Install on disconnected networks

You might need to install the identity configuration management for Kubernetes operator on Red Hat OpenShift Container Platform clusters that are not connected to the Internet. The procedure to install on a disconnected environment requires some of the same steps as the connected installation.

You must download copies of the packages to access them during the installation, rather than accessing them directly from the network during the installation.

Note	Upgrades are not supported from identity configuration management for Kubernetes v0.1.0. If you have v0.1.0 installed, you will need to uninstall it before installing v0.2.0 or higher.

Prerequisites
Confirm your OpenShift Container Platform installation
Preparing to install on infrastructure nodes

Prerequisites

You must meet the following requirements before you install the identity configuration management for Kubernetes operator:

Red Hat OpenShift Container Platform version 4.8.12 or later must be deployed in your environment, and you must be logged in with the command line interface (CLI).
You need access to the catalog.redhat.com.

Note: For managing bare metal clusters, you must have OpenShift Container Platform version 4.8.12 or later.

See the OpenShift Container Platform version 4.8 documentation.
Your Red Hat OpenShift Container Platform CLI must be version 4.8 or later, and configured to run oc commands. See Getting started with the CLI for information about installing and configuring the Red Hat OpenShift CLI.
Your Red Hat OpenShift Container Platform permissions must allow you to create a namespace.
You must have a workstation with Internet connection to download the dependencies for the operator.

Confirm your OpenShift Container Platform installation

You must have a supported OpenShift Container Platform version, including the registry and storage services, installed and working in your cluster. For information about OpenShift Container Platform version 4.8, see OpenShift Container Platform Documentation.
When and if you are connected, you can ensure that the OpenShift Container Platform cluster is set up correctly. Access the OpenShift Container Platform web console.

Run the kubectl -n openshift-console get route command to access the OpenShift Container Platform web console. See the following example output:
```
openshift-console          console             console-openshift-console.apps.new-coral.purple-chesterfield.com                       console              https   reencrypt/Redirect     None
```
The console URL in this example is: https:// console-openshift-console.apps.new-coral.purple-chesterfield.com. Open the URL in your browser and check the result.

If the console URL displays console-openshift-console.router.default.svc.cluster.local, set the value for openshift_master_default_subdomain when you install OpenShift Container Platform.

See Sizing your cluster to learn about setting up capacity for your operator.

Installing in a disconnected environment

Important: You need to download the required images to a mirroring registry to install the operators in a disconnected environment. Without the download, you might receive ImagePullBackOff errors during your deployment.

Follow these steps to install the identity configuration management for Kubernetes operator in a disconnected environment:

Create a mirror registry. If you do not already have a mirror registry, create one by completing the procedure in the Mirroring images for a disconnected installation topic of the Red Hat OpenShift Container Platform documentation.

If you already have a mirror registry, you can configure and use your existing one.

Create a YAML file that contains the ImageContentSourcePolicy with the name idp-mgmt-config-policy.yaml. Note: If you modify this on a running cluster, it causes a rolling restart of all nodes.

apiVersion: operator.openshift.io/v1alpha1
kind: ImageContentSourcePolicy
metadata:
  name: identity-config
spec:
  repositoryDigestMirrors:
  - mirrors:
    - mirror.registry.com:5000/identity-config
    source: registry.redhat.io/identity-config

Apply the ImageContentSourcePolicy file by entering the following command:
```
oc apply -f idp-mgmt-config-policy.yaml
```
Enable the disconnected Operator Lifecycle Manager Red Hat Operators and Community Operators.

the identity configuration management for Kubernetes operator is included in the Operator Lifecycle Manager Red Hat Operator catalog.
Configure the disconnected Operator Lifecycle Manager for the Red Hat Operator catalog. Follow the steps in the https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/operators/administrator-tasks# Operator Lifecycle Manager-restricted-networks[Using Operator Lifecycle Manager on restricted networks] topic of the Red Hat OpenShift Container Platform documentation.
Now that you have the image in the disconnected Operator Lifecycle Manager, continue to install the identity configuration management for Kubernetes operator for Kubernetes from the Operator Lifecycle Manager catalog.

See Installing while connected online for the required steps.