Configuring the Eventing Operator custom resource

You can configure the Knative Eventing operator by modifying settings in the KnativeEventing custom resource (CR).

NOTE: Kubernetes spec level policies cannot be configured using the Knative Operators.

Installing a specific version of Eventing

Cluster administrators can install a specific version of Knative Eventing by using the spec.version field. For example, if you want to install Knative Eventing v0.19.0, you can apply the following KnativeEventing CR:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. version: 0.19.0

If spec.version is not specified, the Knative Operator will install the latest available version of Knative Eventing. If users specify an invalid or unavailable version, the Knative Operator will do nothing. The Knative Operator always includes the latest 3 minor release versions.

If Knative Eventing is already managed by the Operator, updating the spec.version field in the KnativeEventing CR enables upgrading or downgrading the Knative Eventing version, without requiring modifications to the Operator.

Note that the Knative Operator only permits upgrades or downgrades by one minor release version at a time. For example, if the current Knative Eventing deployment is version 0.18.x, you must upgrade to 0.19.x before upgrading to 0.20.x.

Configuring Knative Eventing using ConfigMaps

The Operator manages the Knative Eventing installation. It overwrites any updates to ConfigMaps which are used to configure Knative Eventing. The KnativeEventing CR allows you to set values for these ConfigMaps by using the Operator.

All Knative Eventing ConfigMaps are created in the same namespace as the KnativeEventing CR. You can use the KnativeEventing CR as a unique entry point to edit all ConfigMaps.

Knative Eventing has multiple ConfigMaps that are named with the prefix config-. The spec.config in the KnativeEventing CR has one <name> entry for each ConfigMap, named config-<name>, with a value which will be used for the ConfigMap data.

Setting a default channel

If you are using different channel implementations, like the KafkaChannel, or you want a specific configuration of the InMemoryChannel to be the default configuration, you can change the default behavior by updating the default-ch-webhook ConfigMap.

You can do this by modifying the KnativeEventing CR:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. config:
  8. default-ch-webhook:
  9. default-ch-config: |
  10. clusterDefault:
  11. apiVersion: messaging.knative.dev/v1beta1
  12. kind: KafkaChannel
  13. spec:
  14. numPartitions: 10
  15. replicationFactor: 1
  16. namespaceDefaults:
  17. my-namespace:
  18. apiVersion: messaging.knative.dev/v1
  19. kind: InMemoryChannel
  20. spec:
  21. delivery:
  22. backoffDelay: PT0.5S
  23. backoffPolicy: exponential
  24. retry: 5

NOTE: The clusterDefault setting determines the global, cluster-wide default channel type. You can configure channel defaults for individual namespaces by using the namespaceDefaults setting.

Setting the default channel for the broker

If you are using a channel-based broker, you can change the default channel type for the broker from InMemoryChannel to KafkaChannel, by updating the config-br-default-channel ConfigMap.

You can do this by modifying the KnativeEventing CR:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. config:
  8. config-br-default-channel:
  9. channelTemplateSpec: |
  10. apiVersion: messaging.knative.dev/v1beta1
  11. kind: KafkaChannel
  12. spec:
  13. numPartitions: 6
  14. replicationFactor: 1

Private repository and private secrets

The Knative Eventing Operator CR is configured the same way as the Knative Serving Operator CR. See the documentation on Private repository and private secret.

Knative Eventing also specifies only one container within each Deployment resource. However, the container does not use the same name as its parent Deployment, which means that the container name in Knative Eventing is not the same unique identifier as it is in Knative Serving.

List of containers within each Deployment resource:

ComponentDeployment nameContainer name
Core eventingeventing-controllereventing-controller
Core eventingeventing-webhookeventing-webhook
Eventing Brokerbroker-controllereventing-controller
In-Memory Channelimc-controllercontroller
In-Memory Channelimc-dispatcherdispatcher

The default field can still be used to replace the images in a predefined format. However, if the container name is not a unique identifier, for example eventing-controller, you must use the override field to replace it, by specifying deployment/container as the unique key.

Some images are defined by using the environment variable in Knative Eventing. They can be replaced by taking advantage of the override field.

Download images in a predefined format without secrets

This example shows how you can define custom image links that can be defined in the KnativeEventing CR using the simplified format docker.io/knative-images/${NAME}:{CUSTOM-TAG}.

In the example below:

  • The custom tag latest is used for all images.
  • All image links are accessible without using secrets.
  • Images are defined in the accepted format docker.io/knative-images/${NAME}:{CUSTOM-TAG}.

