ShaunaDiaz · mikenairn · Jun 1, 2026 · Jun 3, 2026
diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml
@@ -45,11 +45,13 @@ Topics:
   File: rhcl-release-notes
 ---
 Name: Installing Connectivity Link
-Dir: install-guide
+Dir: install-rhcl
 Distros: rhcl
 Topics:
 - Name: Installing Connectivity Link
   File: install-guide
+- Name: Installing Connectivity Link in a disconnected environment
+  File: rhcl-install-disconnected
 ---
 Name: Installing the MCP gateway
 Dir: mcp_gateway_install

diff --git a/install-guide/_attributes → install-rhcl/_attributes b/install-guide/_attributes → install-rhcl/_attributes
diff --git a/install-guide/images → install-rhcl/images b/install-guide/images → install-rhcl/images
diff --git a/install-guide/install-guide.adoc → install-rhcl/install-guide.adoc b/install-guide/install-guide.adoc → install-rhcl/install-guide.adoc
diff --git a/install-guide/modules → install-rhcl/modules b/install-guide/modules → install-rhcl/modules
diff --git a/install-rhcl/rhcl-install-disconnected.adoc b/install-rhcl/rhcl-install-disconnected.adoc
@@ -0,0 +1,32 @@
+:_mod-docs-content-type: ASSEMBLY
+include::_attributes/attributes.adoc[]
+[id="rhcl-install-disconnected"]
+= Installing {prodname} in a disconnected environment
+:context: rhcl-install-disconnected
+
+toc::[]
+
+[role="_abstract"]
+You can install {prodname} on an {ocp} cluster in a disconnected environment by mirroring the required operator catalog and installing the {prodname} operator from your local mirror registry.
+
+.Prerequisites
+
+* A disconnected {ocp} cluster version 4.14 or later
+* Access to the cluster as a user with the `cluster-admin` role
+* Configured mirror registry accessible from the cluster
+* For general Operator Lifecycle Manager configuration in disconnected environments, see link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/operators/administrator-tasks#olm-restricted-networks[Using Operator Lifecycle Manager in disconnected environments]
+
+include::modules/con-rhcl-install-disconnected.adoc[leveloffset=+1]
+
+include::modules/proc-rhcl-disconnected-mirror-catalog.adoc[leveloffset=+1]
+
+include::modules/proc-rhcl-disconnected-install-operators.adoc[leveloffset=+1]
+
+include::modules/proc-rhcl-disconnected-create-kuadrant.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+== Additional resources
+
+* link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/operators/administrator-tasks#olm-restricted-networks[Using Operator Lifecycle Manager in disconnected environments]
+* link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/disconnected_environments/installing-mirroring-installation-images[Mirroring images for a disconnected installation]
+* link:https://docs.redhat.com[Red Hat Connectivity Link documentation]
diff --git a/install-guide/snippets → install-rhcl/snippets b/install-guide/snippets → install-rhcl/snippets
diff --git a/modules/con-rhcl-install-disconnected.adoc b/modules/con-rhcl-install-disconnected.adoc
@@ -0,0 +1,25 @@
+// Module included in the following assemblies:
+//
+// *install-guide/disconnected-install.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="con-rhcl-install-disconnected_{context}"]
+= About installing {prodname} in disconnected environments
+
+[role="_abstract"]
+{prodname} provides policy-driven traffic management for {ocp} clusters using Gateway API. In a disconnected environment, you must mirror the {prodname} operator catalog and its container images to your local registry before installation.
+
+The installation process involves the following steps:
+
+. Mirror the Red Hat operator catalog containing the {prodname} operator package to your local registry
+. Configure the cluster to use the mirrored catalog
+. Install the {prodname} operator using Operator Lifecycle Manager (OLM)
+. Create a `Kuadrant` custom resource to deploy the {prodname} components
+
+The {prodname} operator automatically installs the following dependency operators:
+
+* Authorino Operator - Authentication and authorization
+* Limitador Operator - Rate limiting
+* DNS Operator - DNS management
+
+All required images are included when you mirror the `rhcl-operator` package from the Red Hat catalog.
diff --git a/modules/proc-rhcl-disconnected-create-kuadrant.adoc b/modules/proc-rhcl-disconnected-create-kuadrant.adoc
@@ -0,0 +1,73 @@
+// Module included in the following assemblies:
+//
+// *install-guide/disconnected-install.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="proc-rhcl-disconnected-create-kuadrant_{context}"]
+= Creating a Kuadrant custom resource
+
+[role="_abstract"]
+After installing the {prodname} operator, create a `Kuadrant` custom resource to deploy the {prodname} components.
