|
2 | 2 | // no assembly |
3 | 3 |
|
4 | 4 | [id="proc-install-rhdh-airgapped-environment-ocp-helm_{context}"] |
5 | | -= Installing {product} in an air-gapped environment with the Helm chart |
| 5 | += Installing {product} on {ocp-short} in an air-gapped environment with the Helm chart |
6 | 6 |
|
7 | 7 | You can install {product} in a fully disconnected or partially disconnected environment using the {product} Helm chart. |
8 | 8 |
|
9 | | -== Installing {product} in a partially disconnected environment with the Helm chart |
| 9 | +== Installing {product} on {ocp-short} in a partially disconnected environment with the Helm chart |
10 | 10 |
|
11 | | -If your network has access to the internal {company-name} registries, you can deploy your {product} instance in your partially disconnected environment by mirroring the specified resources directly to the target registry. |
| 11 | +If your network has access to the `registry.redhat.io` registry and the `charts.openshift.io` Helm Chart repository, you can deploy your {product} instance in your partially disconnected environment by mirroring the specified resources directly to the target registry. |
12 | 12 |
|
13 | 13 | .Prerequisites |
14 | 14 |
|
15 | | -* You have installed an {ocp-brand-name} {ocp-version-min} or later. |
| 15 | +* You have installed {ocp-brand-name} {ocp-version-min} or later. |
16 | 16 | * You have access to the `registry.redhat.io`. |
17 | | -* You have access to the {ocp-brand-name} image registry of your cluster. For more information about exposing the image registry, see the {ocp-brand-name} documentation about https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html-single/registry/index#securing-exposing-registry[Exposing the registry]. |
| 17 | +* You have access to the `charts.openshift.io` Helm chart repository. |
| 18 | +* You have access to a mirror registry that can be reached from the disconnected cluster, for example, the {ocp-short} image registry. For more information about exposing the {ocp-short} image registry, see https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html-single/registry/index#securing-exposing-registry[Exposing the registry]. |
| 19 | +* You are logged in to your target mirror registry and have permissions to push images to it. For more information, see link:https://docs.openshift.com/container-platform/4.17/disconnected/mirroring/installing-mirroring-disconnected.html#installation-adding-registry-pull-secret_installing-mirroring-disconnected[Configuring credentials that allow images to be mirrored]. |
18 | 20 | * You have installed the {openshift-cli} on your workstation. |
19 | | -* You have installed the `podman` command line tools on your workstation. |
20 | 21 | * You have installed the oc-mirror {openshift-cli} plugin, for more information see https://docs.openshift.com/container-platform/4.17/disconnected/mirroring/installing-mirroring-disconnected.html#installation-oc-mirror-installing-plugin_installing-mirroring-disconnected[Installing the oc-mirror OpenShift CLI plugin]. |
21 | 22 | * You have an account in https://developers.redhat.com/[{rhdeveloper-name}] portal. |
22 | 23 |
|
23 | 24 | .Procedure |
24 | 25 | . Log in to your {ocp-short} account using the {openshift-cli} by running the following command: |
25 | 26 | + |
26 | | -[source,terminal] |
| 27 | +[source,terminal,subs="attributes+"] |
27 | 28 | ---- |
28 | 29 | oc login -u <user> -p <password> https://api.<hostname>:6443 |
29 | 30 | ---- |
30 | 31 |
|
31 | | -. Log in to the {ocp-short} image registry using the `podman` command line tool by running the following command: |
| 32 | +. From your disconnected cluster, log in to the image registry that you want to mirror, for example, the {ocp-short} image registry. |
| 33 | +. Create an `ImageSetConfiguration` file, for example, `ImageSetConfiguration.yaml`. |
| 34 | +. In your `ImageSetConfiguration.yaml` file, specify the resources that you want to mirror. For example: |
32 | 35 | + |
