Overview

The cpln operator command manages the Kubernetes secret required for Control Plane integration. This command provides two subcommands:

  • install: Creates a Kubernetes secret which grants the Control Plane operator access to one of your orgs.
  • uninstall: Removes the operator-installed secret from your cluster.

If a secret with the organization name already exists and was not installed by the operator, the installation will fail to prevent conflicts.

Prerequisites

  • CLI installed.
  • Access to a Kubernetes cluster with permissions to create namespaces and secrets.

operator install

Creates a Kubernetes secret which grants the Control Plane operator access to one of your orgs.

Options

Required

  • --serviceaccount, -s
    • The Control Plane service account name for the operator. If it does not exist, a new one will be created.

Optional

  • --serviceaccount-group, -g
    • The group to assign to the specified service account. Defaults to "superusers".
  • --export
    • Export the Kubernetes resources to a stdout instead of applying them directly to the cluster.

Usage Example

To install the Kubernetes operator and create the necessary service account and secret, run:

cpln operator install --serviceaccount my-operator-sa --serviceaccount-group superusers --org demo-org --profile default

This command will:

  • Check if my-operator-sa exists; If not, create it.
  • Assign the service account to the superusers group.
  • Generate a key for the service account and create a Kubernetes secret named demo-org in the controlplane namespace.
  • Abort if a conflicting secret (not installed by the operator) already exists.

Exporting Kubernetes Resources

If you prefer to export the operator’s Kubernetes resource definitions without applying them immediately, use:

cpln operator install --serviceaccount my-operator-sa --export --org demo-org --profile default

This outputs the resource definitions so you can inspect or apply them manually.

operator uninstall

Removes the operator-installed secret from your cluster.

Usage Example

To uninstall the operator and remove its secret from your cluster, run:

cpln operator uninstall --org demo-org --profile default

The command searches for the secret (identified by a special annotation) in the controlplane namespace and deletes it. If the secret is not found, the command exits with code 0.