Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Applies to SUSE Cloud Application Platform 2.1.1

11 Setting Up a Registry for an Air Gapped Environment


Before you start deploying SUSE Cloud Application Platform, review the following documents:

Cloud Application Platform, which consists of Docker images, is deployed to a Kubernetes cluster through Helm. These images are hosted on a Docker registry at registry.suse.com. In an air gapped environment, registry.suse.com will not be accessible. You will need to create a registry, and populate it will the images used by Cloud Application Platform.

This chapter describes how to load your registry with the necessary images to deploy Cloud Application Platform in an air gapped environment.

11.1 Prerequisites

The following prerequisites are required:

11.2 Mirror Images to Registry

All the Cloud Application Platform Helm charts include an imagelist.txt file that lists all images from the registry.suse.com registry under the cap organization. They can be mirrored to a local registry with the following script.

Replace the value of MIRROR with your registry's domain.



set -ex

function mirror {
    CHARTDIR=$(mktemp -d)
    helm fetch suse/$1 --untar --untardir=${CHARTDIR}
    IMAGES=$(cat ${CHARTDIR}/**/imagelist.txt)
    for IMAGE in ${IMAGES}; do
        echo $IMAGE
        docker pull registry.suse.com/cap/$IMAGE
        docker tag registry.suse.com/cap/$IMAGE $MIRROR/cap/$IMAGE
        docker push $MIRROR/cap/$IMAGE
    docker save -o ${CHART}-images.tar.gz \
           $(perl -E "say qq(registry.suse.com/cap/\$_) for @ARGV" ${IMAGES})
    rm -r ${CHARTDIR}

mirror cf-operator
mirror kubecf
mirror console
mirror metrics
mirror minibroker

The script above will both mirror to a local registry and save the images in a local tarball that can be restored with docker load foo-images.tgz. In general only one of these mechanisms will be needed.

Also take note of the following regarding the script provided above.

  • The nginx-ingress chart is not supported by this mechanism because it is not part of the cap organization (and cannot be configured with the kube.registry.hostname setting at deploy time either).

    Instead manually parse the Helm chart for the image names and do a manual docker pull && docker tag && docker push on them.

Before deploying Cloud Application Platform using helm install, ensure the following in your kubecf-config-values.yaml has been updated to point to your registry, and not registry.suse.com.

    # example registry domain
    hostname: "MY_REGISTRY.COM"
    username: ""
    password: ""
  organization: "cap"
Print this page