Red Hat SummitThis documentation is for a release that is no longer maintained
See documentation for the latest supported version.Chapter 3. Air-gapped environment
An air-gapped environment, also known as an air-gapped network or isolated network, ensures security by physically segregating the system or network. This isolation is established to prevent unauthorized access, data transfer, or communication between the air-gapped system and external sources.
You can install the Red Hat Developer Hub in an air-gapped environment to ensure security and meet specific regulatory requirements.
3.1. Installing Red Hat Developer Hub in an air-gapped environment
To install the Developer Hub in an air-gapped environment, you must have access to the registry.redhat.io and the registry for the air-gapped environment.
Prerequisites
- You have installed an Openshift Container Platform (OCP) 4.10 or later.
-
You have access to the
registry.redhat.io. - You have access to the OpenShift image registry of your cluster. For more information about exposing the OpenShift image registry, see Exposing the registry in OpenShift documentation.
-
You have installed the
occommand line tool on your workstation. -
You have installed the
podmancommand line tools on your workstation. - You you have an account in Red Hat Developer portal.
Procedure
Log in to the OCP using
oc:oc login -u <user> -p <password> https://api.<HOSTNAME>:6443
oc login -u <user> -p <password> https://api.<HOSTNAME>:6443Copy to Clipboard Copied! Toggle word wrap Toggle overflow Log in to the OCP image registry using
podman:podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.<HOSTNAME>
podman login -u kubeadmin -p $(oc whoami -t) default-route-openshift-image-registry.<HOSTNAME>Copy to Clipboard Copied! Toggle word wrap Toggle overflow NoteYou can use the following commands to get the full host name of the OpenShift image registry and than use the host name in a command to log in:
REGISTRY_HOST=$(oc get route default-route -n openshift-image-registry --template='{{ .spec.host }}') podman login -u kubeadmin -p $(oc whoami -t) $REGISTRY_HOSTREGISTRY_HOST=$(oc get route default-route -n openshift-image-registry --template='{{ .spec.host }}') podman login -u kubeadmin -p $(oc whoami -t) $REGISTRY_HOSTCopy to Clipboard Copied! Toggle word wrap Toggle overflow Log in to the
registry.redhat.ioinpodmanusing the following command:podman login registry.redhat.io
podman login registry.redhat.ioCopy to Clipboard Copied! Toggle word wrap Toggle overflow For more information about registry authentication, see Red Hat Container Registry Authentication.
Pull Developer Hub and PostgreSQL images from Red Hat Image registry to your workstation:
podman pull <DEVELOPERHUBIMAGE> podman pull registry.redhat.io/rhel9/postgresql-15:latest
podman pull <DEVELOPERHUBIMAGE> podman pull registry.redhat.io/rhel9/postgresql-15:latestCopy to Clipboard Copied! Toggle word wrap Toggle overflow Push both images to the internal OCP registry.
For more information about pushing images directly to OCP registry, see How do I push an Image directly into the OpenShift 4 registry.
podman push --remove-signatures registry.redhat.io/rhel9/postgresql-15:latest default-route-openshift-image-registry.<hostname>/<yourProject>/postgresql-15:latest
podman push --remove-signatures registry.redhat.io/rhel9/postgresql-15:latest default-route-openshift-image-registry.<hostname>/<yourProject>/postgresql-15:latestCopy to Clipboard Copied! Toggle word wrap Toggle overflow TipIf an x509 error occurs, ensure you install the CA certificate used for OpenShift routes on your system.
Optionally, you can append
--tls-verify=falseto thepodmanpush command, note that this approach is not recommended.Use the following command to verify that both images are present in the internal OCP registry:
oc get imagestream -n <projectName>
oc get imagestream -n <projectName>Copy to Clipboard Copied! Toggle word wrap Toggle overflow Enable local image lookup for both images using the following commands:
oc set image-lookup postgresql-15 oc set image-lookup rhdh-hub-rhel9
oc set image-lookup postgresql-15 oc set image-lookup rhdh-hub-rhel9Copy to Clipboard Copied! Toggle word wrap Toggle overflow Go to YAML view and update the
imagesection forbackstageandpostgresqlusing the following values:Example values for Developer Hub image
Copy to Clipboard Copied! Toggle word wrap Toggle overflow Example values for PostgreSQL image
Copy to Clipboard Copied! Toggle word wrap Toggle overflow - Install the Red Hat Developer Hub using Helm Chart. For more information about installing Developer Hub, see Chapter 2, Installing Red Hat Developer Hub using Helm Chart.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}