Add overriding proxy for OLM

modules/olm-overriding-proxy-settings.adoc

@@ -0,0 +1,93 @@
+// Module included in the following assemblies:
+//
+// * operators/olm-adding-operators-to-cluster.adoc
+
+[id="olm-overriding-proxy-settings_{context}"]
+= Overriding an Operator's proxy settings
+
+If a cluster-wide egress proxy is configured, applications created from
+Operators using the Operator Lifecycle Manager (OLM) inherit the cluster-wide
+proxy settings on their Deployments and Pods. Cluster administrators can also
+override these proxy settings by configuring the Operator's Subscription.
+
+.Prerequisites
+
+- Access to an {product-title} cluster using an account with
+ifdef::openshift-enterprise,openshift-webscale,openshift-origin[]
+`cluster-admin` permissions.
+endif::[]
+ifdef::openshift-dedicated[]
+`dedicated-admins-cluster` permissions.
+endif::[]
+
+.Procedure
+
+. Navigate in the web console to the *Operators → OperatorHub* page.
+
+. Select the Operator and click *Install*.
+
+. On the *Create Operator Subscription* page, modify the Subscription object's
+YAML to include one or more of the following environment variables in the
+`spec` section:
++
+--
+* `HTTP_PROXY`
+* `HTTPS_PROXY`
+* `NO_PROXY`
+--
++
+For example:
++
+.Subscription object with proxy setting overrides
+[source,yaml]
+----
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: etcd-config-test
+  namespace: openshift-operators
+spec:
+  config:
+    env:
+    - name: HTTP_PROXY
+      value: test_http
+    - name: HTTPS_PROXY
+      value: test_https
+    - name: NO_PROXY
+      value: test
+  channel: clusterwide-alpha
+  installPlanApproval: Automatic
+  name: etcd
+  source: community-operators
+  sourceNamespace: openshift-marketplace
+  startingCSV: etcdoperator.v0.9.4-clusterwide
+----
++
+[NOTE]
+====
+These environment variables can also be unset using an empty value to remove any
+previously set cluster-wide or custom proxy settings.
+====
++
+OLM handles these environment variables as a unit; if at least one of them is
+set, all three are considered overridden and the cluster-wide defaults are not
+used for the subscribed Operator's Deployments.
+
+. Click *Subscribe* to make the Operator available to the selected namespaces.
+
+. After the Operator's CSV appears in the relevant namespace, you can verify that
+custom proxy environment variables are set in the Deployment. For example, using
+the CLI:
++
+----
+$ oc get deployment -n openshift-operators etcd-operator -o yaml | grep -i "PROXY" -A 2
+
+        - name: HTTP_PROXY
+          value: test_http
+        - name: HTTPS_PROXY
+          value: test_https
+        - name: NO_PROXY
+          value: test
+        image: quay.io/coreos/etcd-operator@sha256:66a37fd61a06a43969854ee6d3e21088a98b93838e284a6086b13917f96b0d9c
+...
+----

operators/olm-adding-operators-to-cluster.adoc

@@ -6,7 +6,7 @@ include::modules/common-attributes.adoc[]
 toc::[]
 
 This guide walks cluster administrators through installing Operators to an
-{product-title} cluster.
+{product-title} cluster and subscribing Operators to namespaces.
 
 include::modules/olm-installing-operators-from-operatorhub.adoc[leveloffset=+1]
 include::modules/olm-installing-from-operatorhub-using-web-console.adoc[leveloffset=+2]
@@ -15,4 +15,9 @@ include::modules/olm-installing-from-operatorhub-using-cli.adoc[leveloffset=+2]
 .Additional resources
 
 * xref:../operators/understanding_olm/olm-understanding-operatorgroups.adoc#olm-operatorgroups-about_olm-understanding-operatorgroups[About OperatorGroups]
+
+include::modules/olm-overriding-proxy-settings.adoc[leveloffset=+1]
+.Additional resources
+
+* xref:../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy]
 endif::[]