Airgap Installation for OpenShift Operators

Airgap installation is always a challenging thing for OpenShift. By setting up a mirror registry and applying ImageContentSourcePolicy CRD to the cluster, we can instruct the OCI container engine to retrieve the source image from its mirrored image hosted in the mirror registry. This solves the airgap images for the cluster and the apps.

There is still a 3rd type of image for an airgap environment to tackle, that is the Operator related images. This paper documents the Operator based installation in an air-gapped environment, the steps, and the hiccups, and how it is being resolved.

OpenShift manages operators through Operator Catalog.

An Operator catalog is a repository of metadata that Operator Lifecycle Manager (OLM) can query to discover and install Operators and their dependencies on a cluster.

To install an operator in an air-gapped environment, we first need to sync the operator catalog. Starting from OCP4.6, the operator catalog is released as a container image, called an index image.

Create a custom pruned index image

Let's see we are interested in the RedHat-operators of serverless (Knative), pipeline (Tekton), and service mesh (Istio) only. We can keep the operators that we are interested in, prune the rest.