1. Proposed title of this feature request

Ability to disable or remove storage cluster operator capability on an already on-prem, UPI, VMWare OCP cluster.

2. What is the nature and description of the request?

Today, in OCP 4.12, customers can opt to deploy a cluster removing some cluster capabilities: https://docs.openshift.com/container-platform/4.12/installing/cluster-capabilities.html
What it's not possible at the moment is to remove those capabilities on an already deployed cluster.

• You install your cluster on a vSphere platform using the resources provided by the infrastructure.

• When time passes, your cluster might not need some resources from the infrastructure anymore.

• InfoSec could recommend you to disable some functionality if you are not currently using it.

• As a result, this now becomes a need to switch/replace your vSphere UPI deployment to a Baremetal UPI one.

3. Why does the customer need this? (List the business requirements here)

After customer suffered an attack they had to reinstall two clusters from scratch in just a few days.
They were forced to isolate the VMWare vSphere network due to the new security rules. This means that normally the vCenter is not reachable even from the openshift network. The installation is deliberately UPI and in fact, except having on the dashboard that the operator storage is degraded, the test and production clusters work perfectly.

Every time they have to update the cluster they are forced to temporarily open traffic to the vCenter in order to update.
Also getting email alerts about the storage operator which are quite annoying.

Redeployment of the cluster again, using this time an agnostic Baeremetal UPI mode, is disregarded by the customer as they preffer to try a "transformation" like method.

4. List any affected packages or components.

Cluster Storage Operator, but they may be other operator involved as the final purpose is to cut off all communications with vCenter as they are not needed anymore.

5. Additional information

This request seems to be similar to https://issues.redhat.com/browse/RFE-1314 https://issues.redhat.com/browse/STOR-743 although in this case customer wants to be able to disable the cluster operator storage capability, same as described in recent OCP version 4.12 https://docs.openshift.com/container-platform/4.12/installing/cluster-capabilities.html#cluster-storage-operator_cluster-capabilities
We would like to open discussion about if it would be feasible to, not only disable the Cluster Storage Operator, but if it worth to wide open the subject of the RFE to completely disable the vsphere integration for vsphere UPI installations, as one of the purpose is to isolate the vCenter.
Also there are some concerns about, not only if these proposal are feasible, but what would be the impact and the supportability of it. We would like to avoid customers to shoot in their feet if they "accidentally" disable the Cluster Storage Operator of the whole vCenter integration.