Red Hat Developer Hub 1.8

Orchestrator in Red Hat Developer Hub

Orchestrator enables serverless workflows for cloud migration, onboarding, and customization in Red Hat Developer Hub

Red Hat Customer Content Services

Abstract

As an administrator, you can use Orchestrator to enable serverless workflows in Red Hat Developer Hub to support cloud migration, developer onboarding, and custom workflows.

1. About Orchestrator in Red Hat Developer Hub

You can streamline and automate your work by using the Orchestrator in Red Hat Developer Hub. It enables you to:

  • Design, run, and monitor workflows to simplify multi-step processes across applications and services.
  • Standardize onboarding, migration, and integration workflows to reduce manual effort and improve consistency.
  • Extend RHDH with enterprise-grade Orchestration features to support collaboration and scalability.
Note

Orchestrator currently supports only Red Hat OpenShift Container Platform (OpenShift Container Platform); it is not available on Microsoft Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), or Google Kubernetes Engine (GKE).

To start using Orchestrator in RHDH, you must:

  • Install the required infrastructure components, such as Red Hat OpenShift Serverless Operator, Knative Serving, Knative Eventing, and OpenShift Serverless Logic Operator
  • Configure your Backstage custom resource (CR) or Helm values file for Orchestrator
  • Import the Orchestrator software templates into the Red Hat Developer Hub catalog

1.1. Supported architecture for Orchestrator

You can use Orchestrator to design, run, and monitor workflows that automate key tasks. It builds on components like SonataFlow and OpenShift Serverless, which provide the runtime environment and event-driven capabilities needed to power your workflows.

To help you get started quickly, the following Orchestrator plugin components are included but disabled by default in the dynamic-plugins.default.yaml file:

  • "backstage-plugin-orchestrator"
  • "backstage-plugin-orchestrator-backend-dynamic"
  • "backstage-plugin-scaffolder-backend-module-orchestrator-dynamic"
  • "backstage-plugin-orchestrator-form-widgets"

To enable these plugins, set the plugins.disabled parameter to false.

1.2. Compatibility guide for Orchestrator

The following table lists the RHDH Orchestrator plugin versions and their compatible corresponding infrastructure versions.

Orchestrator plugin version

Red Hat Developer Hub (RHDH) version

OpenShift version

OpenShift Serverless Logic (OSL) version

OpenShift Serverless version

Orchestrator 1.5

1.5

4.14 - 4.18

OSL 1.35

1.35

Orchestrator 1.6

1.6

4.14 - 4.18

OSL 1.36

1.36

Orchestrator 1.7 (RHDH 1.8)

1.8

4.16 - 4.19

OSL 1.36

1.36

Note

Orchestrator plugin supports the same OpenShift Container Platform versions as RHDH. See the Life Cycle page.

1.3. Orchestrator plugin dependencies for Operator installation

When you enable the Orchestrator plugin in your Backstage custom resource (CR), the Operator automatically provisions the following required dependencies:

  • A SonataflowPlatform CR
  • NetworkPolicies that allow traffic between infrastructure resources (Knative, Serverless Logic Operator), monitoring traffic, and intra-namespace traffic

The Orchestrator plugin requires these components to run. For example, to communicate with the SonataFlow platform, the Orchestrator plugin uses the sonataflow-platform-data-index-service, which is created by the SonataFlowPlatform CR.

Important

The SonataFlowPlatform CR contains Data Index service that requires PostgreSQL database as shown in the following example: 

      persistence:
        postgresql:
          secretRef:
            name: backstage-psql-secret-{{backstage-name}}
            userKey: POSTGRES_USER
            passwordKey: POSTGRES_PASSWORD
          serviceRef:
            name: backstage-psql-{{backstage-name}} # # Namespace where the Backstage CR is created
            namespace: {{backstage-ns}} # Namespace where the Backstage (CR) is created
            databaseName: backstage_plugin_orchestrator

By default, the Orchestrator plugin dependencies use the following:

  • The PostgreSQL database named backstage_plugin_orchestrator created by Backstage
  • A Secret created by Backstage Operator for the PostgreSQL with POSTGRES_USER and POSTGRES_PASSWORD keys as the database credentials in the Backstage CR namespace.
  • A Service created by Backstage Operator for the PostgreSQL database with the name backstage-psql-{{backstage-name}} in the Backstage CR namespace.
Note

To enable the Backstage Operator to work with the SonataFlow platform, its ServiceAccount must have the appropriate permissions.

The Operator automatically creates the required Role and RoleBinding resource in profile/rhdh/plugin-rbac directory.

Additional resources

1.4. Orchestrator plugin components on OpenShift Container Platform

To run the Orchestrator plugin successfully on OpenShift Container Platform, you must first install the following required components:

  • Red Hat Developer Hub (RHDH) Backstage
  • OpenShift Serverless Logic Operator

  • OpenShift Serverless Operator

    • Knative Serving
    • Knative Eventing
  • (Optional) For managing the Orchestrator project, you need a preinstalled instance of Argo CD or Red Hat OpenShift GitOps in the cluster. It is disabled by default.
  • (Optional) To use Tekton tasks and the build pipeline, you need a preinstalled instance of Tekton or Red Hat OpenShift Pipelines in the cluster. These features are disabled by default.

The most recommended approach to install the dependencies for the Orchestrator plugin is by enabling the dependencies for the Orchestrator plugin directly during your RHDH installation. When you configure RHDH to include the Orchestrator plugin, the RHDH Operator installs the necessary OpenShift Serverless Operators, eliminating the need for separate scripts or Helm charts.

For specific use cases, you can choose to install the dependencies manually or use helper utilities.

1.4.1. Installing components using the Orchestrator Infrastructure for Red Hat Developer Hub Helm chart

You can use Orchestrator Infrastructure for Red Hat Developer Hub to install components for the Orchestrator plugins.

Procedure

  1. Run the helm install command for the orchestrator-infra chart. This command initiates the installation of the Red Hat Serverless Operator and Red Hat Serverless Logic Operator components.
  2. Manually approve the install plans for the Operators. You must run the oc patch installplan commands provided in the output to approve their installation.
Important

By default, Orchestrator Infrastructure for Red Hat Developer Hub Helm chart does not auto-approve the required Serverless Operators. You must manually approve the install plans.

1.4.2. Installing Orchestrator components manually on OpenShift Container Platform

Use manual installation when you want full control of the setup process and component versions. Manual installation method focuses on setting up the underlying infrastructure.

Procedure

  1. Install the OpenShift Serverless components manually by following the instructions in the Red Hat OpenShift Serverless documentation.
  2. You must also configure workflow persistence to prevent workflow context from being lost when the Pod restarts. You can do this configuration at the namespace level using the SonataFlowPlatform or SonataFlow custom resources (CR). For detailed instructions on configuring persistence using the SonataFlowPlatform or SonataFlow custom resources, see Managing workflow persistence.
  3. (Optional) If required, deploy a custom PostgreSQL database.

1.4.3. Installing components using the RHDH helper script

You can use the RHDH helper script plugin-infra.sh to quickly install the OpenShift Serverless infrastructure and Openshift Serverless Logic infrastructure required by the Orchestrator plugin.

Warning

Do not use plugin-infra.sh in production.

Procedure

  1. Download the plugin-infra.sh script as shown in the following example: 

    curl -sSLO https://raw.githubusercontent.com/redhat-developer/rhdh-operator/refs/heads/release-${PRODUCT_VERSION}/config/profile/rhdh/plugin-infra/plugin-infra.sh # Specify the Red Hat Developer Hub version in the URL or use main

  2. Run the script: 

    $ ./plugin-infra.sh

2. Build and deploy serverless workflows

To deploy a workflow and make it available in the Orchestrator plugin, follow these main steps:

  • Building workflow images
  • Generating workflow manifests
  • Deploying workflows to a cluster

This process moves the workflow from your local machine to deployment on a cluster.

2.1. Benefits of workflow images

While the OpenShift Serverless Logic Operator supports the building of workflows dynamically, this approach is primarily for experimentation. For production deployments, building images is the preferred method due to the following reasons:

  • Production readiness: Prebuilt images can be scanned, secured, and tested before going live.
  • GitOps compatibility: The Orchestrator relies on a central OpenShift Serverless Logic Operator instance to track workflows and their state. To use this tracking service, you must deploy workflows with the gitops profile, which expects a prebuilt image.
  • Testing and quality: Building an image gives you more control over the testing process.

