Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 4. Installing Red Hat Developer Hub on a supported Kubernetes platform in an air-gapped environment with the Helm chart

If you are using a supported Kubernetes platform in a fully disconnected or partially disconnected environment, you can install Red Hat Developer Hub by using the Helm chart. Supported Kubernetes platforms include the following:

Microsoft Azure Kubernetes Service
Amazon Elastic Kubernetes Service
Google Kubernetes Engine

4.1. Installing Red Hat Developer Hub on a supported Kubernetes platform in a fully disconnected environment with the Helm chart
Copier lien

In environments without internet access, a fully disconnected installation ensures that Red Hat Developer Hub can run reliably without external dependencies. This approach involves mirroring images and transferring them manually to the air-gapped environment.

Prerequisites

You have installed Skopeo 1.17 or later
You have installed Yq 4.4 or later
You authenticated to registry.redhat.io for pulling images by using the skopeo login command.
You have access to the Kubernetes cluster with kubectl configured
You have installed Helm 3.13 or later on the air-gapped host

Procedure

On the mirroring host, in a terminal, fetch the Helm charts values by running the following commands:
```
helm repo add <helm_chart_repo_name> https://charts.openshift.io/
helm repo update
helm show values <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version>  values.default.yaml
helm pull <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version>
```
```
helm repo add <helm_chart_repo_name> https://charts.openshift.io/
helm repo update
helm show values <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version>  values.default.yaml
helm pull <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version>
```
Copy to Clipboard Toggle word wrap
where
<helm_chart_repo_name>
Specifies the name of the Helm chart repository, for example, openshift-helm-charts.
<rhdh_version>
Specifies the Red Hat Developer Hub version that you want to use, for example, 1.6.5.
Note
The helm pull <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version> command automatically creates the Helm chart archive file and downloads the Helm chart to your current working directory.

Extract the image digests by running the following commands:

RHDH_IMAGE=$(yq '.upstream.backstage.image | .registry + "/" + .repository' values.default.yaml)
RHDH_DIGEST=$(yq '.upstream.backstage.image.tag' values.default.yaml)
PG_IMAGE=$(yq '.upstream.postgresql.image | .registry + "/" + .repository' values.default.yaml)
PG_DIGEST=$(yq '.upstream.postgresql.image.tag' values.default.yaml)

RHDH_IMAGE=$(yq '.upstream.backstage.image | .registry + "/" + .repository' values.default.yaml)
RHDH_DIGEST=$(yq '.upstream.backstage.image.tag' values.default.yaml)
PG_IMAGE=$(yq '.upstream.postgresql.image | .registry + "/" + .repository' values.default.yaml)
PG_DIGEST=$(yq '.upstream.postgresql.image.tag' values.default.yaml)

Copy to Clipboard

Toggle word wrap

Mirror the images to your local archive by running the following commands:

skopeo login registry.redhat.io
skopeo copy --all docker://${RHDH_IMAGE}:${RHDH_DIGEST} dir:./rhdh-hub
skopeo copy --all docker://${PG_IMAGE}:${PG_DIGEST} dir:./postgresql

skopeo login registry.redhat.io
skopeo copy --all docker://${RHDH_IMAGE}:${RHDH_DIGEST} dir:./rhdh-hub
skopeo copy --all docker://${PG_IMAGE}:${PG_DIGEST} dir:./postgresql

Copy to Clipboard

Toggle word wrap

Transfer the following files and directories to your air-gapped environment:
- rhdh-hub
- postgresql
- Helm chart archive file, for example, redhat-developer-hub-1.6.5.tgz
Load the images onto the air-gapped host by running the following commands:
```
skopeo copy --all dir:./rhdh-hub docker://<mirror_registry_name>/<rhdh_repo_name>:${RHDH_DIGEST}

skopeo copy --all dir:./postgresql docker://<mirror_registry_name>/<postgresql_repo_name>:${PG_DIGEST}
```
```
skopeo copy --all dir:./rhdh-hub docker://<mirror_registry_name>/<rhdh_repo_name>:${RHDH_DIGEST}

skopeo copy --all dir:./postgresql docker://<mirror_registry_name>/<postgresql_repo_name>:${PG_DIGEST}
```
Copy to Clipboard Toggle word wrap
where
<mirror_registry_name>
Specifies the name of the target mirror registry that you want to push the images to, for example, registry.example.com.
<rhdh_repo_name>
Specifies the name of the repository where your Red Hat Developer Hub image is stored, for example, rhdh/rhdh-hub-rhel9. This value must match the name of the Red Hat Developer Hub image that you loaded onto the air-gapped host.
<postgresql_repo_name>
Specifies the name of the repository where your PostgreSQL image is stored, for example, rhdh/postgresql-15.

