-
Feature
-
Resolution: Unresolved
-
Major
-
None
-
None
-
BU Product Work
-
False
-
-
False
-
0% To Do, 100% In Progress, 0% Done
-
0
-
Program Call
Feature
Create a main documentation section that consolidates the information that’s now spread out across multiple sections, to find all the required information starting in one landing page. For example, something similar to the installation overview landing page.
Add details of the different disconnected experiences as air-gapped, disconnected and network restricted, and where they apply to each user requirement. For example:
- Air-gapped can be achieved with the agent-based installer along with a pre-installed registry mirror dedicated to the air-gapped environment.
- Disconnected can be done without access to the internet (no access to Red Hat’s registry), but with access to an image registry available in the local network.
- Restricted networks access may be used for access to public clouds zones via VPN/VPC from on-prem, etc.
Document a flow where users find everything they need to deploy and manage their disconnected cluster, rather than having to figure out where the description for each task is found.
Problem to solve
The importance of offering comprehensive support for air-gapped environments has increased over the years. As an example in the industry now we have to qualify for it in the Gartner Magic Quadrant on Container Management every year.
We must offer good guidance in our documentation for this increasing number of customers that install and operate OpenShift in air-gapped environments.
OpenShift documentation has multiple and separate sections that describe the disconnected installation and management of OpenShift but there isn’t a cohesive description and guidance for a complete installation and operation of OpenShift.
Furthermore, the documentation refers in different ways to this experience, describing “disconnected”, “air-gapped”, and “restricted networks”. This should be clearly presented and differentiated.
How Red Hat supports deployment and operations of OpenShift on air-gapped infrastructure with limited or no connectivity to the public internet
OpenShift includes multiple ways to deploy OpenShift clusters: the Agent-Based Installer, IPI installers, UPI installations and RHACM. These methods eliminate the need for a connection to the internet.
For lifecycle management in disconnected or partially connected OpenShift clusters, updates and upgrades are done from a mirrored set of OpenShift container images in a private registry. For installation, the OpenShift installer configuration file must use the private registry for retrieving container images. This registry must be running at all times as long as the cluster is running.
You can use the oc-mirror OpenShift CLI (oc) plugin to mirror images to a mirror registry in your fully or partially disconnected environments. You must run oc-mirror from a system with internet connectivity to download the required images from the official Red Hat registries.The mirrored registry must be reachable by every machine in the clusters. After the target mirror registry is populated with the initial image set, it can be regularly updated for the latest content.
In a disconnected environment, you'll also need to mirror the Operator catalogs and configure the OLM to use the mirrored catalogs. This ensures the OLM can install and manage Operators within the air-gapped cluster.
Key OpenShift capabilities are also available on air-gapped environments beyond Kubernetes, including: OpenShift GitOps, OpenShift pipeline capability, OpenShift ServiceMesh, OpenShift Serverless, etc.
