-
Story
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
OpenShift Ingress is a core OpenShift operator responsible for managing ingress traffic. It currently installs Istio as the Gateway API implementation using the Sail Operator, which is deployed via OLM (Operator Lifecycle Manager).
This creates a problematic dependency: a core platform operator depends on a user-space operator. This leads to version ownership conflicts, lifecycle coupling, and upgrade complexity. When OpenShift ships a new version, it cannot guarantee the Istio version because Sail is managed separately through OLM.
This proposes changes to upstream Sail that enable the downstream OSSM (OpenShift Service Mesh) Operator to build a library that OpenShift Ingress can embed, bypassing OLM entirely. This makes the Gateway API implementation a true platform feature with predictable versioning.
Proposal: https://gist.github.com/aslakknutsen/faccb6bc6d9ecf551397831a1d64e54f
Working Branch: https://github.com/aslakknutsen/sail-operator/tree/sail_library_2
- relates to
-
-
- In Progress
-
1.
|
[upstream] make managed-by label value configurable via ChartManagerOption |
|
Code Review | 
|
Aslak Knutsen |
2.
|
[downstream] library level support for istiod install/uninstall |
|
In Progress |
|
Aslak Knutsen |
3.
|
[downstream] API to help the CIO watcher reconcile the istio resources |
|
In Progress |
|
Aslak Knutsen |
4.
|
[downstream] CRD management for the istio CRDs |
|
In Progress |
|
Aslak Knutsen |
5.
|
[downstream] library level support for product ImageDigests injected by Konflux |
|
In Progress |
|
Aslak Knutsen |
6.
|
[downstream] expose the RBAC required to install istio charts |
|
In Progress |
|
Aslak Knutsen |
7.
|
[downstream] test-e2e the library default options |
|
New |
|
Unassigned |
8.
|
[downstream] test-e2e the library rbac |
|
New |
|
Unassigned |
9.
|
[downstream] test-e2e the library drift detect / reinstall |
|
New |
|
Unassigned |