Create a values.yaml file for the Kubernetes platform that you want to use and add the following image references to the file to reflect local use:

upstream:
  backstage:
    image:
      registry: "<mirror_registry_name>"
      repository: <rhdh_repo_name>
      tag: "${RHDH_DIGEST}"

  postgresql:
    image:
      registry: "<mirror_registry_name>"
      repository: <postgresql_repo_name>
      tag: "${PG_DIGEST}"

upstream:
  backstage:
    image:
      registry: "<mirror_registry_name>"
      repository: <rhdh_repo_name>
      tag: "${RHDH_DIGEST}"

  postgresql:
    image:
      registry: "<mirror_registry_name>"
      repository: <postgresql_repo_name>
      tag: "${PG_DIGEST}"

Copy to Clipboard

Toggle word wrap

where

<mirror_registry_name>

Specifies the name of the target mirror registry that you want to push the images to, for example, registry.example.com.

<rhdh_repo_name>

Specifies the name of the repository where your Red Hat Developer Hub image is stored, for example, rhdh/rhdh-hub-rhel9. This value must match the name of the Red Hat Developer Hub image that you loaded onto the air-gapped host.

<postgresql_repo_name>

Specifies the name of the repository where your PostgreSQL image is stored, for example, rhdh/postgresql-15.

For AKS, use the following values.yaml file template:

global:
  host: <app_address>
route:
  enabled: false
upstream:
  ingress:
    enabled: true
    className: webapprouting.kubernetes.azure.com
    host:
  backstage:
    image:
      pullSecrets:
        - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 3000
  postgresql:
    image:
      pullSecrets:
        - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

global:
  host: <app_address>
route:
  enabled: false
upstream:
  ingress:
    enabled: true
    className: webapprouting.kubernetes.azure.com
    host:
  backstage:
    image:
      pullSecrets:
        - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 3000
  postgresql:
    image:
      pullSecrets:
        - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

Copy to Clipboard

Toggle word wrap

For EKS, use the following values.yaml file template:

global:
  # TODO: Set your application domain name.
  host: <your Developer Hub domain name>

route:
  enabled: false

upstream:
  service:
    # NodePort is required for the ALB to route to the Service
    type: NodePort

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: alb

      alb.ingress.kubernetes.io/scheme: internet-facing

      # TODO: Using an ALB HTTPS Listener requires a certificate for your own domain. Fill in the ARN of your certificate, e.g.:
      alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:xxx:xxxx:certificate/xxxxxx

      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'

      alb.ingress.kubernetes.io/ssl-redirect: '443'

      # TODO: Set your application domain name.
      external-dns.alpha.kubernetes.io/hostname: <your rhdh domain name>

  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      # you can assign any random value as fsGroup
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        # you can assign any random value as fsGroup
        fsGroup: 3000
  volumePermissions:
    enabled: true

global:
  # TODO: Set your application domain name.
  host: <your Developer Hub domain name>

route:
  enabled: false

upstream:
  service:
    # NodePort is required for the ALB to route to the Service
    type: NodePort

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: alb

      alb.ingress.kubernetes.io/scheme: internet-facing

      # TODO: Using an ALB HTTPS Listener requires a certificate for your own domain. Fill in the ARN of your certificate, e.g.:
      alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:xxx:xxxx:certificate/xxxxxx

      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'

      alb.ingress.kubernetes.io/ssl-redirect: '443'

      # TODO: Set your application domain name.
      external-dns.alpha.kubernetes.io/hostname: <your rhdh domain name>

  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      # you can assign any random value as fsGroup
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        # you can assign any random value as fsGroup
        fsGroup: 3000
  volumePermissions:
    enabled: true

Copy to Clipboard

Toggle word wrap

For GKE, use the following values.yaml file template:

global:
  host: <rhdh_domain_name>
route:
  enabled: false
upstream:
  service:
    type: NodePort
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: gce
      kubernetes.io/ingress.global-static-ip-name: <ADDRESS_NAME>
      networking.gke.io/managed-certificates: <rhdh_certificate_name>
      networking.gke.io/v1beta1.FrontendConfig: <ingress_security_config>
    className: gce
  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

global:
  host: <rhdh_domain_name>
route:
  enabled: false
upstream:
  service:
    type: NodePort
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: gce
      kubernetes.io/ingress.global-static-ip-name: <ADDRESS_NAME>
      networking.gke.io/managed-certificates: <rhdh_certificate_name>
      networking.gke.io/v1beta1.FrontendConfig: <ingress_security_config>
    className: gce
  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