2.1.1. Project structure overview

The project utilizes Quarkus project layout (Maven project structure). This structure is illustrated by the following 01_basic workflow example: 

01_basic
├── pom.xml
├── README.md
└── src
    └── main
        ├── docker
        │   ├── Dockerfile.jvm
        │   ├── Dockerfile.legacy-jar
        │   ├── Dockerfile.native
        │   └── Dockerfile.native-micro
        └── resources
            ├── application.properties
            ├── basic.svg
            ├── basic.sw.yaml
            ├── schemas
            │   ├── basic__main-schema.json
            │   └── workflow-output-schema.json
            └── secret.properties

The main workflow resources are located under the src/main/resources/ directory.

The kn-workflow CLI generated this project structure. You can try generating the structure yourself by following the Getting Started guide. For more information on the Quarkus project, see Creating your first application.

2.1.2. Creating and running your serverless workflow project locally

The kn-workflow CLI is an essential tool that generates workflow manifests and project structures. To ensure successful development and immediate testing, begin developing a new serverless workflow locally by completing the following steps:

Procedure

  1. Use the kn-workflow CLI to create a new workflow project, which adheres to the Quarkus structure as shown in the following example: 

    kn-workflow quarkus create --name <specify project name, for example ,00_new_project>

  2. Edit the workflow, add schema and specific files, and run it locally from project folder as shown in the following example: 

    kn-workflow quarkus run

  3. Run the workflow locally using the kn-workflow run which pulls the following image: 

    registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8:1.36.0

  4. For building the workflow image, the kn-workflow CLI pulls the following images: 

    registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8:1.36.0-8
registry.access.redhat.com/ubi9/openjdk-17:1.21-2

Additional resources

2.2. Building workflow images locally

You can use the build script (build.sh) to build workflow images. You can run it either locally or inside a container. This section highlights how build workflow images locally.

Procedure

  1. Clone the project as shown in the following example: 

    git clone git@github.com:rhdhorchestrator/orchestrator-demo.git
cd orchestrator-demo

  2. Check the help menu of the script: 

    ./scripts/build.sh --help

  3. Run the build.sh script, providing the required flags, for instance, the image path (-i), workflow source directory (-w), and manifests output directory (-m).

    Important

    You must specify the full target image path with a tag as shown in the following example: 

    ./scripts/build.sh --image=quay.io/orchestrator/demo-basic:test -w 01_basic/ -m 01_basic/manifests

2.2.1. The build-sh script functionality and important flags

The build-sh script does the following tasks in order:

  • Generates workflow manifests using the kn-workflow CLI.
  • Builds the workflow image using podman or docker.
  • Optional: The script pushes the images to an image registry and deploys the workflow using kubectl.

You can review the script configuration options and see available flags and their functions by accessing the help menu: 

./scripts/build.sh [flags]

The following flags are essential for running the script:

FlagDescription

-i, --image

Required: Full image path, for example, quay.io/orchestrator/demo:latest

-w, --workflow-directory

Workflow source directory (default is the current directory)

-m, --manifests-directory

Where to save generated manifests

--push

Push the image to the registry

--deploy

Deploy the workflow

-h, --help

Show the help message

Tip

The script also supports builder and runtime image overrides, namespace targeting, and persistence flags.

2.2.2. Environment variables supported by the build script

The build-sh script supports the following environment variables to customize the workflow build process without modifying the script itself:

QUARKUS_EXTENSIONS

The QUARKUS_EXTENSIONS variable specifies additional Quarkus extensions required by the workflow. This variable takes the format of a comma-separated list of fully qualified extension IDs as shown in the following example: 

export QUARKUS_EXTENSIONS="io.quarkus:quarkus-smallrye-reactive-messaging-kafka"

Add Kafka messaging support or other integrations at build time.

MAVEN_ARGS_APPEND

The MAVEN_ARGS_APPEND variable appends additional arguments to the Maven build command. This variable takes the format of a string of Maven CLI arguments as shown in the following example: 

export MAVEN_ARGS_APPEND="-DmaxYamlCodePoints=35000000"

Control build behavior. For example, set maxYamlCodePoints parameter that controls the maximum input size for YAML input files to 35000000 characters (~33MB in UTF-8).

2.2.3. Required tools

To run the build-sh script locally and manage the workflow lifecycle, you must install the following command-line tools:

ToolConceptual Purpose.

podman or docker

Container runtime required for building the workflow images.

kubectl

Kubernetes CLI.

yq

YAML processor.

jq

JSON processor.

curl, git, find, which

Shell utilities.

kn-workflow

CLI for generating workflow manifests.

2.2.4. Building the 01_basic workflow

To run the script from the root directory of the repository, you must use the -w flag to point to the workflow directory. Additionally, specify the output directory with the -m flag.

Prerequisites

  • You have specified the target image using a tag.

Procedure

  1. Run the following command: 

    ./scripts/build.sh --image=quay.io/orchestrator/demo-basic:test -w 01_basic/ -m 01_basic/manifests

    This build command produces the following two artifacts:

    • A workflow image and Kubernetes manifests: quay.io/orchestrator/demo-basic:test and tagged as latest.
    • Kubernetes manifests under: 01_basic/manifests/
  2. Optional: You can add the --push flag to automatically push the image after building. Otherwise, pushing manually is mandatory before deploying.

2.3. Generated workflow manifests

The following example is an illustration of what is generated under the 01_basic/manifests: 

01_basic/manifests
├── 00-secret_basic-secrets.yaml
├── 01-configmap_basic-props.yaml
├── 02-configmap_01-basic-resources-schemas.yaml
└── 03-sonataflow_basic.yaml
00-secret_basic-secrets.yaml
Contains secrets from 01_basic/src/main/resources/secret.properties. Values are not required at this stage as you can set them later after applying CRs or when using GitOps.

In OpenShift Serverless Logic v1.36, after updating a secret, you must manually restart the workflow Pod for changes to apply.

01-configmap_basic-props.yaml
Holds application properties from application.properties. Any change to this ConfigMap triggers an automatic Pod restart.
02-configmap_01-basic-resources-schemas.yaml

Contains JSON schemas from src/main/resources/schemas.

Note

You do not need to deploy certain configuration resources when using the GitOps profile.

03-sonataflow_basic.yaml

The SonataFlow custom resource (CR) that defines the workflow. 

podTemplate:
  container:
    image: quay.io/orchestrator/demo-basic
    resources: {}
    envFrom:
      - secretRef:
          name: basic-secrets
persistence:
  postgresql:
    secretRef:
      name: sonataflow-psql-postgresql
      userKey: <your_postgres_username>
      passwordKey: <your_postgres_password>
    serviceRef:
      name: sonataflow-psql-postgresql
      port: 5432
      databaseName: sonataflow
      databaseSchema: basic

where:

postgresql:secretRef:name
Enter the Secret name for your deployment.
postgresql:secretRef:userKey
Enter the key for your deployment.
postgresql:secretRef:passwordKey
Enter the password for your deployment.
postgresql:serviceRef:name

Enter the Service name for your deployment.

If you must connect to an external database, replace serviceRef with jdbcUrl. See Managing workflow persistence.

By default, the script generates all the manifests without a namespace. You can specify a namespace to the script by using the --namespace flag if you know the target namespace in advance. Otherwise, you must provide the namespace when applying the manifests to the cluster. See Configuring workflow services.

2.4. Deploying workflows on a cluster

You can deploy the workflow on a cluster, since the image is pushed to the image registry and the deployment manifests are available.

Prerequisites

  • You have an OpenShift Container Platform cluster with the following versions of components installed:

  • You must apply the workflow manifests in a namespace that contains a SonataflowPlatform custom resource (CR), which manages the supporting services.

Procedure

  1. Use the kubectl create command specifying the target namespace to apply the Kubernetes manifests as shown in the following example: 

    kubectl create -n <your_namespace> -f ./01_basic/manifests/.

  2. After deployment, monitor the status of the workflow pods as shown in the following example: 

    kubectl get pods -n <your_namespace> -l app=basic

    The pod may initially appear in an Error state because of missing or incomplete configuration in the Secret or ConfigMap.