33 | | -[source,terminal] |
| 36 | +[source,terminal,subs="attributes+"] |
34 | 37 | ---- |
35 | | -podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.<hostname> |
| 38 | +apiVersion: mirror.openshift.io/v1alpha2 |
| 39 | +kind: ImageSetConfiguration |
| 40 | +mirror: |
| 41 | + helm: |
| 42 | + repositories: |
| 43 | + - name: <repository-name> (1) |
| 44 | + url: <repository-url> (2) |
| 45 | + charts: |
| 46 | + - name: <chart-name> (3) |
| 47 | + version: "<{product-very-short}-version>" (4) |
36 | 48 | ---- |
37 | | -+ |
38 | | -[NOTE] |
39 | | -==== |
40 | | -You can run the following commands to get the full host name of the {ocp-short} image registry, and then use the host name in a command to log in: |
| 49 | +<1> The name of the repository that you want to mirror, for example, `openshift-charts`. |
| 50 | +<2> The URL for the repository that you want to mirror, for example, `https://charts.openshift.io`. |
| 51 | +<3> The name of the chart that you want to mirror, for example, `redhat-developer-hub`. |
| 52 | +<4> The version of {product} that you want to use, for example, `{product-version}` |
41 | 53 |
|
42 | | -[source,terminal] |
| 54 | +. Mirror the resources specified in the`ImageSetConfiguration` file directly to the target registry using the `oc-mirror` command. For example: |
| 55 | ++ |
| 56 | +[source,terminal,subs="attributes+"] |
43 | 57 | ---- |
44 | | -REGISTRY_HOST=$(oc get route default-route -n openshift-image-registry --template='{{ .spec.host }}') |
| 58 | +oc-mirror --config=<mirror-configuration-file> <target-mirror-registry> |
45 | 59 | ---- |
| 60 | ++ |
| 61 | +-- |
| 62 | +where: |
46 | 63 |
|
47 | | -[source,terminal] |
48 | | ----- |
49 | | -podman login -u kubeadmin -p $(oc whoami -t) $REGISTRY_HOST |
50 | | ----- |
51 | | -==== |
| 64 | +`<mirror-configuration-file>` :: Specifies the name of your mirror configuration yaml file, for example, `mirror-config.yaml` |
52 | 65 |
|
53 | | -. Log in to the `registry.redhat.io` in `podman` by running the following command: |
| 66 | +`<target-mirror-registry>` :: Specifies the location and name of your target mirror registry, for example,`docker://registry.example:5000`. |
| 67 | +-- |
54 | 68 | + |
55 | | -[source,terminal] |
56 | | ----- |
57 | | -podman login registry.redhat.io |
58 | | ----- |
59 | | -+ |
60 | | -. Create an `ImageSetConfiguration` file to specify the resources that you want to mirror. For example: |
| 69 | +[NOTE] |
| 70 | +==== |
| 71 | +Running the `oc-mirror` command creates a `ImageContentSourcePolicy` (ICSP) manifest that you can apply against the cluster in a later step. |
| 72 | +==== |
61 | 73 | + |
62 | | -[source,terminal] |
| 74 | +.Example output |
| 75 | +[source,terminal,subs="attributes+"] |
63 | 76 | ---- |
64 | | -apiVersion: mirror.openshift.io/v1alpha2 |
65 | | -kind: ImageSetConfiguration |
66 | | -storageConfig: |
67 | | - local: |
68 | | - path: ./mirror-output |
69 | | -mirror: |
70 | | - helm: |
71 | | - repositories: |
72 | | - - name: openshift-charts |
73 | | - url: https://charts.openshift.io |
74 | | - charts: |
75 | | - - name: redhat-developer-hub |
76 | | - version: "{product-version}" |
| 77 | +Writing image mapping to oc-mirror-workspace/results-1738070846/mapping.txt |
| 78 | +Writing ICSP manifests to oc-mirror-workspace/results-1738070846 |
77 | 79 | ---- |
78 | | -. Mirror the resources specified in the`ImageSetConfiguration` file directly to the target registry by running the following command: |
79 | 80 | + |
80 | | -[source,terminal] |
| 81 | +. In the `oc-mirror` command output, find the directory containing the Helm chart that you want to use, for example, `mapping.txt`. |
| 82 | +. Locate the `ImageContentSourcePolicy` (ICSP) manifest that was automatically generated by running the `oc-mirror` command and apply it against the cluster by running the `oc create` command. For example: |
| 83 | ++ |
| 84 | +[source,terminal,subs="attributes+"] |
81 | 85 | ---- |
