diff --git a/modules/ROOT/pages/kubernetes/openshift.adoc b/modules/ROOT/pages/kubernetes/openshift.adoc index c94da38a3..1e02ca2b3 100644 --- a/modules/ROOT/pages/kubernetes/openshift.adoc +++ b/modules/ROOT/pages/kubernetes/openshift.adoc @@ -5,8 +5,12 @@ SDP operators are certified for the OpenShift platform and can be installed from IMPORTANT: OpenShift installations with FIPS mode enabled are not supported. This is because neither the SDP operators, nor the supported Apache products are FIPS-compliant. == Customizing operator installations -Depending on the cluster size, you may need to customize the resources requested by the SDP operator Pods. -This is possible when installing the operators from the command line. + +As described in the https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/design/subscription-config.md[Openshift Subscription documentation] you can configure the deployed operators. + +E.g. depending on the cluster size, you may need to customize the resources requested by the SDP operator containers. +This is possible when installing the operators via a Subscription CustomResource. + For example, to assign `256Mi` of memory to the Apache Kafka operator, you need to create a custom Subscription as follows: [source,yaml] @@ -23,12 +27,14 @@ spec: name: stackable-kafka-operator source: certified-operators sourceNamespace: openshift-marketplace - startingCSV: kafka-operator.v23.11.0 + startingCSV: kafka-operator.v24.7.0 config: resources: - limits: - memory: 256Mi requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 100m memory: 256Mi ---- @@ -44,6 +50,8 @@ spec: value: kafka-namespace ---- +IMPORTANT: The described configuration mechanism currently does not work for secret and listener-operator due to restrictions on deploying DaemonSets. + == Security context constraints Starting with the release version `24.7.0`, all products run with the `nonroot-v2` security context constraints (SCC) on OpenShift. This security context is used by the product's cluster role.