  3. Inspect the Pod logs as shown in the following example: 

    oc logs -n <your_namespace> basic-f7c6ff455-vwl56

    The following code is an example of the output: 

    SRCFG00040: The config property quarkus.openapi-generator.notifications.auth.BearerToken.bearer-token is defined as the empty String ("") which the following Converter considered to be null: io.smallrye.config.Converters$BuiltInConverter
java.lang.RuntimeException: Failed to start quarkus
...
Caused by: io.quarkus.runtime.configuration.ConfigurationException: Failed to read configuration properties

    The error indicates a missing property: quarkus.openapi-generator.notifications.auth.BearerToken.bearer-token.

  4. In such a case where the logs show the ConfigurationException: Failed to read configuration properties error or indicate a missing value, retrieve the ConfigMap as shown in the following example: 

    oc get -n <your_namespace> configmaps basic-props -o yaml

    The following code is an example of the sample output: 

    apiVersion: v1
data:
  application.properties: |
    # Backstage notifications service
    quarkus.rest-client.notifications.url=${BACKSTAGE_NOTIFICATIONS_URL}
    quarkus.openapi-generator.notifications.auth.BearerToken.bearer-token=${NOTIFICATIONS_BEARER_TOKEN}
...

    Resolve the placeholders using values provided using a Secret.

  5. You must edit the corresponding Secret and provide appropriate base64-encoded values to resolve the placeholders in application.properties as shown in the following example: 

    kubectl edit secrets -n <your_namespace> basic-secrets
  6. Restart the workflow Pod for Secret changes to take effect in OpenShift Serverless Logic v1.36.

Verification

  1. Verify the deployment status by checking the Pods again as shown in the following example: 

    oc get pods -n <your_namespace> -l app=basic

    The expected status for a successfully deployed workflow Pod is as shown in the following example: 

    NAME                    READY   STATUS    RESTARTS   AGE
basic-f7c6ff455-grkxd   1/1     Running   0          47s
  2. Once the Pod is in the Running state, the workflow now appears in the Orchestrator plugin inside the Red Hat Developer Hub.

Next steps

  • Inspect the provided build script to extract the actual steps and implement them in your preferred CI/CD tool, for example, GitHub Actions, GitLab CI, Jenkins, and Tekton.

3. Installing Red Hat Developer Hub with Orchestrator

To install Red Hat Developer Hub, use one of the following methods:

  • The Red Hat Developer Hub Operator
  • The Red Hat Developer Hub Helm chart

3.1. Enabling the Orchestrator plugin using Operator

You can enable the Orchestrator plugin in RHDH by configuring dynamic plugins in your Backstage custom resource (CR).

Prerequisites

  • You have installed RHDH on OpenShift Container Platform.
  • You have access to edit or create ConfigMaps in the namespace where the Backstage CR is deployed.

Procedure

  1. To enable the Orchestrator plugin with default settings, set disabled: false for the package. For example, package: "@redhat/backstage-plugin-orchestrator@<plugin_version> is set to disabled: false: 

    - package: "@redhat/backstage-plugin-orchestrator@<plugin_version>"
  disabled: false

    Example: Complete configuration of the Orchestrator plugin

    apiVersion: v1
kind: ConfigMap
metadata:
  name: orchestrator-plugin
data:
    dynamic-plugins.yaml: |
      includes:
        - dynamic-plugins.default.yaml
      plugins:
        - package: "@redhat/backstage-plugin-orchestrator@1.7.1"
          disabled: false
          pluginConfig:
            dynamicPlugins:
                frontend:
                  red-hat-developer-hub.backstage-plugin-orchestrator:
                    appIcons:
                      - importName: OrchestratorIcon
                        name: orchestratorIcon
                    dynamicRoutes:
                      - importName: OrchestratorPage
                        menuItem:
                          icon: orchestratorIcon
                          text: Orchestrator
                        path: /orchestrator
                    entityTabs:
                      - path: /workflows
                        title: Workflows
                        mountPoint: entity.page.workflows
                    mountPoints:
                      - mountPoint: entity.page.workflows/cards
                      importName: OrchestratorCatalogTab
                      config:
                        layout:
                          gridColumn: '1 / -1'
                          if:
                            anyOf:
                              - IsOrchestratorCatalogTabAvailable
        - package: "@redhat/backstage-plugin-orchestrator-backend-dynamic@1.7.1"
          disabled: false
          pluginConfig:
            orchestrator:
              dataIndexService:
                url: http://sonataflow-platform-data-index-service
          dependencies:
            - ref: sonataflow
        - package: "@redhat/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic@1.7.1"
          disabled: false
          pluginConfig:
            orchestrator:
              dataIndexService:
                url: http://sonataflow-platform-data-index-service
        - package: "@redhat/backstage-plugin-orchestrator-form-widgets@1.7.1"
          disabled: false
          pluginConfig:
            dynamicPlugins:
              frontend:
                red-hat-developer-hub.backstage-plugin-orchestrator-form-widgets: { }
---
apiVersion: rhdh.redhat.com/v1alpha3
kind: Backstage
metadata:
  name: orchestrator
spec:
  application:
    appConfig:
      configMaps:
        - name: app-config-rhdh
    dynamicPluginsConfigMapName: orchestrator-plugin

  2. Create a secret containing the BACKEND_SECRET value as shown in the following example: 

    apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config-rhdh
data:
  app-config-rhdh.yaml: |-
    auth:
      environment: development
      providers:
        guest:
          # using the guest user to query the '/api/dynamic-plugins-info/loaded-plugins' endpoint.
          dangerouslyAllowOutsideDevelopment: true
    backend:
      auth:
        externalAccess:
          - type: static
            options:
              token: ${BACKEND_SECRET}
              subject: orchestrator
---
apiVersion: v1
kind: Secret
metadata:
  name: backend-auth-secret
stringData:
  # generated with the command below (from https://backstage.io/docs/auth/service-to-service-auth/#setup):
  # node -p 'require("crypto").randomBytes(24).toString("base64")'
  # notsecret
  BACKEND_SECRET: "R2FxRVNrcmwzYzhhN3l0V1VRcnQ3L1pLT09WaVhDNUEK"

  3. Configure your Backstage CR to update the secret name in the extraEnvs field as shown in the following example: 

    apiVersion: rhdh.redhat.com/v1alpha4
kind: Backstage
metadata:
  name: orchestrator
spec:
  application:
    appConfig:
      configMaps:
        - name: app-config-rhdh
    dynamicPluginsConfigMapName: orchestrator-plugin
    extraEnvs:
      secrets:
          # secret that contains the BACKEND_SECRET key
        - name: backend-auth-secret

Verification

  • In the RHDH console, confirm that the Orchestrator frontend and backend features are available.

3.2. Installing Red Hat Developer Hub (RHDH) on OpenShift Container Platform with the Orchestrator using the Helm CLI

You can install Red Hat Developer Hub (RHDH) on OpenShift Container Platform with the Orchestrator by using the Helm CLI. The installation automatically enables the required dynamic plugins and integrates workflow infrastructure.

Prerequisites

  • You are logged in as an administrator and have access to the Red Hat Developer Hub Helm chart repository.

  • You can install the necessary infrastructures resources, such as SonataFlow, alongside RHDH in the same namespace.

    This is a one-off requirement and must be completed before enabling the Orchestrator plugin.

Procedure

  1. As an administrator, install relevant cluster-wide resources. 

    helm repo add openshift-helm-charts https://charts.openshift.io/
helm install <release_name> openshift-helm-charts/redhat-developer-hub-orchestrator-infra
    Important

    You must be an administrator to install the redhat-developer-hub-orchestrator-infra Helm chart because it deploys additional cluster-scoped OpenShift Serverless and OpenShift Serverless Logic Operators. As an administrator, you must manually approve the install plans for OpenShift Serverless and Serverless Logic Operators.