Copy to Clipboard

Toggle word wrap

Install the Helm chart in the current namespace by running the following command:
```
helm install rhdh ./<helm_chart_archive_file_name> -f values.yaml
```
```
helm install rhdh ./<helm_chart_archive_file_name> -f values.yaml
```
Copy to Clipboard Toggle word wrap
where
<helm_chart_archive_file_name>
Specifies the name of the Helm chart archive file, for example, redhat-developer-hub-1.4.0.tgz.

4.2. Installing Red Hat Developer Hub on a supported Kubernetes platform in a partially disconnected environment with the Helm chart
Copier lien

In a partially disconnected environment, the cluster cannot access external registries, for example, registry.redhat.io, but it can access an internal mirror registry. This method requires direct access to an internal mirror registry from the cluster.

Prerequisites

You have set up your workstation.
- You have installed Skopeo 1.17 or later
- You have installed Yq 4.4 or later
- You have installed Helm 3.13 or later
- You have an active Skopeo session against registry.redhat.io
- You have an active Skopeo session against your target mirror registry, for example, registry.internal.example.com
- You have access to the Kubernetes cluster with kubectl configured

Procedure

In a terminal, download and extract the Helm chart by running the following commands:

helm repo add _<helm_chart_repo_name>_ https://charts.openshift.io/
helm repo update
helm pull _<helm_chart_repo_name>_/redhat-developer-hub --version _<rhdh_version>_
helm show values _<helm_chart_repo_name>_/redhat-developer-hub --version _<rhdh_version>_ > values.default.yaml

helm repo add _<helm_chart_repo_name>_ https://charts.openshift.io/
helm repo update
helm pull _<helm_chart_repo_name>_/redhat-developer-hub --version _<rhdh_version>_
helm show values _<helm_chart_repo_name>_/redhat-developer-hub --version _<rhdh_version>_ > values.default.yaml

Copy to Clipboard

Toggle word wrap

where

<helm_chart_repo_name>: Specifies the name of the Helm chart repository, for example, openshift-helm-charts.
<rhdh_version>: Specifies the Red Hat Developer Hub version that you want to use, for example, 1.6.5.

Use yq to extract the image digests by running the following commands:

RHDH_IMAGE=$(yq '.upstream.backstage.image | .registry + "/" + .repository' values.default.yaml)
RHDH_DIGEST=$(yq '.upstream.backstage.image.tag' values.default.yaml)
PG_IMAGE=$(yq '.upstream.postgresql.image | .registry + "/" + .repository' values.default.yaml)
PG_DIGEST=$(yq '.upstream.postgresql.image.tag' values.default.yaml)

RHDH_IMAGE=$(yq '.upstream.backstage.image | .registry + "/" + .repository' values.default.yaml)
RHDH_DIGEST=$(yq '.upstream.backstage.image.tag' values.default.yaml)
PG_IMAGE=$(yq '.upstream.postgresql.image | .registry + "/" + .repository' values.default.yaml)
PG_DIGEST=$(yq '.upstream.postgresql.image.tag' values.default.yaml)

Copy to Clipboard

Toggle word wrap

Mirror the images to the internal mirror registry by entering the following commands:

skopeo login registry.redhat.io

skopeo login _<mirror_registry_name>_

skopeo copy --remove-signatures \
  docker://${PG_IMAGE}@${PG_DIGEST} \
  docker://_<mirror_registry_name>_/_<postgresql_repo_name>_:${PG_DIGEST}

skopeo copy --remove-signatures \
  docker://${RHDH_IMAGE}@${RHDH_DIGEST} \
  docker://_<mirror_registry_name>_/_<rhdh_repo_name>_${RHDH_DIGEST}

skopeo login registry.redhat.io

skopeo login _<mirror_registry_name>_

skopeo copy --remove-signatures \
  docker://${PG_IMAGE}@${PG_DIGEST} \
  docker://_<mirror_registry_name>_/_<postgresql_repo_name>_:${PG_DIGEST}

skopeo copy --remove-signatures \
  docker://${RHDH_IMAGE}@${RHDH_DIGEST} \
  docker://_<mirror_registry_name>_/_<rhdh_repo_name>_${RHDH_DIGEST}

Copy to Clipboard

Toggle word wrap

where

<mirror_registry_name>: Specifies the name of the internal mirror registry, for example, registry.internal.example.com.
<postgresql_repo_name>: Specifies the name of the PostgreSQL repository, for example, rhdh/postgresql-15.
<rhdh_repo_name>: Specifies the name of the Red Hat Developer Hub repository, for example, rhdh/rhdh-hub-rhel9.