+
+.Prerequisites
+
+* You have installed the {prodname} operator
+* The {prodname} operator is running in the `kuadrant-system` namespace
+
+.Procedure
+
+. Create a `Kuadrant` custom resource:
++
+[source,yaml]
+----
+apiVersion: kuadrant.io/v1beta1
+kind: Kuadrant
+metadata:
+  name: kuadrant
+  namespace: kuadrant-system
+spec: {}
+----
+
+. Apply the `Kuadrant` custom resource:
++
+[source,terminal]
+----
+$ oc apply -f kuadrant.yaml
+----
+
+.Verification
+
+. Verify the `Kuadrant` resource is ready:
++
+[source,terminal]
+----
+$ oc get kuadrant kuadrant -n kuadrant-system
+----
++
+.Example output
+[source,terminal]
+----
+NAME        STATUS   AGE
+kuadrant    Ready    2m
+----
+
+. Verify all component operator pods are running:
++
+[source,terminal]
+----
+$ oc get pods -n kuadrant-system
+----
++
+.Example output
+[source,terminal]
+----
+NAME                                                READY   STATUS    RESTARTS   AGE
+authorino-operator-controller-manager-<hash>        2/2     Running   0          5m
+dns-operator-controller-manager-<hash>              2/2     Running   0          5m
+kuadrant-operator-controller-manager-<hash>         2/2     Running   0          7m
+limitador-operator-controller-manager-<hash>        2/2     Running   0          5m
+----
+
+.Next steps
+
+* Configure Gateway API resources to use {prodname} policies. See link:https://docs.redhat.com[{prodname} documentation] for examples.
diff --git a/modules/proc-rhcl-disconnected-install-operators.adoc b/modules/proc-rhcl-disconnected-install-operators.adoc
@@ -0,0 +1,110 @@
+// Module included in the following assemblies:
+//
+// *install-guide/disconnected-install.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="proc-rhcl-disconnected-install-operators_{context}"]
+= Installing the {prodname} operator
+
+[role="_abstract"]
+After mirroring the catalog, you can install the {prodname} operator using Operator Lifecycle Manager (OLM).
+
+.Prerequisites
+
+* You have mirrored the {prodname} operator catalog to your local registry
+* You have applied the catalog source to your cluster
+
+.Procedure
+
+. Create a namespace for {prodname}:
++
+[source,terminal]
+----
+$ oc create namespace kuadrant-system
+----
+
+. Create an `OperatorGroup` for the {prodname} operator:
++
+[source,yaml]
+----
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: kuadrant-operator-group
+  namespace: kuadrant-system
+spec: {}
+----
+
+. Apply the `OperatorGroup`:
++
+[source,terminal]
+----
+$ oc apply -f operatorgroup.yaml
+----
+
+. Create a `Subscription` for the {prodname} operator:
++
+[source,yaml]
+----
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: rhcl-operator
+  namespace: kuadrant-system
+spec:
+  channel: stable <1>
+  name: rhcl-operator
+  source: <catalog_source_name> <2>
+  sourceNamespace: openshift-marketplace
+----
++
+<1> Specify `stable` as the channel.
+<2> Specify the name of the `CatalogSource` object created by `oc-mirror`. You can find the catalog source name by running `oc get catalogsource -n openshift-marketplace`.
++
+[NOTE]
+====
+OLM automatically installs the Authorino, Limitador, and DNS operators based on the dependencies declared in the {prodname} operator bundle.
+====
+
+. Apply the `Subscription`:
++
+[source,terminal]
+----
+$ oc apply -f subscription.yaml
+----
+
+.Verification
+
+. Verify the {prodname} operator installed successfully:
++
+[source,terminal]
+----
+$ oc get csv -n kuadrant-system
+----
++
+.Example output
+[source,terminal]
+----
+NAME                           DISPLAY                  VERSION   REPLACES   PHASE
+authorino-operator.vX.Y.Z      Authorino Operator       X.Y.Z                Succeeded
+dns-operator.vX.Y.Z            DNS Operator             X.Y.Z                Succeeded
+kuadrant-operator.vX.Y.Z       Kuadrant Operator        X.Y.Z                Succeeded
+limitador-operator.vX.Y.Z      Limitador Operator       X.Y.Z                Succeeded
+----
+
+. Verify the operator pod is running:
++
+[source,terminal]
+----
+$ oc get pods -n kuadrant-system
+----
++
+.Example output
+[source,terminal]
+----
+NAME                                                READY   STATUS    RESTARTS   AGE
+authorino-operator-controller-manager-<hash>        2/2     Running   0          3m
+dns-operator-controller-manager-<hash>              2/2     Running   0          3m
+kuadrant-operator-controller-manager-<hash>         2/2     Running   0          5m
+limitador-operator-controller-manager-<hash>        2/2     Running   0          3m
+----
diff --git a/modules/proc-rhcl-disconnected-mirror-catalog.adoc b/modules/proc-rhcl-disconnected-mirror-catalog.adoc
@@ -0,0 +1,112 @@
+// Module included in the following assemblies:
+//
+// *install-guide/disconnected-install.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="proc-rhcl-disconnected-mirror-catalog_{context}"]
+= Mirroring the {prodname} operator catalog
+
+[role="_abstract"]
+You can mirror the Red Hat operator catalog containing the {prodname} operator to your disconnected environment using the `oc-mirror` plugin.