  2. Install the Backstage chart with the orchestrator enabled as shown in the following example: 

    $ helm install <release_name> openshift-helm-charts/redhat-developer-hub --version 1.8.0 \
  --set orchestrator.enabled=true

  3. (Optional) Enable Notifications and Signals plugins by adding them to the global.dynamic.plugins list in your values.yaml file as shown in the following example: 

    global:
  dynamic:
    plugins:
      - disabled: false
        package: "./dynamic-plugins/dist/backstage-plugin-notifications"
      - disabled: false
        package: "./dynamic-plugins/dist/backstage-plugin-signals"
      - disabled: false
        package: "./dynamic-plugins/dist/backstage-plugin-notifications-backend-dynamic"
      - disabled: false
        package: "./dynamic-plugins/dist/backstage-plugin-signals-backend-dynamic"

  4. (Optional) You can disable the Serverless Logic and Serverless Operators individually or together by setting their values to false, as shown in the following example: 

    helm install <release_name> openshift-helm-charts/redhat-developer-hub \
  --version 1.8.0 \
  --set orchestrator.enabled=true \
  --set orchestrator.serverlessOperator=false \
  --set orchestrator.serverlessLogicOperator=false

  5. (Optional) If you are using an external database, add the following configuration under orchestrator.sonataflowPlatform in your values.yaml file: 

    orchestrator:
  sonataflowPlatform:
    externalDBsecretRef: "<cred-secret>"
    externalDBName: "<database_name>" # The name of the user-configured existing database (Not the database that the orchestrator and sonataflow resources use).
    externalDBHost: "<database_host>"
    externalDBPort: "<database_port>"
    Note

    This step only configures the Orchestrators use of an external database. To configure Red Hat Developer Hub to use an external PostgreSQL instance, follow the steps in Configuring a PostgreSQL instance using Helm.

Verification

  1. Verify that the Orchestrator plugin is visible in the Red Hat Developer Hub UI.
  2. Create and run sample workflows to confirm the orchestration is functioning correctly.

3.3. Install Red Hat Developer Hub (RHDH) using Helm from the OpenShift Container Platform web console

You can install Red Hat Developer Hub (RHDH) with the Orchestrator by using the (OpenShift Container Platform) web console. This method is useful if you prefer a graphical interface or want to deploy cluster-wide resources without using the Helm CLI.

Prerequisites

  • You are logged in to the OpenShift Container Platform web console as an administrator.
  • You have access to the Red Hat Developer Hub Helm chart repository.
  • Your cluster has internet access or the Helm charts are mirrored in a disconnected environment.

Procedure

  1. In the OpenShift Container Platform web console, go to the Helm Charts and verify that the Red Hat Developer Hub Helm chart repository is available.

  2. Search for the Orchestrator infrastructure for Red Hat Developer Hub and select Install.

    Important

    You must be an administrator to install the Orchestrator Infrastructure for Red Hat Developer Hub Helm chart because it deploys cluster-scoped resources. As an administrator, you must manually approve the install plans for OpenShift Serverless and Serverless Logic Operators.

    As a regular user, search for the Red Hat Developer Hub chart and install it by setting the value of orchestrator.enabled to true. Otherwise, the Orchestrator will not be deployed.

  3. Wait until they are successfully deployed.
  4. Monitor the deployment status by navigating to Pods or releases.

Verification

After deployment completes:

  • The orchestrator-related pods are running in the selected namespace.
  • Cluster-wide resources are present.
  • You can start connecting the orchestrator to your Red Hat Developer Hub UI.

3.4. Resource limits for installing Red Hat Developer Hub with the Orchestrator plugin when using Helm

When installing Red Hat Developer Hub (RHDH) with the Orchestrator plugin using Helm, the chart defines default CPU and memory limits for the SonataFlowPlatform component.

These limits are enforced by the cluster so that pods do not exceed their allocated resources.

  1. Default resource limits
ResourceDefault value

CPU limits

500m

Memory limits

1Gi

  1. You can override these values in any of the following ways:

    • With values.yaml
    • With --set flags

  2. Override defaults with values.yaml as shown in the following example: 

    orchestrator:
  enabled: true
  sonataflowPlatform:
  resources:
      limits:
        cpu: "500m"
        memory: "1Gi"

  3. Override with --set as shown in the following example: 

    helm upgrade --install <release_name>  openshift-helm-charts/redhat-developer-hub \
  --set orchestrator.enabled=true \
  --set orchestrator.sonataflowPlatform.resources.requests.cpu=500m \
  --set orchestrator.sonataflowPlatform.resources.requests.memory=128Mi \
  --set orchestrator.sonataflowPlatform.resources.limits.cpu=1 \
  --set orchestrator.sonataflowPlatform.resources.limits.memory=2Gi
    Note

    The --set setting is applicable only when orchestrator.enabled is true. By default, it is set to false.

4. Installing Orchestrator plugin in an air-gapped environment

You can configure Red Hat Developer Hub (RHDH) with Orchestrator plugin in an air-gapped environment by using either the Operator or Helm chart.

4.1. Installing Red Hat Developer Hub with Orchestrator in an air-gapped OpenShift Container Platform environment using Operator

You can install Red Hat Developer Hub with Orchestrator plugin in an air-gapped environment using Operator.

In a network-restricted environment, a disconnected installation prevents unauthorized access, data transfer, or communication with external sources.

Prerequisites

  • You have mirrored the Red Hat Developer Hub Operator images to the local registry using the included script. For RHDH installation using Operator, the mirroring script automatically deploys the RHDH Operator for you.
  • You have set up your disconnected environment using a local registry.
  • You have permissions to push NPM packages to a local NPM server.
  • Optional: Create and configure a local NPM server.

Procedure

  1. Mirror the images for the Serverless Operator 1.36 and the Serverless Logic Operator 1.36 using tools like Skopeo or podman.

    Run the following command to generate the OpenShift Serverless Logic Operator images: 

    IMG=registry.redhat.io/openshift-serverless-1/logic-operator-bundle:1.36.0-8
mkdir local-manifests-osl
podman create --name temp-container "$IMG" -c "cat /manifests/logic-operator-rhel8.clusterserviceversion.yaml"
podman cp temp-container:/manifests ./local-manifests-osl
podman rm temp-container
yq -r '.data."controllers_cfg.yaml" | from_yaml | .. | select(tag == "!!str") | select(test("^.\\/.:.*$"))' ./local-manifests-osl/manifests/logic-operator-rhel8-controllers-config_v1_configmap.yaml
yq -r '.. | select(has("image")) | .image' ./local-manifests-osl/manifests/logic-operator-rhel8.clusterserviceversion.yaml
podman image inspect "$IMG" --format '{{ index .RepoDigests 0 }}'

    • OpenShift Serverless Logic Operator images: 

      gcr.io/kaniko-project/warmer:v1.9.0
gcr.io/kaniko-project/executor:v1.9.0
registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-rhel8-operator@sha256:8d3682448ebdac3aeabb2d23842b7e67a252b95f959c408af805037f9728fd3c
registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:4564ca3dc5bac80d6faddaf94c817fbbc270698a9399d8a21ee1005d85ceda56
registry.redhat.io/openshift-serverless-1/logic-rhel8-operator@sha256:8d3682448ebdac3aeabb2d23842b7e67a252b95f959c408af805037f9728fd3c
registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:4564ca3dc5bac80d6faddaf94c817fbbc270698a9399d8a21ee1005d85ceda56
registry.redhat.io/openshift-serverless-1/logic-operator-bundle@sha256:5fff2717f7b08df2c90a2be7bfb36c27e13be188d23546497ed9ce266f1c03f4

      Run the following command to generate the Serverless Operator images: 

      IMG=registry.redhat.io/openshift-serverless-1/serverless-operator-bundle:1.36.0
podman run --rm --entrypoint bash "$IMG" -c "cat /manifests/serverless-operator.clusterserviceversion.yaml" | yq '.spec.relatedImages[].image' | sort | uniq
podman pull "$IMG"
podman image inspect "$IMG" --format '{{ index .RepoDigests 0 }}'

