Using the official Grey Matter operator to install on Kubernetes

We recommend using the operator to manage the lifecycle of your Grey Matter installation. The operator supports Grey Matter versions 1.6 and up.

This guide walks through a standard installation of the Grey Matter Operator. For more information on customizing your installation, refer to Deploy a Mesh.


This guide references the following environment variables for authenticating with the container registry where your Grey Matter images are stored:


Install the operator

Clone the operator Github repo to a local directory:

git clone --recurse-submodules

In the root of the repo directory, run the following to generate the installation manifests and apply them to your Kubernetes cluster:

cd pkg/cuemodule/core
cue eval -c ./k8s/outputs --out text \
         -t spire=false \
         -t \
         -e operator_manifests_yaml | kubectl apply -f -

kubectl create secret docker-registry gm-docker-secret \
  --docker-server=$GREYMATTER_REGISTRY \
  -n gm-operator

# An SSH key allowed to access the GitOps core repository for Grey Matter components,
# which defaults to - see k8s/outputs/operator.cue.
# If you use "-t test=true", GitOps is turned off and this secret will not be used.
# For now, it must still be defined anyway.
kubectl create secret generic greymatter-sync-secret \
  --from-file=id_ed25519=$HOME/.ssh/id_ed25519 \
  -n gm-operator

Verify operator installation

To verify your operator installation, get the name of the single running pod in the gm-operator namespace:

POD_NAME=$(kubectl get pod -n gm-operator -o jsonpath='{.items[0]}')

From there, you can track the logs of the operator instance running in this pod:

kubectl logs -n gm-operator $POD_NAME -f

By default, the operator is configured to create a mesh after it initializes. Grey Matter core components will be deployed to the greymatter namespace and the Grey Matter data plane will include all workloads in the default namespace!

Next Step

