Skip to main content

LTS 23.10 is now out of support, we recommend upgrading to the latest LTS 24.10. To upgrade, please update your deployment to the latest LTS 23.10 release. You can then upgrade to the latest patch release of LTS 24.10.

Kubernetes : namespace-scoped deployments

Prepare the cluster - Admin side

Deploy the helm chart see Getting Started with the Enterprise Helm Charts, and use the following values :

prefix: element-operator
clusterDeployment: true
deployCrds: true
deployCrdRoles: true
deployManager: false

Namespace-scoped role

In the namespace where the ESS deployment will happen, to give a user permissions to deploy ESS, please create the following role and roles bindings :

User role :

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: ess-additional
rules:
- apiGroups:
  - apiextensions.k8s.io
  resources:
  - customresourcedefinitions
  verbs:
  - list
  - watch
  - get
- apiGroups:
    - project.openshift.io
  resources:
    - projects
  verbs:
    - get
    - list
    - watch

User roles bindings :

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: ess-additional
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: ess-additional
subjects:
<role subjects which maps to the user or its groups>
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: ess
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: edit
subjects:
<role subjects which maps to the user or its groups>

In the installer UI, on the cluster configuration screen, the user can now use the following values :

  • skipOperatorSetup: unchecked
  • skipUpdaterSetup: unchecked
  • skipElementCrdsSetup: checked
  • clusterDeployment: unchecked
  • kubeContextName:
  • namespaces:
    • createNamespaces: unchecked
    • operator:
    • updater: <same as operator, namespace to deploy ess>
    • elementDeployment: <same as operator, namespace to deploy ess>