    • Serverless Operator images: 

      registry.access.redhat.com/ubi8/nodejs-20-minimal@sha256:a2a7e399aaf09a48c28f40820da16709b62aee6f2bc703116b9345fab5830861
registry.access.redhat.com/ubi8/openjdk-21@sha256:441897a1f691c7d4b3a67bb3e0fea83e18352214264cb383fd057bbbd5ed863c
registry.access.redhat.com/ubi8/python-39@sha256:27e795fd6b1b77de70d1dc73a65e4c790650748a9cfda138fdbd194b3d6eea3d
registry.redhat.io/openshift-serverless-1/kn-backstage-plugins-eventmesh-rhel8@sha256:69b70200170a2d399ce143dca9aff5fede2d37a74040dc5ddf2206deadc9a33f
registry.redhat.io/openshift-serverless-1/kn-client-cli-artifacts-rhel8@sha256:d8e04e8d46ecec005504652b8cb4ead29452a6a89e47d568df0a24971240e9d9
registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel8@sha256:989cb97cf626ae8637b32d519802250d208f466a5d6ff05d6bab105b978c976a
registry.redhat.io/openshift-serverless-1/kn-ekb-dispatcher-rhel8@sha256:4cb73eedb5c7841bff08ba5e55a48fde37ed9a0921fb88b381eaa7422fe2b00d
registry.redhat.io/openshift-serverless-1/kn-ekb-kafka-controller-rhel8@sha256:4fa519b1d4ef7f0219bae21febe73012ca261c12b3c08a9732088b7dfe37f65a
registry.redhat.io/openshift-serverless-1/kn-ekb-post-install-rhel8@sha256:402956ddf4f8da30aa234cf1d151b02f1bef29de604cad2441d65584117a3912
registry.redhat.io/openshift-serverless-1/kn-ekb-receiver-rhel8@sha256:bd48166615c132dd95a3792a6c610b1d977bad7c126a5532c47330ad3899e1ef
registry.redhat.io/openshift-serverless-1/kn-ekb-webhook-kafka-rhel8@sha256:7a4ffa3ae32dc289917b9a9c7c5ca251dc8586ba64719a126164656eecfeef14
registry.redhat.io/openshift-serverless-1/kn-eventing-apiserver-receive-adapter-rhel8@sha256:8ebbf3cd6a980896e03dc4818dede80856743c24a551d9c399f9b65c0816e2b3
registry.redhat.io/openshift-serverless-1/kn-eventing-channel-controller-rhel8@sha256:b3c9b5db3db34f454a86a81b87843934a5b8e5960cf1fa446650a35b7c2b1778
registry.redhat.io/openshift-serverless-1/kn-eventing-channel-dispatcher-rhel8@sha256:97adc8d4ab32770e00a2ae0096d45d9cd0c053a99292202bc24e6e9a60d92970
registry.redhat.io/openshift-serverless-1/kn-eventing-controller-rhel8@sha256:d6aff2e731bd8fa4f8a472ab2b6cb08103e0ba04ba353918484813864d89c082
registry.redhat.io/openshift-serverless-1/kn-eventing-filter-rhel8@sha256:e348715064edc914fd45071cb2e5e0e967bd26ce0542372a833a4ede78bf2822
registry.redhat.io/openshift-serverless-1/kn-eventing-ingress-rhel8@sha256:4519eba6fa2a6c6c10f0d97992c1e911ea1ce4cf00ac9025b9b334671b0d1e14
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-ddb-streams-source-rhel8@sha256:6e2272266a877c42350c6e92bd9d97e407160de8bc29c1ab472786409548f69d
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-s3-sink-rhel8@sha256:a6649ecd10ea7e3cca8d254a4a4a203d585cf1a485532fcb8f77053422ab0405
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-s3-source-rhel8@sha256:ac8fad706d8e47118572a5c99f669b337962920498fd4c31796e2e707f8ff11e
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-sns-sink-rhel8@sha256:e0b8f3759beb0a01314c3e6f9a165d286ac7e0e5ed9533df30209f873d3e8787
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-sqs-sink-rhel8@sha256:7fc8171b21af336f5c512d0f484e363d0d32f6f11211621f572827cf71bf4cf6
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-sqs-source-rhel8@sha256:925b30dbcc13075348fa35ad8e28abad88b1e632e45ff76bcd40dcacf1eaf5c1
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-log-sink-rhel8@sha256:c4641ac936196229a6dc035194799d24493eaa45cc3e0b21d79a9704860d2028
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-timer-source-rhel8@sha256:3c054f0fbbeb1428b8d88927d6b219bf5ba8c744434ebc4013351ad6494540a3
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-transform-jsonata-rhel8@sha256:1451bcf5004a32a6a183836ebf3f5c0af397da6c8d176a36bcc750c726e1f408
registry.redhat.io/openshift-serverless-1/kn-eventing-istio-controller-rhel8@sha256:a39bc62f77a5303f286e43bc8c47bb0452ad6f44228efc3e8d54798b5aaeb4d6
registry.redhat.io/openshift-serverless-1/kn-eventing-jobsink-rhel8@sha256:2553b7302376ec89216934b783e9db8122693f74b428a41e94c5ec7ffc48a414
registry.redhat.io/openshift-serverless-1/kn-eventing-migrate-rhel8@sha256:6538bbb2a59b31e03d2e74e93db81b15647308812f2354d6868680d8b48a706c
registry.redhat.io/openshift-serverless-1/kn-eventing-mtchannel-broker-rhel8@sha256:65c7c98a65f09ff01ef875d505be153bad54213bf6c3210fecee238e45887b0b
registry.redhat.io/openshift-serverless-1/kn-eventing-mtping-rhel8@sha256:887f33ae9c7d8e52764b3af4a78898769cd52eb47e6e9913fe71d7e890d9816a
registry.redhat.io/openshift-serverless-1/kn-eventing-webhook-rhel8@sha256:4a2924e282a3612e00de4bfee5a8c963c9b65b962a4c7d72f999bd493026f92a
registry.redhat.io/openshift-serverless-1/kn-plugin-event-sender-rhel8@sha256:f7795088777ea84fc6180b81b6131962944e34918e2c06671033a1a572581773
registry.redhat.io/openshift-serverless-1/kn-plugin-func-func-util-rhel8@sha256:b0eb1f0b2f180afb207186267601665f2979c4cf21a0e434e7601123e3826716
registry.redhat.io/openshift-serverless-1/kn-serving-activator-rhel8@sha256:4cf5431ee984d7cb7e6a87504e151a31130e18f1448d1eca56fbc294ee3020e4
registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-hpa-rhel8@sha256:f55ccbe4baf5829f98eb4fe7f802165d9209fe34dc8854a4eef70e471dcc1f97
registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-rhel8@sha256:0e273607b7d8ee6e2e542e02a2f6cfb04c144d4b70cf1fbc58d1041e26d283ab
registry.redhat.io/openshift-serverless-1/kn-serving-controller-rhel8@sha256:fdf01c170795da9598007bddf34c74e4a2b6d4c10ac2a0ad7010f30c8eb84149
registry.redhat.io/openshift-serverless-1/kn-serving-queue-rhel8@sha256:be27abd8e30d0e9b0245d5d99800290231aa246931bdbf65a757eac49f7d9ad9
registry.redhat.io/openshift-serverless-1/kn-serving-storage-version-migration-rhel8@sha256:dafcf4ee3a5836f2744e786fafd2911264a6f043d7cf17bf8cdf7b75ab9b3ff6
registry.redhat.io/openshift-serverless-1/kn-serving-webhook-rhel8@sha256:6dfc77b18f5f03fbc918f33ab5916344b546085e3cd57632d71ddb73022b5222
registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8@sha256:06100687f4d3b193fe289b45046d11bf5439f296f0c9b1e62fe16ed8624ae251
registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8@sha256:6939d0ec31480dbfa172783d2531f6497c38dd18b0cbcc1597413e7dd49a4d62
registry.redhat.io/openshift-serverless-1/net-kourier-kourier-rhel8@sha256:1b3f3be13ff69f520ace648989ae7053b26a872af3c2baade05adfc8513f2afd
registry.redhat.io/openshift-serverless-1/serverless-ingress-rhel8@sha256:db94f6b64ac3e618c0dad70032ad3e723122d2dd566dd4099cd5f81e3f28ae8e
registry.redhat.io/openshift-serverless-1/serverless-kn-operator-rhel8@sha256:dd788378be08cd5de076fe6fe7255ec21486697197f9390c0f8afc6be0901150
registry.redhat.io/openshift-serverless-1/serverless-must-gather-rhel8@sha256:5b7aba60fba1db136c893ecdd34aa592f6079564457b6bff183218ea29f1aae1
registry.redhat.io/openshift-serverless-1/serverless-openshift-kn-rhel8-operator@sha256:9d89f51d04418acaeb36c3c0c9d6917ea29ca1d5b39df05a80da19318ea2c51c
registry.redhat.io/openshift-service-mesh/proxyv2-rhel8@sha256:8ee57a44b1fc799fd8565eb339955773bd9beedcbf46f68628ee0bd4abf26515
registry.redhat.io/openshift4/ose-kube-rbac-proxy-rhel9@sha256:92a83b201580d29aec7ee85ccc2984576c4a364b849e504225888d6f1fb9b0d2
registry.redhat.io/rhel8/buildah@sha256:3d505d9c0f5d4cd5a4ec03b8d038656c6cdbdf5191e00ce6388f7e0e4d2f1b74
registry.redhat.io/openshift-serverless-1/serverless-operator-bundle@sha256:2d675f8bf31b0cfb64503ee72e082183b7b11979d65eb636fc83f4f3a25fa5d0

