Dev Notes

These are the steps followed to test RHCL on OCP 4.18 (4.18.0-0.nightly-2025-03-11-222340)

1. Install *cert-manager Operator for Red Hat OpenShift* (*1.15.0 provided by Red Hat*) web console 
2. Install `Red Hat OpenShift Service Mesh 3` operator (*3.0.0 provided by Red Hat, Inc.*) web console 
3. Creating Istio project using web console
4. Creating the istio resource using the web console
   1. version: v1.24.3
5. Creating the IstioCNI project using the web console
6. Creating the IstioCNI resource using the web console
7. Enable the Gateway API v1.0.0 CRDs: 

   oc get crd gateways.gateway.networking.k8s.io &> /dev/null ||  \{ oc kustomize "github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.1.0" | oc apply -f -; }
   

8. Install Red Hat Connectivity Link (1.0.1 provided by Red Hat).
   1. RHCL is not available in OCP 4.18. Therefore, These steps will create custom index mirroring the images and manifests from OCP v4.17 index and then deploy the index and the operator.
   2. (optional) Disable the default OperatorSources/Sources

          oc patch OperatorHub cluster --type json -p '[\{"op": "add", "path": "/spec/disableAllDefaultSources", "value": true}]'
      

   3. Custom index image

          mkdir /tmp/rhcl-index && cd /tmp/rhcl-index
          mkdir index-dir
          opm generate dockerfile index-dir
          
          #
          # Add RHCL operator catalog entry
          #
          opm render registry.redhat.io/redhat/redhat-operator-index:v4.17 -o yaml | yq e 'select(.package == "rhcl-operator"  or .name == "rhcl-operator")' > /tmp/rhcl-operator.index.yaml
          
          #
          # Add Limitador operator catalog entry
          #
          opm render registry.redhat.io/redhat/redhat-operator-index:v4.17 -o yaml | yq e 'select(.package == "limitador-operator"  or .name == "limitador-operator")' > /tmp/limitador-operator.index.yaml
          
          #
          # Add Authorino operator catalog entry
          #
          opm render registry.redhat.io/redhat/redhat-operator-index:v4.17 -o yaml | yq e 'select(.package == "authorino-operator"  or .name == "authorino-operator")' > /tmp/authorino-operator.index.yaml
          
          #
          # Add DNS operator catalog entry
          #
          opm render registry.redhat.io/redhat/redhat-operator-index:v4.17 -o yaml | yq e 'select(.package == "dns-operator"  or .name == "dns-operator")' > /tmp/dns-operator.index.yaml
          
          #
          # Put everything together
          #
          yq e '.' /tmp/rhcl-operator.index.yaml /tmp/limitador-operator.index.yaml /tmp/authorino-operator.index.yaml /tmp/dns-operator.index.yaml > index-dir/catalog.yaml
          
          # validate
          opm validate index-dir
      

          

   4. Build catalog image

          docker build -t quay.io/eastizle/bundle-catalogs:rhcl-test-v1.0.1 -f index-dir.Dockerfile .
          
          docker push quay.io/eastizle/bundle-catalogs:rhcl-test-v1.0.1
      

       

   5. Deploy catalog image

          kubectl create ns kuadrant-system
      

          kubectl apply -f - <<EOF
          kind: OperatorGroup
          apiVersion: operators.coreos.com/v1
          metadata:
            name: kuadrant-system
            namespace: kuadrant-system
          spec:
            upgradeStrategy: Default
          EOF
      

          kubectl apply -f - <<EOF
          apiVersion: operators.coreos.com/v1alpha1
          kind: CatalogSource
          metadata:
            name: rhcl-operator-catalog
            namespace: kuadrant-system
          spec:
            sourceType: grpc
            image: quay.io/eastizle/bundle-catalogs:rhcl-test-v1.0.1
            displayName: RHCL Operators
            publisher: grpc
            updateStrategy:
              registryPoll:
                interval: 5m
          EOF
      

   6. Install the RHCL Operator

          kubectl apply -f - <<EOF
          apiVersion: operators.coreos.com/v1alpha1
          kind: Subscription
          metadata:
            name: rhcl-operator
            namespace: kuadrant-system
          spec:
            channel: stable
            installPlanApproval: Automatic
            name: rhcl-operator
            source: rhcl-operator-catalog
            sourceNamespace: kuadrant-system
          EOF
      

   7. Wait for the Kuadrant Operators to be installed as follows:

          kubectl get installplan -n kuadrant-system -o=jsonpath='\{.items[0].status.phase}'
      

          Eventually, this command should return `Completed`
          

9. Deploy RHCL control plane instance

       kubectl apply -f - <<EOF
       apiVersion: kuadrant.io/v1beta1
       kind: Kuadrant
       metadata:
         name: kuadrant
         namespace: kuadrant-system
       EOF
   

   1. Wait for the Kuadrant to be installed as follows:

          kubectl get kuadrant kuadrant -n kuadrant-system -o=jsonpath='\{.status.conditions[?(@.type=="Ready")].message}{"\n"}'
      

      You should see the message `kuadrant is ready`
          

10. Follow *Authenticated Rate Limiting for Application developers*