Customizing network configuration

In watsonx.data™, Red Hat OpenShift automatically creates routes to provide external access to required services. While this automation simplifies setup for most environments, some deployments require stricter control over network exposure, hostname conventions, or traffic flow. To support these scenarios, watsonx.data offers custom networking that allows administrators to override default route names, disable automatic route creation, or expose services through alternatives like NodePorts or custom Ingress routes.

You might want to customize networking in the following situations where you need tighter control over how watsonx.data services are exposed:
  • When you want to prevent services from being reachable outside the cluster.
  • When your environment requires custom domain names or proxy configurations.
  • When you prefer alternative access methods such as NodePorts or custom Ingress routes instead of the default Red Hat OpenShift routes.

The custom networking feature gives you flexibility to control automatic route creation, set custom hostnames for services, and add extra DNS names to TLS certificates.

You can customize networking for the following services:

Customize networking - watsonx.data instance custom resource

To customize networking for your wxd instance, patch the existing custom resource to add the networking section:

oc patch wxd lakehouse -n ${PROJECT_CPD_INST_OPERANDS} --type=merge -p '
spec:
  networking:
    generate_openshift_routes: true
    custom_hosts:
      cas: "cas.example.com"
      cpg: "cpg.example.com"
      mds_rest: "mds-rest.example.com"
      mds_thrift: "mds-thrift.example.com"
    additional_dns_names:
      - "custom-domain1.example.com"
      - "custom-domain2.example.com"
'

Alternatively, you can edit the resource directly:

oc edit wxd lakehouse -n ${PROJECT_CPD_INST_OPERANDS}

Then add the networking section under spec:

spec:
  networking:
    generate_openshift_routes: true
    custom_hosts:
      cas: "cas.example.com"
      cpg: "cpg.example.com"
      mds_rest: "mds-rest.example.com"
      mds_thrift: "mds-thrift.example.com"
    additional_dns_names:
      - "custom-domain1.example.com"
      - "custom-domain2.example.com"

Customize networking - Presto engine

To customize networking for a Presto engine, patch the existing wxdengine custom resource. Replace <engine_id> with your actual engine ID (for example, presto123)

oc patch wxdengine lakehouse-<engine_id> -n ${PROJECT_CPD_INST_OPERANDS} --type=merge -p '
spec:
  networking:
    generate_openshift_routes: true
    custom_hosts:
      presto: "presto.example.com"
'

Or edit the resource and add the networking section under spec:

spec:
  networking:
    generate_openshift_routes: true
    custom_hosts:
      presto: "presto.example.com"

Customize networking - Milvus engine

To customize networking for a Milvus service, patch the existing wxdengine custom resource. Replace <service_id> with your actual service ID (for example, milvus123)

oc patch wxdengine lakehouse-<service_id> -n ${PROJECT_CPD_INST_OPERANDS} --type=merge -p '
spec:
  networking:
    generate_openshift_routes: false
    custom_hosts:
      milvus_rest: "milvus-rest.example.com"
      milvus_grpc: "milvus-grpc.example.com"
      milvus_http: "milvus-proxy.example.com"
'

Or edit the resource and add the networking section under spec:

spec:
  networking:
    generate_openshift_routes: false
    custom_hosts:
      milvus_rest: "milvus-rest.example.com"
      milvus_grpc: "milvus-grpc.example.com"
      milvus_http: "milvus-proxy.example.com"

Parameters

generate_openshift_routes
Controls whether Red Hat OpenShift routes are automatically created for the service.

  • Type: Boolean

  • Default: true

  • Values:

    • true: Automatically generate Red Hat OpenShift routes (default behavior)

    • false: Do not generate Red Hat OpenShift routes; you must create routes manually if external access is needed

Note: When you change this setting from true to false, existing routes are not deleted.
custom_hosts
Specifies custom hostnames for services. When provided, these hostnames are used instead of the default-generated hostnames.

  • Default: Not specified (uses default generated hostnames)

  • Wxd instance services: cas, cpg, mds_rest, mds_thrift

  • Presto engine: presto

  • Milvus engine: milvus_rest, milvus_grpc, milvus_http

additional_dns_names
Adds custom DNS names to the TLS certificate as Subject Alternative Names (SANs). Use this when you need the certificate to be valid for more domain names.

  • Type: Array of strings

  • Default: Not specified

  • Example: ["domain1.example.com", "domain2.example.com"]