Installing the Spyre Operator
The Spyre Operator helps your cluster run AI workloads more efficiently. It improves scheduling, manages resources, works with Spyre operators to optimize spyre use, supports AI pipelines, and integrates with IBM AI services.
- Search The Spyre Operator on the OperatorHub page in the Red Hat OpenShift Web Console.
- Select the Spyre Operator.
- Click the Spyre Operator, the Install Operator page appears .
- In the Installed Namespace from the menu, select spyre- operator.
- Click Install.
- Wait for the ready tab and click View Operator .
- The Operator is installed successfully, if the status is set to Succeeded.
- Click SpyreClusterPolicy tab on the installed Operators details page.
Example YAML:
Note: To install Spyre operator version 1.2.0, you can use the following follow the example. For version 1.1.1, change the version to 1.1.1.apiVersion: spyre.ibm.com/v1alpha1 kind: SpyreClusterPolicy metadata: name: spyreclusterpolicy spec: experimentalMode: - perDeviceAllocation loglevel: info devicePlugin: repository: "quay.io/ibm-aiu" image: "spyre-device-plugin" version: 1.2.0 configPath: /etc/aiu configName: senlib_config.json initContainer: repository: "quay.io/ibm-aiu" image: "spyre-device-plugin-init" version: 1.2.0 executePolicy: IfNotPresent scheduler: repository: "quay.io/ibm-aiu" image: "spyre-scheduler" version: 1.2.0 podValidator: enabled: true repository: "quay.io/ibm-aiu" image: "spyre-webhook-validator" version: 1.2.0 cardManagement: enabled: false metricsExporter: enabled: false repository: "quay.io/ibm-aiu" image: "spyre-exporter" version: 1.2.0 healthChecker: enabled: true repository: "quay.io/ibm-aiu" image: "spyre-health-checker" version: 1.2.0Field Type Description Default Device plug-in Configuration spec.devicePlugin.configName string Configuration file name inside the container senlib_config.json spec.devicePlugin.configPath string Configuration file path inside the container /etc/aiu spec.devicePlugin.env [] object Environment variables for the device plug-in container - spec.devicePlugin.topologyConfigMap string Name of ConfigMap containing topology configuration - Device plug-in Init Container spec.devicePlugin.initContainer.executePolicy enum When to run the init container: Always or IfNotPresent IfNotPresent Pod Validator Configuration spec.podValidator.enabled boolean Enable or disable the pod validation webhook true Other Configuration spec.cardManagement object Card management component configuration Not Supported for s390x spec.experimentalMode []enum Experimental features to enable. Options: perDeviceAllocation(specify devices by PCI address),topologyAwareAllocation(policy-based allocation),externalDeviceReservation(use scheduler for reservation)- spec.loglevel enum Operator log level: debug, info, or error info spec.metricsExporter object Metrics exporter component configuration Not supported for s390x spec.skipUpdateComponents []string Components skip updating if already deployed. Options: commonInit, devicePlugin, cardManagement, metricsExporter, scheduler, podValidator - Note:- Only one SpyreClusterPolicy resource should exist per cluster.
- Device plug-in pod is scheduled on all pods where spyre cards are attached.
- Once the SpyreClusterPolicy changes are done, if any, click Create.
- Check if the SpyreClusterPolicy is ready.
- Run the following command to check the status of the SpyreNodeState resource for your
worker node:
oc describe spyrenodestate <worker-node-name> - The output displays details for each attached Spyre card, including health and PCI addresses.
Name: ocpz-standard-compute-1 Namespace: Labels: <none> Annotations: <none> API Version: spyre.ibm.com/v1alpha1 Kind: SpyreNodeState Metadata: Creation Timestamp: 2026-03-02T09:10:22Z Generation: 2 Owner References: API Version: spyre.ibm.com/v1alpha1 Block Owner Deletion: true Controller: true Kind: SpyreClusterPolicy Name: spyreclusterpolicy UID: 14ed828d-4405-4820-83b5-3634aef63bf2 Resource Version: 1598150 UID: 536c0233-51e8-48ad-8151-a1dd283620cf Spec: Node Name: ocpz-standard-compute-1 Spyre SSA Interfaces: Health: healthy Pci Address: 0003:00:00.0 Health: healthy Pci Address: 0001:00:00.0 Health: healthy Pci Address: 0002:00:00.0 Status: Conditions: Last Transition Time: 2026-03-02T09:10:24Z Message: All devices are healthy. Reason: AllDevicesHealthy Status: True Type: DeviceHealthy Events: <none>Note: Only create one SpyreClusterPolicy in the entire Red Hat OpenShift cluster.
Deploying the Spyre Operator manually through CLI
Note: This is an optional step to install the Spyre Operator in case the RHOCP OperatorHub is not
used for installation. The Spyre Operator is a part of certified operators; you have to enable
certified- operators, before installation.
- Create the spyre-operator namespace by running the following
command:
oc create ns spyre-operator - Create a YAML file of kind
OperatorGroup, that is similar to the following example:apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: spyre-operator-group namespace: spyre-operator - Apply the YAML file by running the following
command:
oc apply -f operator-group.yaml - Create a YAML file of kind
Subscription, that is similar to the following example:apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: spyre-operator namespace: spyre-operator spec: channel: "stable" name: spyre-operator source: ibm-spyre-operators sourceNamespace: openshift-marketplace - Apply the YAML file by running the following command:
oc apply -f subscription.yaml
Updating the Spyre operator from 1.1.0 to 1.1.1
- Select the Subscription Update Channel, click Save.
- Verify if the the CatalogSourse and csv are updated.
- Recreate the SpyreClusterPolicy to ensure the upgraded cluster is governed correctly.
Updating the Spyre Operator manually through CLI from 1.1.0 to 1.1.1
- Edit the YAML to upgrade Operator by changing the subscription
oc edit subscription spyre-operator -n spyre-operatorNote: To update the operator to 1.1.1 edit channel"stable"to"stable-v1.1"