Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Applies to SUSE Cloud Application Platform 1.5.2

13 Setting Up a Registry for an Air Gapped Environment

README first!

Before you start deploying SUSE Cloud Application Platform, review the following documents:

Read the Release Notes: Release Notes SUSE Cloud Application Platform

Read Chapter 3, Deployment and Administration Notes

Cloud Application Platform, which consists of Docker images, is deployed to a Kubernetes cluster through Helm. These images are hosted on a Docker registry at registry.suse.com. In an air gapped environment, registry.suse.com will not be accessible. You will need to create a registry, and populate it will the images used by Cloud Application Platform.

This chapter describes how to load your registry with the necessary images to deploy Cloud Application Platform in an air gapped environment.

13.1 Prerequisites

The following prerequisites are required:

13.2 Mirror Images to Registry

All the Cloud Application Platform Helm charts include an imagelist.txt file that lists all images from the registry.suse.com registry under the cap organization. They can be mirrored to a local registry with the following script.

Replace the value of MIRROR with your registry's domain.



set -ex

function mirror {
    CHARTDIR=$(mktemp -d)
    helm fetch suse/$1 --untar --untardir=${CHARTDIR}
    IMAGES=$(cat ${CHARTDIR}/**/imagelist.txt)
    for IMAGE in ${IMAGES}; do
        echo $IMAGE
        docker pull registry.suse.com/cap/$IMAGE
        docker tag registry.suse.com/cap/$IMAGE $MIRROR/cap/$IMAGE
        docker push $MIRROR/cap/$IMAGE
    docker save -o ${CHART}-images.tar.gz \
           $(perl -E "say qq(registry.suse.com/cap/\$_) for @ARGV" ${IMAGES})
    rm -r ${CHARTDIR}

mirror cf
mirror uaa
mirror console
mirror metrics
mirror cf-usb-sidecar-mysql
mirror cf-usb-sidecar-postgres

The script above will both mirror to a local registry and save the images in a local tarball that can be restored with docker load foo-images.tgz. In general only one of these mechanisms will be needed.

Also take note of the following regarding the script provided above.

  • The minibroker chart is currently not supported as it does not use a tagged image, but minibroker:latest. It will use a tagged imaged in the next release and supported at that time.

  • The nginx-ingress chart is not supported by this mechanism because it is not part of the cap organization (and cannot be configured with the kube.registry.hostname setting at deploy time either).

    Instead manually parse the Helm chart for the image names and do a manual docker pull && docker tag && docker push on them.

Before deploying Cloud Application Platform using helm install, ensure the following in your scf-config-values.yaml has been updated to point to your registry, and not registry.suse.com.

    # example registry domain
    hostname: "registry.home"
    username: ""
    password: ""
  organization: "cap"
Print this page