  • Push images to the following image tags:

DeploymentContainerDocker image
eventing-controllereventing-controllerdocker.io/knative-images/eventing-controller:latest
eventing-webhookdocker.io/knative-images/eventing-webhook:latest
broker-controllereventing-controllerdocker.io/knative-images/broker-eventing-controller:latest
controllerdocker.io/knative-images/controller:latest
dispatcherdocker.io/knative-images/dispatcher:latest
  1. Define your the KnativeEventing CR with following content:
  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. registry:
  8. default: docker.io/knative-images/${NAME}:latest
  9. override:
  10. broker-controller/eventing-controller: docker.io/knative-images-repo1/broker-eventing-controller:latest
  1. - `${NAME}` maps to the container name in each `Deployment` resource.
  2. - `default` is used to define the image format for all containers, except the container `eventing-controller` in the deployment `broker-controller`. To replace the image for this container, use the `override`
  3. field to specify individually, by using `broker-controller/eventing-controller` as the key.

Download images from different repositories without secrets

If your custom image links are not defined in a uniform format, you will need to individually include each link in the KnativeEventing CR.

For example, to define the following list of images:

DeploymentContainerDocker Image
eventing-controllereventing-controllerdocker.io/knative-images/eventing-controller:latest
eventing-webhookdocker.io/knative-images/eventing-webhook:latest
controllerdocker.io/knative-images/controller:latest
dispatcherdocker.io/knative-images/dispatcher:latest
broker-controllereventing-controllerdocker.io/knative-images/broker-eventing-controller:latest

The KnativeEventing CR must be modified to include the full list. For example:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. registry:
  8. override:
  9. eventing-controller/eventing-controller: docker.io/knative-images-repo1/eventing-controller:latest
  10. eventing-webhook/eventing-webhook: docker.io/knative-images-repo2/eventing-webhook:latest
  11. imc-controller/controller: docker.io/knative-images-repo3/imc-controller:latest
  12. imc-dispatcher/dispatcher: docker.io/knative-images-repo4/imc-dispatcher:latest
  13. broker-controller/eventing-controller: docker.io/knative-images-repo5/broker-eventing-controller:latest

If you want to replace the image defined by the environment variable, you must modify the KnativeEventing CR. For example, if you want to replace the image defined by the environment variable DISPATCHER_IMAGE, in the container controller, of the deployment imc-controller, and the target image is docker.io/knative-images-repo5/DISPATCHER_IMAGE:latest, the KnativeEventing CR would be as follows:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. registry:
  8. override:
  9. eventing-controller/eventing-controller: docker.io/knative-images-repo1/eventing-controller:latest
  10. eventing-webhook/eventing-webhook: docker.io/knative-images-repo2/eventing-webhook:latest
  11. imc-controller/controller: docker.io/knative-images-repo3/imc-controller:latest
  12. imc-dispatcher/dispatcher: docker.io/knative-images-repo4/imc-dispatcher:latest
  13. broker-controller/eventing-controller: docker.io/knative-images-repo5/broker-eventing-controller:latest
  14. DISPATCHER_IMAGE: docker.io/knative-images-repo5/DISPATCHER_IMAGE:latest

Download images with secrets

If your image repository requires private secrets for access, you must append the imagePullSecrets attribute to the KnativeEventing CR.

This example uses a secret named regcred. Refer to the Kubernetes documentation to create your own private secrets.

After you create the secret, edit the KnativeEventing CR:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. registry:
  8. ...
  9. imagePullSecrets:
  10. - name: regcred

The field imagePullSecrets requires a list of secrets. You can add multiple secrets to access the images:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. registry:
  8. ...
  9. imagePullSecrets:
  10. - name: regcred
  11. - name: regcred-2
  12. ...

Configuring the default broker class

Knative Eventing allows you to define a default broker class when the user does not specify one. The Operator provides two broker classes by default: ChannelBasedBroker and MTChannelBasedBroker.

The field defaultBrokerClass indicates which class to use; if empty, the ChannelBasedBroker is used.

The following example CR specifies MTChannelBasedBroker as the default:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. defaultBrokerClass: MTChannelBasedBroker

System resource settings

The KnativeEventing CR allows you to configure system resources for Knative system containers.

Requests and limits can be configured for the following containers:

  • eventing-controller
  • eventing-webhook
  • imc-controller
  • imc-dispatcher
  • mt-broker-ingress
  • mt-broker-ingress
  • mt-broker-controller

To override resource settings for a specific container, you must create an entry in the spec.resources list with the container name and the Kubernetes resource settings.

For example, the following KnativeEventing CR configures the eventing-webhook container to request 0.3 CPU and 100MB of RAM, and sets hard limits of 1 CPU, 250MB RAM, and 4GB of local storage:

  1. apiVersion: operator.knative.dev/v1alpha1
  2. kind: KnativeEventing
  3. metadata:
  4. name: knative-eventing
  5. namespace: knative-eventing
  6. spec:
  7. resources:
  8. - container: eventing-webhook
  9. requests:
  10. cpu: 300m
  11. memory: 100Mi
  12. limits:
  13. cpu: 1000m
  14. memory: 250Mi