Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-8954

Allow configuration of custom CatalogSource and OSSM version for automated Gateway API installation in disconnected clusters

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • Network - IngressDNS
    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description:

      Currently, when deploying the Gateway API in OpenShift, the creation of a GatewayClass automatically triggers the generation of a Subscription for servicemeshoperator3 in the openshift-operators namespace.

      This automated process hardcodes the CatalogSource to the default redhat-operators. We are requesting an enhancement to allow cluster administrators to specify a custom CatalogSource, sourceNamespace, and the specific OSSM version/channel to be used during this automated operator installation.

      Use Case / Business Need:

      Enterprise customers frequently operate OpenShift in disconnected (air-gapped) or highly regulated network environments. In these environments, direct access to external registries is blocked, and the default redhat-operators CatalogSource is either disabled or unavailable. Instead, customers use mirrored registries and custom CatalogSources (e.g., custom-mirrored-catalog).

      Because the Gateway API automation hardcodes redhat-operators, it breaks the automated deployment workflow in disconnected clusters, forcing manual intervention and hindering GitOps/automated provisioning pipelines.

      Current Behavior:

      When a GatewayClass is created, the system automatically creates a Subscription for servicemeshoperator3 that looks like this: 

      spec:
  name: servicemeshoperator3
  source: redhat-operators         # <--- Hardcoded
  sourceNamespace: openshift-marketplace
  # No mechanism to specify a target version/channel

       

      If redhat-operators does not exist or is disconnected, the subscription fails to resolve, and the Gateway API deployment stalls.

      Expected/Desired Behavior:

      Provide a mechanism to override the default Subscription parameters. This could be implemented via:

      1. Annotations/Labels on the GatewayClass: Allowing users to define the catalog source, namespace, and channel directly on the resource.
      1. Cluster-wide ConfigMap/CRD: A configuration object where administrators can define default OperatorHub installation targets for automated Gateway API deployments.

      The mechanism should allow customization of the following fields for the servicemeshoperator3 Subscription:

      • source (e.g., my-custom-catalog)
      • sourceNamespace (e.g., openshift-marketplace)
      • channel / startingCSV (to pin specific OSSM 3.x versions)

      Business Impact:

      Without this feature, Gateway API adoption in secure, air-gapped environments is heavily penalized by manual workarounds. Enabling this customization aligns with Red Hat's standard support for disconnected environments and enables smoother automation for high-security customers.

              mcurry@redhat.com Marc Curry
              rhn-support-vdurgam Vedant Durgam
              None
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                None
                None