82 | | -oc-mirror --config=mirror-config.yaml file://mirror-archive |
| 86 | +oc create -f oc-mirror-workspace/results-1738070846/ImageContentSourcePolicy.yaml |
83 | 87 | ---- |
84 | | -. In your air-gapped environment, deploy the Helm chart to the `rhdh` namespace by running the `helm install` command. For example: |
| 88 | + |
| 89 | +. In your air-gapped environment, deploy the Helm chart to the namespace that you want to use by running the `helm install` command. For example: |
85 | 90 | + |
86 | 91 | [source,terminal,subs="attributes+"] |
87 | 92 | ---- |
88 | | -helm install rhdh ./mirror-archive/oc-mirror-workspace/src/charts/redhat-developer-hub-{product-version}.tgz --namespace rhdh --create-namespace |
| 93 | +helm install rhdh ./mirror-archive/oc-mirror-workspace/src/charts/redhat-developer-hub-{product-version}.tgz --namespace <your-namespace> --create-namespace |
89 | 94 | ---- |
| 95 | ++ |
| 96 | +-- |
| 97 | +where: |
| 98 | + |
| 99 | +`<your-namespace>` :: Specifies the namespace that you want to deploy the Helm chart to, for example, `{my-product-namespace}`. |
| 100 | +-- |
90 | 101 |
|
91 | 102 | .Verification |
92 | 103 | . To verify that all resources are successfully deployed and running, check the status of your deployments and pods in the cluster. |
93 | | -. To validate the route, ensure that the route matches the expected URL based on the router base of the cluster. |
94 | | -.. If necessary, update the route to align with your expected configuration. |
| 104 | +. View the router base URL by entering the following command: |
| 105 | ++ |
| 106 | +[source,terminal,subs="attributes+"] |
| 107 | +---- |
| 108 | +CLUSTER_ROUTER_BASE=$(oc get route console -n openshift-console -o=jsonpath='{.spec.host}' | sed 's/^[^.]*\.//') |
| 109 | +helm install redhat-developer-hub./mirror-archive/oc-mirror-workspace/src/charts/redhat-developer-hub-1.4.1.tgz \ |
| 110 | + --set global.clusterRouterBase="$CLUSTER_ROUTER_BASE" |
| 111 | +---- |
| 112 | +. Ensure that the route matches the expected URL based on the router base of the cluster. If necessary, update the route to align with your expected configuration. |
95 | 113 |
|
96 | | -== Installing {product} in a fully disconnected environment with the Helm chart |
| 114 | +== Installing {product} on {ocp-short} in a fully disconnected environment with the Helm chart |
97 | 115 |
|
98 | 116 | You can use the Helm chart to install {product} by mirroring specified resources and transferring them to your air-gapped environment without any connection to the internet. |
99 | 117 |
|
100 | 118 | .Prerequisites |
101 | 119 |
|
102 | 120 | * You have installed {ocp-brand-name} {ocp-version-min} or later. |
103 | 121 | * You have access to the `registry.redhat.io`. |
104 | | -* You have access to the {ocp-brand-name} image registry for your cluster. For more information about exposing the image registry, see the {ocp-brand-name} documentation about https://docs.openshift.com/container-platform/{ocp-version}/registry/securing-exposing-registry.html[Exposing the registry]. |
| 122 | +* You have access to a mirror registry that can be reached from the disconnected cluster, for example, the {ocp-brand-name} image registry. For more information about exposing the {ocp-short} image registry, see https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html-single/registry/index#securing-exposing-registry[Exposing the registry]. |
105 | 123 | * You have installed the {openshift-cli} on your workstation. |
106 | | -* You have installed the `podman` command line tools on your workstation. |
| 124 | +* You are logged in to your target mirror registry and have permissions to push images to it. For more information, see link:https://docs.openshift.com/container-platform/4.17/disconnected/mirroring/installing-mirroring-disconnected.html#installation-adding-registry-pull-secret_installing-mirroring-disconnected[Configuring credentials that allow images to be mirrored]. |
