Master operator mirroring with oc-mirror

Learning path | 4 resources | 1 hr and 45 mins | Published on September 25, 2025
Sathish Kumar Hemadhri

When operating within restricted environments, mirroring OpenShift operators can allow users to manage and update their clusters without internet access. Follow this end-to-end guide to learn how.

Access the Developer Sandbox

  1. Overview: Master operator mirroring with oc-mirror
  2. Getting operators to use with oc-mirror Page | 30 mins
  3. Defining and configuring your operators for use with oc-mirror Page | 45 mins
  4. Validating your mirrored operators Page | 30 mins

Overview: Master operator mirroring with oc-mirror

Feature image for Red Hat OpenShift

Disconnected or air-gapped environments are common in industries that demand strict security and regulatory compliance. Mirroring Red Hat OpenShift operators allows customers to manage and update their clusters without direct access to the internet. This document provides a comprehensive, end-to-end guide for configuring and executing the mirroring of Operator catalogs using the oc-mirror tool (version 2) in a disconnected OpenShift environment. It covers the following key areas in detail:

  • Mirroring Red Hat and certified operators using oc-mirror v2.
  • Installing a specific version of an operator from a designated channel.
  • Upgrading to the latest available operator version within a channel.

The procedures outlined are intended to support efficient operator lifecycle management in disconnected OpenShift deployments.

Prerequisites:

  • Valid Red Hat subscriptions and pull secrets for accessing the operator catalogs.
  • A private registry (e.g., Quay) configured and reachable from Red Hat OpenShift Container Platform (RHOCP) Cluster.
  • Tools like oc-mirror and utilities like Podman or Skopeo for image operations.
  • Adequate storage and network bandwidth to host and transfer operator images.

Planning considerations: 

  • Which operators you need to mirror based on workloads and support policies.
  • The storage size of operator catalogs and images, and plan for how often operators sync updates from Red Hat’s remote registry to a local registry.
  • Whether to mirror the entire catalog or only select operators.

In this learning path, you will:

  • Retrieve available operator catalogs for your OpenShift version.
  • Configure and implement the oc-mirror plugin.
  • Mirroring operators to a designated mirror registry.
  • Explore viable workarounds.