SUSE Multi-Linux Manager 服务器物理隔离的部署
1. 什么是物理隔离的部署?
物理隔离部署是指设置和操作与不安全网络(尤其是互联网)物理隔离的任何联网系统。这种部署通常用于军事设施、金融系统、关键基础架构等高安全性环境,以及处理敏感数据,因而必须防范其受到外部威胁的任何位置。
可以在能够访问互联网的计算机上使用 Podman、Docker 或 Skopeo 轻松部署容器映像。
Pull the desired image, then save the image as a tar archive. For example:
+ .Podman
podman pull registry.opensuse.org/uyuni/server:latest podman save --output server.tar registry.opensuse.org/uyuni/server:latest
+ .Docker
docker pull registry.opensuse.org/uyuni/server:latest docker save --output server.tar registry.opensuse.org/uyuni/server:latest
+ .Skopeo
skopeo copy docker://registry.opensuse.org/uyuni/server:latest docker-archive:server.tar:registry.opensuse.org/uyuni/server:latest
+
. 将生成的 server-image.tar 传输到服务器容器主机,并使用以下命令装载它:
+ .Load the server image
podman load -i server.tar
1.1. Deploy SUSE Multi-Linux Manager on openSUSE Leap Micro
SUSE Multi-Linux Manager also provides all the needed container images in RPM packages that can be installed on the system.
|
User should make the needed RPM available on the internal network. That can be done by using a second SUSE Multi-Linux Manager Server or any kind of mirror. |
-
Install openSUSE Leap Micro.
-
更新系统。
-
Install tools packages and image packages (replace $ARCH$ with the correct architecture):
transactional-update pkg install mgradm* mgrctl* uyuni-server*-image* -
重引导。
-
Deploy SUSE Multi-Linux Manager with
mgradm. In an Air-gapped environment you may want to use the option--pullPolicy Never.
For more detailed information about installing SUSE Multi-Linux Manager Server on openSUSE Leap Micro, see Server Deployment.
要升级 SUSE Multi-Linux Manager 服务器,用户应升级系统中的所有软件包,并按照服务器升级中定义的过程操作。