107 | 125 | * You have installed the oc-mirror {openshift-cli} plugin, for more information see https://docs.openshift.com/container-platform/4.17/disconnected/mirroring/installing-mirroring-disconnected.html#installation-oc-mirror-installing-plugin_installing-mirroring-disconnected[Installing the oc-mirror OpenShift CLI plugin]. |
108 | 126 | * You have an account in https://developers.redhat.com/[{rhdeveloper-name}] portal. |
109 | 127 |
|
110 | 128 | .Procedure |
111 | | - |
112 | | -. Log in to your {ocp-short} account using the {openshift-cli} by running the following command: |
| 129 | +. Create an `ImageSetConfiguration` file to specify the resources that you want to mirror. For example: |
113 | 130 | + |
114 | | -[source,terminal] |
| 131 | +[source,terminal,subs="attributes+"] |
115 | 132 | ---- |
116 | | -oc login -u <user> -p <password> https://api.<hostname>:6443 |
| 133 | +apiVersion: mirror.openshift.io/v1alpha2 |
| 134 | +kind: ImageSetConfiguration |
| 135 | +mirror: |
| 136 | + helm: |
| 137 | + repositories: |
| 138 | + - name: <repository-name> (1) |
| 139 | + url: <repository-url> (2) |
| 140 | + charts: |
| 141 | + - name: <chart-name> (3) |
| 142 | + version: "<{product-very-short}-version>" (4) |
117 | 143 | ---- |
| 144 | +<1> The name of the repository that you want to mirror, for example, `openshift-charts`. |
| 145 | +<2> The URL for the repository that you want to mirror, for example, `https://charts.openshift.io`. |
| 146 | +<3> The name of the chart that you want to mirror, for example, `redhat-developer-hub`. |
| 147 | +<4> The version of {product} that you want to use, for example, `{product-version}` |
118 | 148 |
|
119 | | -. Log in to the {ocp-short} image registry using the `podman` command line tool by running the following command: |
| 149 | +. Mirror the resources specified in the `ImageSetConfiguration` file by running the following command: |
120 | 150 | + |
121 | | -[source,terminal] |
| 151 | +[source,terminal,subs="attributes+"] |
122 | 152 | ---- |
123 | | -podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.<hostname> |
| 153 | +oc-mirror --config=mirror-config.yaml <mirror-archive-file> |
124 | 154 | ---- |
125 | 155 | + |
126 | | -[NOTE] |
127 | | -==== |
128 | | -You can run the following commands to get the full host name of the {ocp-short} image registry, and then use the host name in a command to log in: |
| 156 | +-- |
| 157 | +where: |
129 | 158 |
|
130 | | -[source,terminal] |
131 | | ----- |
132 | | -REGISTRY_HOST=$(oc get route default-route -n openshift-image-registry --template='{{ .spec.host }}') |
133 | | ----- |
| 159 | +`<mirror-configuration-file>` :: Specifies the name of your mirror configuration yaml file, for example, `mirror-config.yaml` |
134 | 160 |
|
135 | | -[source,terminal] |
136 | | ----- |
137 | | -podman login -u kubeadmin -p $(oc whoami -t) $REGISTRY_HOST |
138 | | ----- |
| 161 | +`<mirror-archive-file>` :: Specifies the location and name of `.tar` file containing the mirror archive, for example,`file://mirror-archive`. |
| 162 | +-- |
| 163 | ++ |
| 164 | +[NOTE] |
| 165 | +==== |
| 166 | +Running the `oc-mirror` command creates a `ImageContentSourcePolicy` (ICSP) manifest that you can apply against the cluster in a later step. |
139 | 167 | ==== |
140 | | - |
141 | | -. Log in to the `registry.redhat.io` in `podman` by running the following command: |
142 | 168 | + |
143 | | -[source,terminal] |
| 169 | +.Example output |
| 170 | +[source,terminal,subs="attributes+"] |
144 | 171 | ---- |
145 | | -podman login registry.redhat.io |
| 172 | +Creating archive /path/to/mirror-archive/mirror_seq1_000000.tar |
146 | 173 | ---- |
147 | 174 | + |
148 | | -. Create an `ImageSetConfiguration` file to specify the resources that you want to mirror. For example: |
| 175 | +. Transfer the generated `.tar` archive file (for example, `mirror_seq1_000000.tar`) to the air-gapped environment. |
| 176 | +. Connect to following your air-gapped environment and make sure that you are also connected to the following objects: |
