manage create-rsi-patch

Create or update a resource specification injection (RSI) patch.

Extended description

You can use resource specification injection (RSI) to create patches to customize the pods in your Cloud Pak for Data environment.

You must be a cluster administrator or project administrator to run this command.

Important: Create RSI patches only if you are an advanced user on Red Hat® OpenShift® Container Platform. It is your responsibility to ensure that any patches that you apply to not introduce issues to your Cloud Pak for Data installation.
You can either:
  • Update the specified pods when you create an RSI patch
  • Use the apply-rsi-patches command to apply all of the active RSI patches at the same time. For details, see apply-rsi-patches.
When you apply an RSI patch, the RSI webhook restarts any pods with the appropriate pod selector labels that meet either of the following criteria:
  • Pods with outdated patches
  • Pods that have not yet been patched
Tip: If you plan to apply multiple RSI patches, it is less disruptive to apply the RSI patches in a batch. For details, see manage apply-rsi-patches
If you are creating a new patch, specify the following options:
  • --cpd_instance_ns
  • --description
  • --patch_name
  • --patch_spec
  • --patch_type
  • --selector
  • --skip_apply
  • --spec_format
  • --state
If you are updating an existing patch, the options that you specify depend on what you are trying to do. At a minimum, you must specify:
  • --cpd_instance_ns
  • --patch_name
You can change the following aspects of an existing patch:
--description
You can update the description for the patch.
--patch_spec
You can change the contents of the JSON file that defines the patch.
--state
You can make the patch active or inactive.
--selector
You can change the pods that the patch applies to.

Syntax

cpd-cli manage enable-rsi \
--cpd_instance_ns=<project-name> \
--patch_name=<patch-name> \
[--patch_type=rsi_pod_env_var|rsi_pod_label|rsi_pod_annotation|rsi_pod_spec|rsi_pod_init_container|
rsi_pod_side_car_container] \
[--description=<patch-description>] \
[--patch_spec=/tmp/work/rsi/<patch-spec-JSON-file>] \
[--spec_format=json|json-merge|set-env] \
[--selector=<comma-separated-key-value-pairs-representing-the-match-labels>] \
[--state=active|inactive] \
[--skip_apply=true|false] \
[-vv][-vv][-vvv]

Arguments

The enable-rsi command has no arguments.

Options

Option Description
--cpd_instance_ns The project (namespace) where you want to create or update the patch. If there are any projects tethered to this project, the patch will also apply to the tethered projects.
Status
Required.
Syntax
--cpd_instance_ns=<project-name>
Default value
No default. User-defined.
Valid values
The name of the project where you want to create the RSI feature. Cloud Pak for Data must be installed in this project.
--description The description for the patch.

Use the description to describe the purpose and intent of the patch.

Status
Optional.
Syntax
--description=<patch-description>
Default value
No default.
Valid values
A description.
--patch_name The name of the patch to create or update.
Status
Required.
Syntax
--patch_name=<patch-name>
Default value
No default. User defined.
Valid values
The name must adhere to the following rules:
  • Be 50 characters or less.
  • Contain only lowercase alphanumeric characters, hypyen (-), or period (.).
  • Start and end with an alphanumeric character.
--patch_spec The JSON file that contains the patch.

Save the file in the cpd-cli-workspace/olm-utils-workspace/work/rsi/ directory.

