SUSE Multi-Linux Manager Proxy Air-gapped Deployment

1. What is air-gapped deployment?

Air-gapped deployment refers to the setup and operation of any networked system that is physically isolated from insecure networks, especially the internet. This type of deployment is commonly used in high-security environments such as military installations, financial systems, critical infrastructure, and anywhere sensitive data is handled and must be protected from external threats.

At the moment, air-gapped deployment is available only on SL Micro.

2. Deploy with Virtual Machine

The recommended installation method is using the provided SUSE Multi-Linux Manager Virtual Machine Image option, since all the needed tools and container images are pre-loaded and will work out of the box.

For more information about installing SUSE Multi-Linux Manager Proxy Virtual Machine, see Deploy Proxy as a Virtual Machine.

To upgrade SUSE Multi-Linux Manager Proxy, users should follow the procedures defined in Proxy Upgrade.

3. Deploy SUSE Multi-Linux Manager on SL Micro

SUSE Multi-Linux Manager also provides all the needed container images in RPM’s that can be installed on the system.

Procedure: Install SUSE Multi-Linux Manager on SL Micro in Air-gapped

  1. Install SL Micro.

  2. Bootstrap the Proxy Host OS as a Client on SUSE Multi-Linux Manager Server.

  3. Update the system.

  4. Install tools packages and image packages (replace $ARCH$ with the correct architecture)

    transactional-update pkg install mgrpxy* mgrctl* suse-multi-linux-manager-5.1-$ARCH$-proxy-*

  5. Reboot.

  6. Deploy SUSE Multi-Linux Manager with mgrpxy.

For more detailed information about installing SUSE Multi-Linux Manager Proxy on SL Micro, see Deploy Proxy as a Virtual Machine.

To upgrade SUSE Multi-Linux Manager Proxy, users should follow the procedures defined in Proxy Upgrade.

4. Formula images

Some formulas, like Bind and DHCP (Kea), also use containers. If you plan to use them in an air-gapped environment, you need to pull their images, save them to an archive, and load them on your SUSE Multi-Linux Manager Proxy or another managed system.

The images are available from registry.suse.com.

Procedure: Getting formula images for air-gapped environments

  1. On a system with Internet access, pull the required images.

    podman pull registry.suse.com/suse/bind:latest
podman pull registry.suse.com/suse/kea:2.6

  2. Save the images to a TAR archive:

    podman save -o formula-images.tar registry.suse.com/suse/bind:latest registry.suse.com/suse/kea:2.6

  3. Transfer the formula-images.tar file to your air-gapped system.

  4. Load the images on the air-gapped system:

    podman load -i formula-images.tar