Documentation survey

SUSE Multi-Linux Manager 服务器物理隔离的部署

1. 什么是物理隔离的部署?

物理隔离部署是指设置和操作与不安全网络(尤其是互联网)物理隔离的任何联网系统。这种部署通常用于军事设施、金融系统、关键基础架构等高安全性环境,以及处理敏感数据,因而必须防范其受到外部威胁的任何位置。

可以在能够访问互联网的计算机上使用 PodmanDockerSkopeo 轻松部署容器映像。

过程

Pull the desired image, then save the image as a tar archive. For example:

+ .Podman

podman pull registry.opensuse.org/uyuni/server:latest
podman save --output server.tar registry.opensuse.org/uyuni/server:latest

+ .Docker

docker pull registry.opensuse.org/uyuni/server:latest
docker save --output server.tar registry.opensuse.org/uyuni/server:latest

+ .Skopeo

skopeo copy docker://registry.opensuse.org/uyuni/server:latest docker-archive:server.tar:registry.opensuse.org/uyuni/server:latest

+ . 将生成的 server-image.tar 传输到服务器容器主机,并使用以下命令装载它:

+ .Load the server image

podman load -i server.tar

1.1. Deploy SUSE Multi-Linux Manager on openSUSE Leap Micro

SUSE Multi-Linux Manager also provides all the needed container images in RPM packages that can be installed on the system.

User should make the needed RPM available on the internal network. That can be done by using a second SUSE Multi-Linux Manager Server or any kind of mirror.

Procedure: Install SUSE Multi-Linux Manager on openSUSE Leap Micro in Air-gapped
  1. Install openSUSE Leap Micro.

  2. 更新系统。

  3. Install tools packages and image packages (replace $ARCH$ with the correct architecture):

    transactional-update pkg install mgradm* mgrctl* uyuni-server*-image*
  4. 重引导。

  5. Deploy SUSE Multi-Linux Manager with mgradm. In an Air-gapped environment you may want to use the option --pullPolicy Never.

For more detailed information about installing SUSE Multi-Linux Manager Server on openSUSE Leap Micro, see Server Deployment.

要升级 SUSE Multi-Linux Manager 服务器,用户应升级系统中的所有软件包,并按照服务器升级中定义的过程操作。