149 | 177 | + |
150 | | -[source,terminal] |
151 | | ----- |
152 | | -apiVersion: mirror.openshift.io/v1alpha2 |
153 | | -kind: ImageSetConfiguration |
154 | | -storageConfig: |
155 | | - local: |
156 | | - path: ./mirror-output |
157 | | -mirror: |
158 | | - helm: |
159 | | - repositories: |
160 | | - - name: openshift-charts |
161 | | - url: https://charts.openshift.io |
162 | | - charts: |
163 | | - - name: redhat-developer-hub |
164 | | - version: "{product-version}" |
165 | | ----- |
166 | | -. Mirror the resources specified in the`ImageSetConfiguration` file by running the following command: |
| 178 | +* The target registry |
| 179 | +* The target {ocp-short} cluster |
167 | 180 | + |
168 | | -[source,terminal] |
169 | | ----- |
170 | | -oc-mirror --config=mirror-config.yaml file://mirror-archive |
171 | | ----- |
172 | | -. Transfer the generated `.tar` archive file (for example, `mirror++_++seq1++_++000000.tar`) to the air-gapped environment using `scp` or another file transfer tool. For example: |
| 181 | +. From the air-gapped environment, mirror the resources from the archive to the target registry by running the `oc-mirror` command. For example: |
173 | 182 | + |
174 | | -[source,terminal] |
| 183 | +[source,terminal,subs="attributes+"] |
175 | 184 | ---- |
176 | | -scp ./mirror-archive/mirror_seq1_000000.tar /tmp |
| 185 | +oc-mirror --from /path/to/mirror_seq1_000000.tar docker://registry.example.com:5000 |
177 | 186 | ---- |
178 | | -. Extract the contents of the archive into a directory (for example, `/tmp`) by running the `tar` command. For example: |
179 | 187 | + |
180 | | -[source,terminal] |
| 188 | +.Example output |
| 189 | +[source,terminal,subs="attributes+"] |
181 | 190 | ---- |
182 | | -tar -xvf /mirror-archive/mirror_seq1_000000.tar -C /tmp |
| 191 | +Wrote release signatures to oc-mirror-workspace/results-1738075410 |
| 192 | +Writing image mapping to oc-mirror-workspace/results-1738075410/mapping.txt |
| 193 | +Writing ICSP manifests to oc-mirror-workspace/results-1738075410 |
183 | 194 | ---- |
184 | | -. In your air-gapped environment, deploy the Helm chart to the `rhdh` namespace by running the `helm install` command. For example: |
| 195 | +. In the `oc-mirror` command output, find the directory containing the Helm chart that you want to use, for example, `mapping.txt`. |
| 196 | +. Locate the `ImageContentSourcePolicy` (ICSP) manifest that was automatically generated by running the `oc-mirror` command and apply it against the cluster by running the `oc apply` command. For example: |
185 | 197 | + |
186 | 198 | [source,terminal,subs="attributes+"] |
187 | 199 | ---- |
188 | | -helm install rhdh ./mirror-archive/oc-mirror-workspace/src/charts/redhat-developer-hub-{product-version}.tgz --namespace rhdh --create-namespace |
| 200 | +oc apply -f oc-mirror-workspace/results-1738070846/ImageContentSourcePolicy.yaml |
189 | 201 | ---- |
| 202 | +. In your air-gapped environment, deploy the {product} Helm chart. For example: |
190 | 203 |
|
191 | | -.Verification |
192 | | -. To verify that all resources are successfully deployed and running, check the status of your deployments and pods in the cluster. |
193 | | -. View the router base URL by entering the following command: |
194 | | -+ |
195 | 204 | [source,terminal,subs="attributes+"] |
196 | 205 | ---- |
197 | 206 | CLUSTER_ROUTER_BASE=$(oc get route console -n openshift-console -o=jsonpath='{.spec.host}' | sed 's/^[^.]*\.//') |
198 | 207 | helm install redhat-developer-hub./mirror-archive/oc-mirror-workspace/src/charts/redhat-developer-hub-1.4.1.tgz \ |
199 | 208 | --set global.clusterRouterBase="$CLUSTER_ROUTER_BASE" |
200 | 209 | ---- |
201 | | -. Ensure that the route matches the expected URL based on the router base of the cluster. If necessary, update the route to align with your expected configuration. |
202 | 210 |
|
203 | 211 | [role="_additional-resources"] |
204 | 212 | .Additional resources |
|
0 commit comments