- Michele Chilanti, Pam Andrejko
After you provision an OpenShift cluster in an air gap (or disconnected) environment, you might think the hard work is done. But depending on how you provisioned the cluster, when you open OperatorHub in your OpenShift console, the Red Hat Catalog operators might not be there. When a Cloud Pak requires a service from the catalog, such as Strimzi or PostgreSQL, additional steps are required to mirror those operator images. This two-part blog series walks you through how to mirror the operators and provides an example of how to deploy and configure the Enterprise DB PostgreSQL operator. Part II also shows how to deploy a test client that can be used to verify that an application can connect to the database.
Part I: Mirroring the operators from the Red Hat catalog
The Red Hat documentation describes how to mirror the operator images. Red Hat operators are available from registry.redhat.io/redhat/redhat-operator-index. Because the PostgreSQL we plan to install is from EnterpriseDB, it is considered a third-party service, and is available from registry.redhat.io/redhat/certified-operator-index instead. This distinction becomes important later when we mirror the images.
These instructions assume you configured a local mirror registry for the Red Hat images when you installed OpenShift in your air gap environment. In this example, we use a local Docker registry. Perform the following steps to mirror the operators and then add them to the Red Hat Catalog.
1. From a command line, log in to registry.redhat.io and then registry.connect.redhat.com using your Red Hat credentials. This action saves your credentials to a file named ${XDG_RUNTIME_DIR}/containers/auth.json .
podman login registry.redhat.io
podman login registry.connect.redhat.com
export REG_CREDS=${XDG_RUNTIME_DIR}/containers/auth.json
2. Next, log in to your local container registry where you will mirror the images to, for example:
docker login <LOCAL_REGISTRY_HOST>:<LOCAL_REGISTRY_PORT>
3. Run the following command to mirror the registry that contains the PostgreSQL operator:
- where:
- - --insecure is only required if your registry is considered insecure.
- - --index-filter-by-os depends on your environment. Valid values are linux/amd64, linux/ppc64le, and linux/s390x.
This step will take a while to complete.
4. When the mirroring completes, the required catalogSource.yaml and imageContentSourcePolicy.yaml files are generated for you. Look for the following line in the output to locate the folder that contains these files in your working directory:
- wrote mirroring manifests to manifests-certified-operator-index-<some_key>
5. Then apply the image content source policy yaml from that folder.
- The update to the image image content source policy triggers a reboot of all of the nodes in your cluster. Wait for all the nodes to restart before proceeding. Run the following command to determine when the nodes are ready:
- oc get machineconfigpool -w
6. Apply the catalog source yaml to add the certified operators to the Red Hat catalog:
This concludes Part I of the series. You have mirrored and installed the Red Hat operator images that you need. Part II of this series demonstrates how to deploy, configure and then test the Enterprise DB PostgreSQL operator to confirm it is working.#PostgreSQL#database#Openshift