildDate:"2022-07-29T09:21:53Z", GoVersion:"go1.17.11b7", Compiler:"gc", Platform:"linux/amd64"}

• Kubernetes cluster kind: GKE cloud cluster

[lagivan]

As a workaround, I've packaged an OLM release myself with custom values.yaml as described in https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/install/install.md#customizing-olm-installation This helped me to set custom namespaces. However, it's not handy, I'd prefer to use the official release with environmental variable working as expected.

[awgreene]

Hello @lagivan, it seems as though there has been some drift in the documentation and the code, as shown in this search, the environment variable you've set is never used.

The supported approach to changing the global catalog namespace is by editing this line in the catalog-operator deployment. In your case, you would change olm to openshift-marketplace.

We'll use this issue to track the need to update the doc you referenced.

[lagivan]

@awgreene would not it be better to use the environmental variable instead? It would add flexibility. Hardcoding such values is usually a bad practice.