Status
Required to create a new patch.
Syntax
--patch_spec=/tmp/work/rsi/<patch-spec-JSON-file>
Default value
No default.
Valid values
Specify the name of the JSON file in the cpd-cli-workspace/olm-utils-workspace/work/rsi/ with the format: /tmp/work/rsi/<file-name.json>
--patch_type The type of patch to create.
Status
Required to create a new patch.
Syntax
--patch_type=rsi_pod_env_var|rsi_pod_label|rsi_pod_annotation| rsi_pod_spec|rsi_pod_init_container| rsi_pod_side_car_container
Default value
No default.
Valid values
rsi_pod_env_var
Specify this option to add environment variables to pod containers.
rsi_pod_label
Specify this option to add labels to pods.
rsi_pod_annotation
Specify this option to add annotations to pods.
rsi_pod_spec
Specify this option to add fields to the spec section of pods.
rsi_pod_init_container
4.6.4 or later This option is available in IBM Cloud Pak® for Data Version 4.6.6 or later.
Specify this option to add an init container to pods.
rsi_pod_side_car_container
4.6.4 or later This option is available in IBM Cloud Pak for Data Version 4.6.6 or later.
Specify this option to add a sidecar container to pods.
--selector Specify which pods the patch will apply to by specifying one or more pod labels.

If you specify multiple labels, the patch will apply to pods with all of the labels. For example, if you specify app.kubernetes.io/component:zen-core,component:zen-core, the patch will apply to any pods with both of these labels, even if they have additional labels.

Status
Required to create a new patch.
Syntax
--selector=<comma-separated-key-value-pairs-representing-the-match-labels>
Default value
No default.
Valid values
Specify one or more valid pod label from your cluster. Separate multiple labels as a comma-separated list.
--skip_apply Specify whether the RSI webhook waits to apply the patch or whether it applies the patch immediately.
Status
Optional.
Syntax
--skip_apply=true|false
Default value
false

If you omit this option, the default value is used.

Valid values
false
Force the webhook to apply the patch immediately.
true
Wait for the patch to be applied. The patch will be applied the next time the RSI cronjob runs or when you run the apply-rsi-patches command, whichever occurs first.
--spec_format The format of the patch spec JSON file.
Status
Optional.
Syntax
--spec_format=json|json-merge|set-env
Default value
json-merge

If you omit this option, the default value is used.

Valid values
json
Specify json if the --patch_spec JSON file contains a JSON array of patch operations that should be applied in sequence. For example:
[{"op":"add","path":"/metadata/labels/label-1","value":"value-1"}]

Ensure that json patches follow the JavaScript Object Notation (JSON) Patch (RFC 6902) standard.

json-merge
Specify json-merge if the --patch_spec JSON file contains a JSON pod spec path. For example:
{"metadata":{"labels":{"label-1": "value-1"}}}

Ensure that json patches follow the JSON Merge Patch (RFC 7386) standard.

set-env
Specify set-env if the --patch_spec JSON file contains a JSON array of key-value pairs. For example:
[{"name": "env-var-1","value": "env-var-value-1"}]
Restriction: This option applies only if you are creating an rsi_pod_env_var patch.
--state Specify whether the patch can be applied by the RSI webhook.
Status
Optional.
Syntax
--state=active|inactive
Default value
active

If you omit this option, the default value is used.

Valid values
active
Specify active to enable the webhook to apply the patch.
inactive
Specify inactive to prevent the webhook from applying the patch.
-v
-vv
-vvv
Display verbose output.

Options are listed from least verbose to the most verbose.

Status
Optional.
Syntax
Verbose output
-v
Very verbose output
-vv
Most verbose output
-vvv
Default value
Not applicable.
Valid values
Not applicable.

Examples

Note: The following example uses the recommended installation environment variables.

Use a script to create environment variables with the correct values for your environment. For details, see Best practice: Setting up install variables.

Create a new environment variable patch that is applied to zen-core pods
cpd-cli manage create-rsi-patch \
--cpd_instance_ns=${PROJECT_CPD_INSTANCE} \
--patch_type=rsi_pod_env_var \
--patch_name=sample-env-var-patch \
--patch_spec=/temp/work/rsi/zen-core-env-var.json \
--spec_format=json \
--selector=app.kubernetes.io/component:zen-core,component:zen-core \
--state=active
Update an existing patch to make it inactive
cpd-cli manage create-rsi-patch \
--cpd_instance_ns=${PROJECT_CPD_INSTANCE} \
--patch_name=my-pod-annotation-patch \
--state=inactive