Kuadrant · maleck13 · May 7, 2024 · May 7, 2024 · May 7, 2024
diff --git a/doc/install/install-openshift.md b/doc/install/install-openshift.md
@@ -132,7 +132,8 @@ kubectl create ns kuadrant-system
 
 Setup a catalogsource:
 
-```
+```bash
+kubectl apply -f - <<EOF
 apiVersion: operators.coreos.com/v1alpha1
 kind: CatalogSource
 metadata:
@@ -146,6 +147,7 @@ spec:
   updateStrategy:
     registryPoll:
       interval: 45m
+EOF      
 ```      
 
 AWS Route 53 credentials for TLS verification:

diff --git a/doc/user-guides/secure-protect-connect-single-multi-cluster.md b/doc/user-guides/secure-protect-connect-single-multi-cluster.md
@@ -351,6 +351,15 @@ You can use `curl` to hit your endpoint. You should see a `403` Because this exa
 curl -k -w "%{http_code}" https://$(kubectl get httproute test -n ${gatewayNS} -o=jsonpath='{.spec.hostnames[0]}')
 ```
 
+
+### Opening up the Gateway for other namespaces:
+
+As you have now configured the Gateway, secured it with Kuadrant policies and tested it, you can now open it up for use by other teams in other namespaces:
+
+```bash
+kubectl patch gateway ${gatewayName} -n ${gatewayNS} --type='json' -p='[{"op": "replace", "path": "/spec/listeners/0/allowedRoutes/namespaces/from", "value":"All"}]'
+```
+
 ### Extending this Gateway to multiple clusters and configuring geo-based routing
 
 To distribute this Gateway across multiple clusters, repeat this setup process for each cluster. By default, this will implement a round-robin DNS strategy to distribute traffic evenly across the different clusters. Setting up your Gateways to serve clients based on their geographic location is straightforward with your current configuration.
@@ -365,6 +374,12 @@ For your North American cluster:
 kubectl label --overwrite gateway ${gatewayName} kuadrant.io/lb-attribute-geo-code=US -n ${gatewayNS}
 ```
 
+For your EU cluster:
+
+```bash
+kubectl label --overwrite gateway ${gatewayName} kuadrant.io/lb-attribute-geo-code=EU -n ${gatewayNS}
+```
+
 ## Application developer workflow
 
 This section of the walkthrough focuses on using an OpenAPI Specification (OAS) to define an API. You will use Kuadrant OAS extensions to specify the routing, authentication, and rate-limiting requirements. Next, you will use the `kuadrantctl` tool to generate an `AuthPolicy`, an `HTTPRoute`, and a `RateLimitPolicy`, which you will then apply to your cluster to enforce the settings defined in your OAS.
@@ -409,10 +424,12 @@ Use `kuadrantctl` to generate your `HTTPRoute`.
 
 NOTE: The sample OAS has some placeholders for namespaces and domains. You will inject valid values into these placeholders based on your previous environment variables.
 
-Generate the resource from your OAS, (`envsubst` will replace the placeholders):
+Generate the resource from your OAS, (`envsubst` will replace the placeholders) and apply it:
 
 ```bash
-cat $oasPath | envsubst | kuadrantctl generate gatewayapi httproute --oas -
+cat $oasPath | envsubst | kuadrantctl generate gatewayapi httproute --oas - | kubectl apply -f -
+```
+
 
 ```bash
 kubectl get httproute toystore -n ${devNS} -o=yaml
@@ -577,6 +594,8 @@ Lastly, you can generate your `RateLimitPolicy` to add your rate limits, based o
 
 ```bash
 export oasPath=examples/oas-oidc.yaml
+```
+
 Again, you should see the rate limit policy accepted and enforced:
 
 ```bash