      Recommendation: When fetching the list of required images, make sure you are using the latest version of the bundle operator, 1.36 to avoid missing or having outdated image references. For more information, refer to Compatibility guide for Orchestrator.

  2. Create the ImageTagMirrorSet and ImageDigestMirrorSet for the Serverless Functions (SF) images as shown in the following examples:

    • Creating ImageTagMirrorSet for the SF images: 

      apiVersion: config.openshift.io/v1
kind: ImageTagMirrorSet
metadata:
  name: rhdh-tag-mirror
spec:
 imageTagMirrors:
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-operator-bundle'
     source: registry.redhat.io/openshift-serverless-1/logic-operator-bundle
   - mirrors:
       - '<my.registry.example.com>/openshift4/ose-cli'
     source: registry.redhat.io/openshift4/ose-cli
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-jobs-service-postgresql-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-data-index-postgresql-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-data-index-ephemeral-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-swf-builder-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-swf-devmode-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8

    • Creating ImageDigestMirrorSet for the SF images: 

      kind: ImageDigestMirrorSet
apiVersion: config.openshift.io/v1
metadata:
 name: rhdhorchestrator-mirror
spec:
 imageDigestMirrors:
   # Chart deployment
   - source: registry.redhat.io/openshift4/ose-cli
     mirrors:
       - <my.registry.example.com>/ose-cli
   - source: registry.access.redhat.com/ubi9-minimal
     mirrors:
       - <my.registry.example.com>/ubi9-minimal
   # Serverless workflows
   - source: registry.redhat.io/openshift-serverless-1/logic-rhel8-operator
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-rhel8-operator
   - source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-jobs-service-postgresql-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-data-index-postgresql-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-data-index-ephemeral-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-swf-builder-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-swf-devmode-rhel8
   # RHDH
   - source: registry.redhat.io/rhdh/rhdh-rhel9-operator
     mirrors:
       - <my.registry.example.com>/rhdh/rhdh-rhel9-operator
   - source: registry.redhat.io/rhdh/rhdh-operator-bundle
     mirrors:
       - <my.registry.example.com>/rhdh/rhdh-operator-bundle
   - source: registry.redhat.io/rhdh/rhdh-hub-rhel9
     mirrors:
       - <my.registry.example.com>/rhdh/rhdh-hub-rhel9
   # Knative Serving
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-activator-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-activator-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-autoscaler-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-hpa-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-autoscaler-hpa-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-controller-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-controller-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-webhook-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-webhook-rhel8
   # Knative Serving Ingress
   - source: registry.redhat.io/openshift-serverless-1/kourier-control-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kourier-control-rhel8
   - source: registry.redhat.io/openshift-service-mesh/proxyv2-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-service-mesh/proxyv2-rhel8
   # Knative Eventing
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-controller-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-controller-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-apiserver-receive-adapter-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-apiserver-receive-adapter-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-webhook-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-webhook-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-channel-controller-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-channel-controller-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-channel-dispatcher-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-channel-dispatcher-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-jobsink-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-jobsink-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-mtchannel-broker-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-mtchannel-broker-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-filter-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-filter-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-ingress-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-ingress-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-mtping-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverle
ss-1/kn-eventing-mtping-rhel8
      Note

      If these objects already exist from the previous image mirroring step, you can skip this task.

  3. Wait for all the nodes to update after applying the ImageTagMirrorSet. Track the update using the following command: 

    oc get mcp -A

    Once all Machine Config Pools (MCP) are applied, the new image configuration propagates to all nodes.

  4. Download the Node Package Manager (NPM) packages for orchestrator 1.8.0 using the following methods:

  5. Push the NPM packages you have downloaded to a local NPM server as shown in the following example: 

    npm publish backstage-plugin-orchestrator-1.8.0.tgz
npm publish backstage-plugin-orchestrator-backend-dynamic-1.8.0.tgz
npm publish backstage-plugin-orchestrator-form-widgets-1.8.0.tgz
npm publish backstage-plugin-scaffolder-backend-module-orchestrator-dynamic-1.8.0.tgz
  6. Install the OpenShift Serverless Operator and OpenShift Serverless Logic Operators using the OperatorHub.
  7. Create a Backstage custom resource (CR).

  8. Configure the Backstage CR for the Orchestrator as described in the Orchestrator plugin dependencies for Operator installation.

    Create all the resources and configure the Backstage instance accordingly. See Configuring a custom NPM registry for instructions on how to point RHDH towards the custom NPM registry.

Verification

  • Restart the RHDH pod and wait for the components to deploy properly.
  • Once stable, go to the RHDH UI, and confirm that the Orchestrator UI is accessible and functioning correctly.
Note

The successful accessibility of the Orchestrator UI confirms that the underlying components are running and the cluster recognizes the plugin.

4.2. Installing Red Hat Developer Hub with Orchestrator in an air-gapped OpenShift Container Platform environment using Helm chart

Prerequisites

  • You have set up your disconnected environment using a local registry.
  • You have permissions to push NPM packages to a local NPM server.
  • Optional: Create and configure a local NPM server.

Procedure

  1. Mirror the Red Hat Developer Hub 1.8 Helm chart images to the local registry. See Installing Red Hat Developer Hub on OpenShift Container Platform in an air-gapped environment with the Helm chart for instructions.
  2. Mirror orchestrator-infra chart images to the local registry.

  3. Mirror the images for the Serverless Operator 1.36 and the Serverless Logic Operator 1.36 using tools like Skopeo or podman.

    Run the following command to generate the OpenShift Serverless Logic Operator images: 

    IMG=registry.redhat.io/openshift-serverless-1/logic-operator-bundle:1.36.0-8
mkdir local-manifests-osl
podman create --name temp-container "$IMG" -c "cat /manifests/logic-operator-rhel8.clusterserviceversion.yaml"
podman cp temp-container:/manifests ./local-manifests-osl
podman rm temp-container
yq -r '.data."controllers_cfg.yaml" | from_yaml | .. | select(tag == "!!str") | select(test("^.\\/.:.*$"))' ./local-manifests-osl/manifests/logic-operator-rhel8-controllers-config_v1_configmap.yaml
yq -r '.. | select(has("image")) | .image' ./local-manifests-osl/manifests/logic-operator-rhel8.clusterserviceversion.yaml
podman image inspect "$IMG" --format '{{ index .RepoDigests 0 }}'

    • OpenShift Serverless Logic Operator images: 

      gcr.io/kaniko-project/warmer:v1.9.0
gcr.io/kaniko-project/executor:v1.9.0
registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8:1.36.0
registry.redhat.io/openshift-serverless-1/logic-rhel8-operator@sha256:8d3682448ebdac3aeabb2d23842b7e67a252b95f959c408af805037f9728fd3c
registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:4564ca3dc5bac80d6faddaf94c817fbbc270698a9399d8a21ee1005d85ceda56
registry.redhat.io/openshift-serverless-1/logic-rhel8-operator@sha256:8d3682448ebdac3aeabb2d23842b7e67a252b95f959c408af805037f9728fd3c
registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:4564ca3dc5bac80d6faddaf94c817fbbc270698a9399d8a21ee1005d85ceda56
registry.redhat.io/openshift-serverless-1/logic-operator-bundle@sha256:5fff2717f7b08df2c90a2be7bfb36c27e13be188d23546497ed9ce266f1c03f4