+
+.Prerequisites
+
+* You have installed the `oc-mirror` CLI plugin
+* You have access to `registry.redhat.io` on an internet-connected workstation
+* You have credentials for your mirror registry configured in `${HOME}/.docker/config.json`
+
+.Procedure
+
+. On your internet-connected workstation, create an `ImageSetConfiguration` file named `rhcl-imageset-config.yaml`:
++
+[source,yaml,subs="attributes+"]
+----
+apiVersion: mirror.openshift.io/v2alpha1
+kind: ImageSetConfiguration
+mirror:
+  operators:
+  - catalog: registry.redhat.io/redhat/redhat-operator-index:v{product-version} <1>
+    packages:
+    - name: rhcl-operator <2>
+  additionalImages:
+  - name: registry.redhat.io/rhcl-1/coredns-rhel9:vX.Y.Z <3>
+----
++
+<1> Specify the Red Hat operator catalog version matching your {ocp} cluster version.
+<2> The {prodname} operator package. Dependency operators (Authorino, Limitador, DNS) are included automatically.
+<3> Optional. The CoreDNS image if you plan to use the DNS Operator CoreDNS deployment feature. Replace `vX.Y.Z` with the version matching the {prodname} operator release.
+
+. Mirror the catalog to a local directory:
++
+[source,terminal]
+----
+$ oc mirror --v2 --config rhcl-imageset-config.yaml file://./rhcl-mirror
+----
++
+This command downloads the catalog and operator images to the `rhcl-mirror` directory.
+
+. Transfer the `rhcl-mirror` directory to your disconnected environment using removable media.
+
+. On a host in the disconnected environment with access to your mirror registry, push the images to the registry:
++
+[source,terminal,subs="+quotes"]
+----
+$ oc mirror --v2 --config rhcl-imageset-config.yaml \
+  --from file://./rhcl-mirror \
+  docker://_<mirror_registry>_:_<port>_
+----
++
+Replace `_<mirror_registry>_` and `_<port>_` with your mirror registry details.
+
+. Apply the `ImageDigestMirrorSet` or `ImageTagMirrorSet` to configure the cluster to use the mirrored images:
++
+[source,terminal]
+----
+$ oc apply -f results-*/cluster-resources/idms-oc-mirror.yaml
+$ oc apply -f results-*/cluster-resources/itms-oc-mirror.yaml
+----
+
+. Wait for the `MachineConfigPool` to update:
++
+[source,terminal]
+----
+$ oc wait mcp --all --for=condition=Updated --timeout=30m
+----
++
+.Example output
+[source,text]
+----
+machineconfigpool.machineconfiguration.openshift.io/master condition met
+machineconfigpool.machineconfiguration.openshift.io/worker condition met
+----
++
+[NOTE]
+====
+This step restarts the kubelet on all nodes to apply the new registry configuration.
+====
+
+. Apply the `CatalogSource` manifest:
++
+[source,terminal]
+----
+$ oc apply -f results-*/cluster-resources/catalogSource-*.yaml
+----
+
+. Verify the catalog source is ready:
++
+[source,terminal]
+----
+$ oc wait catalogsource -n openshift-marketplace \
+  --all --for=condition=Ready --timeout=5m
+----
++
+.Example output
+[source,text]
+----
+catalogsource.operators.coreos.com/rhcl-operator-catalog-<timestamp> condition met
+----
+
+[role="_additional-resources"]
+.Additional resources
+
+* link:https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/disconnected_environments/about-installing-oc-mirror-v2#oc-mirror-workflows-fully-disconnected-v2_about-installing-oc-mirror-v2[Mirroring an image set in a fully disconnected environment]
diff --git a/modules/ref-relnotes-new-features.adoc b/modules/ref-relnotes-new-features.adoc
@@ -9,6 +9,12 @@
 [role="_abstract"]
 You can use the new features and enhancements that are available with {product-title} {version}.
 
+Disconnected installation documentation added::
+
+The {prodname} documentation now includes procedures for installing in a disconnected environment. You can apply cloud-like traffic management within your private, secure network.
+
+//For more information, see xref:../install-rhcl/rhcl-install-disconnected.adoc#rhcl-install-disconnected[Installing Connectivity Link in a disconnected environment]
+
 MCP gateway: MCP prompt federation is now available::
 
 {mcpg} adds support for federating MCP prompts through the `Gateway` object as a Generally Available feature. MCP prompt federation makes it much easier to supply your large language models (LLMs) with the exact context and steering instructions they need, no matter which server originally hosted the template.