Skip to content

Latest commit

 

History

History
210 lines (146 loc) · 5.86 KB

copy-docker-images-to-air-gapped-environment.md

File metadata and controls

210 lines (146 loc) · 5.86 KB

How to copy Docker images to air-gapped environment

The following instructions show how to prepare a TGZ file containing Docker images and files to help loading docker images to a private Docker registry.

The instructions have 3 major steps:

  1. On a non-air-gapped system, create a TGZ file.
  2. Transfer the TGZ file from the non-air-gapped system to the air-gapped system.
  3. On the air-gapped system, use the TGZ file to populate an local Docker repository and (optionally) populate a private Docker registry.

Contents

  1. On non-air-gapped system
    1. Package docker images
    2. Create docker-tag-and-push.sh file
    3. Create compressed file
  2. Transfer
  3. On air-gapped system
    1. Identify file
    2. Extract file
    3. Load local Docker repository
    4. Load private Docker registry

On non-air-gapped system

The goal of these steps is to produce a compressed file in tgz format (docker-images.tgz) containing Docker images that can be installed on an air-gapped system and files to help wth populating the private Docker registry from that system.

The following steps are performed on an internet-connected system. They will not work on an air-gapped system.

Package docker images

The following steps create a docker-images.tar file containing docker images.

  1. ✏️ Identify a new directory for outputting files. Example:

    export SENZING_DOCKER_DIR=~/my-senzing-docker

  2. Make directories for output. Example:

    mkdir -p ${SENZING_DOCKER_DIR}

  3. Get versions of Docker images. Example:

    curl -X GET \
    --output ${SENZING_DOCKER_DIR}/docker-versions-stable.sh \
    https://raw.githubusercontent.com/Senzing/knowledge-base/main/lists/docker-versions-stable.sh
chmod +x ${SENZING_DOCKER_DIR}/docker-versions-stable.sh
source   ${SENZING_DOCKER_DIR}/docker-versions-stable.sh

  4. ✏️ List Docker images to be packaged. Add or delete Docker images from the list. For extensive list, see docker-image-names.sh Example:

    export DOCKER_IMAGE_NAMES=(
    "senzing/senzingapi-runtime:${SENZING_DOCKER_IMAGE_VERSION_SENZINGAPI_RUNTIME:-latest}"
)

  5. Pull Docker images to local, non-air-gapped workstation. Example:

    for DOCKER_IMAGE_NAME in ${DOCKER_IMAGE_NAMES[@]};
do
  docker pull ${DOCKER_IMAGE_NAME}
done

  6. Save Docker images as a .tar file. Example:

    docker save ${DOCKER_IMAGE_NAMES[@]} --output ${SENZING_DOCKER_DIR}/docker-images.tar

Create docker-tag-and-push.sh file

  1. Create docker-tag-and-push.sh that will be used to push images to private Docker registry from air-gapped system. Example:

    echo '#!/usr/bin/env bash' > ${SENZING_DOCKER_DIR}/docker-tag-and-push.sh
for DOCKER_IMAGE_NAME in ${DOCKER_IMAGE_NAMES[@]};
do
  echo ""                                                                             >> ${SENZING_DOCKER_DIR}/docker-tag-and-push.sh
  echo "docker tag ${DOCKER_IMAGE_NAME} \${DOCKER_REGISTRY_URL}/${DOCKER_IMAGE_NAME}" >> ${SENZING_DOCKER_DIR}/docker-tag-and-push.sh
  echo "docker push \${DOCKER_REGISTRY_URL}/${DOCKER_IMAGE_NAME}"                     >> ${SENZING_DOCKER_DIR}/docker-tag-and-push.sh
  echo "docker rmi \${DOCKER_REGISTRY_URL}/${DOCKER_IMAGE_NAME}"                      >> ${SENZING_DOCKER_DIR}/docker-tag-and-push.sh
done
chmod +x ${SENZING_DOCKER_DIR}/docker-tag-and-push.sh

Create compressed file

  1. Compress .tar file to make it a smaller .tgz file. Example:

    tar \
    --create \
    --directory=${SENZING_DOCKER_DIR} \
    --file=${SENZING_DOCKER_DIR}/docker-images.tgz \
    --gzip \
    --verbose \
    docker-tag-and-push.sh docker-versions-stable.sh docker-images.tar

Transfer

  1. Transfer ${SENZING_DOCKER_DIR}/docker-images.tgz to the air-gapped system.

On air-gapped system

The following instructions show how to load docker images into local Docker repository and populate a private registry in an air-gapped environment.

Identify file

  1. ✏️ Specify the location of the docker-images.tgz file. Example:

    export SENZING_DOCKER_IMAGES_TGZ=~/docker-images.tgz

Extract file

  1. ✏️ Specify the output location for uncompressing the file. Example:

    export SENZING_OUTPUT_DIR=~/my-senzing-output

  2. Uncompress file. Example:

    mkdir --parents ${SENZING_OUTPUT_DIR}
tar \
    --directory=${SENZING_OUTPUT_DIR} \
    --extract \
    --file=${SENZING_DOCKER_IMAGES_TGZ} \
    --gzip \
    --verbose

Load local Docker repository

This step will add the Docker images to the Docker repository on the local workstation. The contents of the local Docker repository are seen via the docker images command.

  1. Load Docker images onto local workstation. Example:

    docker load --input ${SENZING_OUTPUT_DIR}/docker-images.tar

Push images to private Docker registry

🤔 Optional: This step is only needed if the Docker images need to be added to a private Docker registry. If working on a single workstation, this step is not necessary.

  1. ✏️ Identify the URL of the private Docker registry. Example:

    export DOCKER_REGISTRY_URL=my.docker-registry.com:5000

  2. ✏️ Run docker-tag-and-push.sh Example:

    ${SENZING_OUTPUT_DIR}/docker-tag-and-push.sh