      Run the following command to generate the Serverless Operator images: 

      IMG=registry.redhat.io/openshift-serverless-1/serverless-operator-bundle:1.36.0
podman run --rm --entrypoint bash "$IMG" -c "cat /manifests/serverless-operator.clusterserviceversion.yaml" | yq '.spec.relatedImages[].image' | sort | uniq
podman pull "$IMG"
podman image inspect "$IMG" --format '{{ index .RepoDigests 0 }}'

    • Serverless Operator images: 

      registry.access.redhat.com/ubi8/nodejs-20-minimal@sha256:a2a7e399aaf09a48c28f40820da16709b62aee6f2bc703116b9345fab5830861
registry.access.redhat.com/ubi8/openjdk-21@sha256:441897a1f691c7d4b3a67bb3e0fea83e18352214264cb383fd057bbbd5ed863c
registry.access.redhat.com/ubi8/python-39@sha256:27e795fd6b1b77de70d1dc73a65e4c790650748a9cfda138fdbd194b3d6eea3d
registry.redhat.io/openshift-serverless-1/kn-backstage-plugins-eventmesh-rhel8@sha256:69b70200170a2d399ce143dca9aff5fede2d37a74040dc5ddf2206deadc9a33f
registry.redhat.io/openshift-serverless-1/kn-client-cli-artifacts-rhel8@sha256:d8e04e8d46ecec005504652b8cb4ead29452a6a89e47d568df0a24971240e9d9
registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel8@sha256:989cb97cf626ae8637b32d519802250d208f466a5d6ff05d6bab105b978c976a
registry.redhat.io/openshift-serverless-1/kn-ekb-dispatcher-rhel8@sha256:4cb73eedb5c7841bff08ba5e55a48fde37ed9a0921fb88b381eaa7422fe2b00d
registry.redhat.io/openshift-serverless-1/kn-ekb-kafka-controller-rhel8@sha256:4fa519b1d4ef7f0219bae21febe73012ca261c12b3c08a9732088b7dfe37f65a
registry.redhat.io/openshift-serverless-1/kn-ekb-post-install-rhel8@sha256:402956ddf4f8da30aa234cf1d151b02f1bef29de604cad2441d65584117a3912
registry.redhat.io/openshift-serverless-1/kn-ekb-receiver-rhel8@sha256:bd48166615c132dd95a3792a6c610b1d977bad7c126a5532c47330ad3899e1ef
registry.redhat.io/openshift-serverless-1/kn-ekb-webhook-kafka-rhel8@sha256:7a4ffa3ae32dc289917b9a9c7c5ca251dc8586ba64719a126164656eecfeef14
registry.redhat.io/openshift-serverless-1/kn-eventing-apiserver-receive-adapter-rhel8@sha256:8ebbf3cd6a980896e03dc4818dede80856743c24a551d9c399f9b65c0816e2b3
registry.redhat.io/openshift-serverless-1/kn-eventing-channel-controller-rhel8@sha256:b3c9b5db3db34f454a86a81b87843934a5b8e5960cf1fa446650a35b7c2b1778
registry.redhat.io/openshift-serverless-1/kn-eventing-channel-dispatcher-rhel8@sha256:97adc8d4ab32770e00a2ae0096d45d9cd0c053a99292202bc24e6e9a60d92970
registry.redhat.io/openshift-serverless-1/kn-eventing-controller-rhel8@sha256:d6aff2e731bd8fa4f8a472ab2b6cb08103e0ba04ba353918484813864d89c082
registry.redhat.io/openshift-serverless-1/kn-eventing-filter-rhel8@sha256:e348715064edc914fd45071cb2e5e0e967bd26ce0542372a833a4ede78bf2822
registry.redhat.io/openshift-serverless-1/kn-eventing-ingress-rhel8@sha256:4519eba6fa2a6c6c10f0d97992c1e911ea1ce4cf00ac9025b9b334671b0d1e14
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-ddb-streams-source-rhel8@sha256:6e2272266a877c42350c6e92bd9d97e407160de8bc29c1ab472786409548f69d
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-s3-sink-rhel8@sha256:a6649ecd10ea7e3cca8d254a4a4a203d585cf1a485532fcb8f77053422ab0405
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-s3-source-rhel8@sha256:ac8fad706d8e47118572a5c99f669b337962920498fd4c31796e2e707f8ff11e
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-sns-sink-rhel8@sha256:e0b8f3759beb0a01314c3e6f9a165d286ac7e0e5ed9533df30209f873d3e8787
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-sqs-sink-rhel8@sha256:7fc8171b21af336f5c512d0f484e363d0d32f6f11211621f572827cf71bf4cf6
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-aws-sqs-source-rhel8@sha256:925b30dbcc13075348fa35ad8e28abad88b1e632e45ff76bcd40dcacf1eaf5c1
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-log-sink-rhel8@sha256:c4641ac936196229a6dc035194799d24493eaa45cc3e0b21d79a9704860d2028
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-timer-source-rhel8@sha256:3c054f0fbbeb1428b8d88927d6b219bf5ba8c744434ebc4013351ad6494540a3
registry.redhat.io/openshift-serverless-1/kn-eventing-integrations-transform-jsonata-rhel8@sha256:1451bcf5004a32a6a183836ebf3f5c0af397da6c8d176a36bcc750c726e1f408
registry.redhat.io/openshift-serverless-1/kn-eventing-istio-controller-rhel8@sha256:a39bc62f77a5303f286e43bc8c47bb0452ad6f44228efc3e8d54798b5aaeb4d6
registry.redhat.io/openshift-serverless-1/kn-eventing-jobsink-rhel8@sha256:2553b7302376ec89216934b783e9db8122693f74b428a41e94c5ec7ffc48a414
registry.redhat.io/openshift-serverless-1/kn-eventing-migrate-rhel8@sha256:6538bbb2a59b31e03d2e74e93db81b15647308812f2354d6868680d8b48a706c
registry.redhat.io/openshift-serverless-1/kn-eventing-mtchannel-broker-rhel8@sha256:65c7c98a65f09ff01ef875d505be153bad54213bf6c3210fecee238e45887b0b
registry.redhat.io/openshift-serverless-1/kn-eventing-mtping-rhel8@sha256:887f33ae9c7d8e52764b3af4a78898769cd52eb47e6e9913fe71d7e890d9816a
registry.redhat.io/openshift-serverless-1/kn-eventing-webhook-rhel8@sha256:4a2924e282a3612e00de4bfee5a8c963c9b65b962a4c7d72f999bd493026f92a
registry.redhat.io/openshift-serverless-1/kn-plugin-event-sender-rhel8@sha256:f7795088777ea84fc6180b81b6131962944e34918e2c06671033a1a572581773
registry.redhat.io/openshift-serverless-1/kn-plugin-func-func-util-rhel8@sha256:b0eb1f0b2f180afb207186267601665f2979c4cf21a0e434e7601123e3826716
registry.redhat.io/openshift-serverless-1/kn-serving-activator-rhel8@sha256:4cf5431ee984d7cb7e6a87504e151a31130e18f1448d1eca56fbc294ee3020e4
registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-hpa-rhel8@sha256:f55ccbe4baf5829f98eb4fe7f802165d9209fe34dc8854a4eef70e471dcc1f97
registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-rhel8@sha256:0e273607b7d8ee6e2e542e02a2f6cfb04c144d4b70cf1fbc58d1041e26d283ab
registry.redhat.io/openshift-serverless-1/kn-serving-controller-rhel8@sha256:fdf01c170795da9598007bddf34c74e4a2b6d4c10ac2a0ad7010f30c8eb84149
registry.redhat.io/openshift-serverless-1/kn-serving-queue-rhel8@sha256:be27abd8e30d0e9b0245d5d99800290231aa246931bdbf65a757eac49f7d9ad9
registry.redhat.io/openshift-serverless-1/kn-serving-storage-version-migration-rhel8@sha256:dafcf4ee3a5836f2744e786fafd2911264a6f043d7cf17bf8cdf7b75ab9b3ff6
registry.redhat.io/openshift-serverless-1/kn-serving-webhook-rhel8@sha256:6dfc77b18f5f03fbc918f33ab5916344b546085e3cd57632d71ddb73022b5222
registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8@sha256:06100687f4d3b193fe289b45046d11bf5439f296f0c9b1e62fe16ed8624ae251
registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8@sha256:6939d0ec31480dbfa172783d2531f6497c38dd18b0cbcc1597413e7dd49a4d62
registry.redhat.io/openshift-serverless-1/net-kourier-kourier-rhel8@sha256:1b3f3be13ff69f520ace648989ae7053b26a872af3c2baade05adfc8513f2afd
registry.redhat.io/openshift-serverless-1/serverless-ingress-rhel8@sha256:db94f6b64ac3e618c0dad70032ad3e723122d2dd566dd4099cd5f81e3f28ae8e
registry.redhat.io/openshift-serverless-1/serverless-kn-operator-rhel8@sha256:dd788378be08cd5de076fe6fe7255ec21486697197f9390c0f8afc6be0901150
registry.redhat.io/openshift-serverless-1/serverless-must-gather-rhel8@sha256:5b7aba60fba1db136c893ecdd34aa592f6079564457b6bff183218ea29f1aae1
registry.redhat.io/openshift-serverless-1/serverless-openshift-kn-rhel8-operator@sha256:9d89f51d04418acaeb36c3c0c9d6917ea29ca1d5b39df05a80da19318ea2c51c
registry.redhat.io/openshift-service-mesh/proxyv2-rhel8@sha256:8ee57a44b1fc799fd8565eb339955773bd9beedcbf46f68628ee0bd4abf26515
registry.redhat.io/openshift4/ose-kube-rbac-proxy-rhel9@sha256:92a83b201580d29aec7ee85ccc2984576c4a364b849e504225888d6f1fb9b0d2
registry.redhat.io/rhel8/buildah@sha256:3d505d9c0f5d4cd5a4ec03b8d038656c6cdbdf5191e00ce6388f7e0e4d2f1b74
registry.redhat.io/openshift-serverless-1/serverless-operator-bundle@sha256:2d675f8bf31b0cfb64503ee72e082183b7b11979d65eb636fc83f4f3a25fa5d0

      Recommendation: When fetching the list of required images, make sure you are using the latest version of the bundle operator, 1.36 to avoid missing or having outdated image references. For more information, refer to Compatibility guide for Orchestrator.

  4. Create the ImageTagMirrorSet and ImageDigestMirrorSet for the Serverless Functions (SF) images as shown in the following examples:

    • Creating ImageTagMirrorSet for the SF images: 

      apiVersion: config.openshift.io/v1
kind: ImageTagMirrorSet
metadata:
  name: rhdh-tag-mirror
spec:
 imageTagMirrors:
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-operator-bundle'
     source: registry.redhat.io/openshift-serverless-1/logic-operator-bundle
   - mirrors:
       - '<my.registry.example.com>/openshift4/ose-cli'
     source: registry.redhat.io/openshift4/ose-cli
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-jobs-service-postgresql-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-data-index-postgresql-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-data-index-ephemeral-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-swf-builder-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8
   - mirrors:
       - '<my.registry.example.com>/openshift-serverless-1/logic-swf-devmode-rhel8'
     source: registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8

    • Creating ImageDigestMirrorSet for the SF images: 

      kind: ImageDigestMirrorSet
apiVersion: config.openshift.io/v1
metadata:
 name: rhdhorchestrator-mirror
spec:
 imageDigestMirrors:
   # Chart deployment
   - source: registry.redhat.io/openshift4/ose-cli
     mirrors:
       - <my.registry.example.com>/ose-cli
   - source: registry.access.redhat.com/ubi9-minimal
     mirrors:
       - <my.registry.example.com>/ubi9-minimal
   # Serverless workflows
   - source: registry.redhat.io/openshift-serverless-1/logic-rhel8-operator
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-rhel8-operator
   - source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-jobs-service-postgresql-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-data-index-postgresql-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-data-index-ephemeral-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-swf-builder-rhel8
   - source: registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/logic-swf-devmode-rhel8
   # RHDH
   - source: registry.redhat.io/rhdh/rhdh-rhel9-operator
     mirrors:
       - <my.registry.example.com>/rhdh/rhdh-rhel9-operator
   - source: registry.redhat.io/rhdh/rhdh-operator-bundle
     mirrors:
       - <my.registry.example.com>/rhdh/rhdh-operator-bundle
   - source: registry.redhat.io/rhdh/rhdh-hub-rhel9
     mirrors:
       - <my.registry.example.com>/rhdh/rhdh-hub-rhel9
   # Knative Serving
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-activator-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-activator-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-autoscaler-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-autoscaler-hpa-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-autoscaler-hpa-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-controller-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-controller-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-serving-webhook-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-serving-webhook-rhel8
   # Knative Serving Ingress
   - source: registry.redhat.io/openshift-serverless-1/kourier-control-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kourier-control-rhel8
   - source: registry.redhat.io/openshift-service-mesh/proxyv2-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-service-mesh/proxyv2-rhel8
   # Knative Eventing
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-controller-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-controller-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-apiserver-receive-adapter-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-apiserver-receive-adapter-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-webhook-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-webhook-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-channel-controller-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-channel-controller-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-channel-dispatcher-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-channel-dispatcher-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-jobsink-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-jobsink-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-mtchannel-broker-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-mtchannel-broker-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-filter-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-filter-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-ingress-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverless-1/kn-eventing-ingress-rhel8
   - source: registry.redhat.io/openshift-serverless-1/kn-eventing-mtping-rhel8
     mirrors:
       - <my.registry.example.com>/openshift-serverle
ss-1/kn-eventing-mtping-rhel8
      Note

      If these objects already exist from the previous image mirroring step, you can skip this task.

  5. Wait for all the nodes to update after applying the ImageTagMirrorSet. Track the update using the following command: 

    oc get mcp -A

    Once all Machine Config Pools (MCP) are applied, the new image configuration propagates to all nodes.

  6. Download the Node Package Manager (NPM) packages for orchestrator 1.8.0 using the following methods:

  7. Push the NPM packages you have downloaded to a local NPM server as shown in the following example: 

    npm publish backstage-plugin-orchestrator-1.8.0.tgz
npm publish backstage-plugin-orchestrator-backend-dynamic-1.8.0.tgz
npm publish backstage-plugin-orchestrator-form-widgets-1.8.0.tgz
npm publish backstage-plugin-scaffolder-backend-module-orchestrator-dynamic-1.8.0.tgz
  8. Apply the orchestrator-infra Helm chart using the instructions provided in the Installing Red Hat Developer Hub on OpenShift Container Platform in an air-gapped environment with the Helm chart guide and approve the install plans.

  9. Apply the RHDH 1.8 Helm chart. Include the version 1.8.0 and enable the Orchestrator plugin as shown in the following example: 

    orchestrator.enabled=true

  10. The RHDH 1.8 Helm chart defaults to pulling Orchestrator plugins from the official Red Hat NPM registry using full URL references. You must override this behavior to point to your local registry.

    To configure the Orchestrator plugins to use a custom registry, complete the following steps:

    • Open your values.yaml file.

    • Explicitly list the Orchestrator plugin packages under the orchestrator.plugins section. You must replace the full URLs with the simplified package references that point to your custom NPM registry as shown in the following example: 

      - package: "@redhat/backstage-plugin-orchestrator@{product-bundle-version}"
- package: "@redhat/backstage-plugin-orchestrator-backend-dynamic@{product-bundle-version}"
- package: "@redhat/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic@{product-bundle-version}"
- package: "@redhat/backstage-plugin-orchestrator-form-widgets@{product-bundle-version}"
      Note

      Helm installs as a default the full URL of the tgz files that point towards the Red Hat NPM registry. Therefore, the redirect towards the custom registry fails when trying to access packages from a local registry.

Verification

  • Restart the RHDH pod and wait for the components to deploy properly.
  • Once stable, go to the RHDH UI, and confirm that the Orchestrator UI is accessible and functioning correctly.
Note

The successful accessibility of the Orchestrator UI confirms that the underlying components are running and the cluster recognizes the plugin.

Legal Notice

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.