Create a values.yaml file for the Kubernetes platform that you want to use and add the following image references to the file to reflect local use:

upstream:
  backstage:
    image:
      registry: "_<mirror_registry_name>_"
      repository: _<rhdh_repo_name>_
      tag: "${RHDH_DIGEST}"

  postgresql:
    image:
      registry: "_<mirror_registry_name>_"
      repository: _<postgresql_repo_name>_
      tag: "${PG_DIGEST}"

upstream:
  backstage:
    image:
      registry: "_<mirror_registry_name>_"
      repository: _<rhdh_repo_name>_
      tag: "${RHDH_DIGEST}"

  postgresql:
    image:
      registry: "_<mirror_registry_name>_"
      repository: _<postgresql_repo_name>_
      tag: "${PG_DIGEST}"

Copy to Clipboard

Toggle word wrap

For AKS, use the following values.yaml file template:

global:
  host: <app_address>
route:
  enabled: false
upstream:
  ingress:
    enabled: true
    className: webapprouting.kubernetes.azure.com
    host:
  backstage:
    image:
      pullSecrets:
        - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 3000
  postgresql:
    image:
      pullSecrets:
        - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

global:
  host: <app_address>
route:
  enabled: false
upstream:
  ingress:
    enabled: true
    className: webapprouting.kubernetes.azure.com
    host:
  backstage:
    image:
      pullSecrets:
        - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 3000
  postgresql:
    image:
      pullSecrets:
        - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

Copy to Clipboard

Toggle word wrap

For EKS, use the following values.yaml file template:

global:
  # TODO: Set your application domain name.
  host: <your Developer Hub domain name>

route:
  enabled: false

upstream:
  service:
    # NodePort is required for the ALB to route to the Service
    type: NodePort

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: alb

      alb.ingress.kubernetes.io/scheme: internet-facing

      # TODO: Using an ALB HTTPS Listener requires a certificate for your own domain. Fill in the ARN of your certificate, e.g.:
      alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:xxx:xxxx:certificate/xxxxxx

      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'

      alb.ingress.kubernetes.io/ssl-redirect: '443'

      # TODO: Set your application domain name.
      external-dns.alpha.kubernetes.io/hostname: <your rhdh domain name>

  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      # you can assign any random value as fsGroup
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        # you can assign any random value as fsGroup
        fsGroup: 3000
  volumePermissions:
    enabled: true

global:
  # TODO: Set your application domain name.
  host: <your Developer Hub domain name>

route:
  enabled: false

upstream:
  service:
    # NodePort is required for the ALB to route to the Service
    type: NodePort

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: alb

      alb.ingress.kubernetes.io/scheme: internet-facing

      # TODO: Using an ALB HTTPS Listener requires a certificate for your own domain. Fill in the ARN of your certificate, e.g.:
      alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:xxx:xxxx:certificate/xxxxxx

      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'

      alb.ingress.kubernetes.io/ssl-redirect: '443'

      # TODO: Set your application domain name.
      external-dns.alpha.kubernetes.io/hostname: <your rhdh domain name>

  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      # you can assign any random value as fsGroup
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        # you can assign any random value as fsGroup
        fsGroup: 3000
  volumePermissions:
    enabled: true

Copy to Clipboard

Toggle word wrap

For GKE, use the following values.yaml file template:

global:
  host: <rhdh_domain_name>
route:
  enabled: false
upstream:
  service:
    type: NodePort
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: gce
      kubernetes.io/ingress.global-static-ip-name: <ADDRESS_NAME>
      networking.gke.io/managed-certificates: <rhdh_certificate_name>
      networking.gke.io/v1beta1.FrontendConfig: <ingress_security_config>
    className: gce
  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

global:
  host: <rhdh_domain_name>
route:
  enabled: false
upstream:
  service:
    type: NodePort
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: gce
      kubernetes.io/ingress.global-static-ip-name: <ADDRESS_NAME>
      networking.gke.io/managed-certificates: <rhdh_certificate_name>
      networking.gke.io/v1beta1.FrontendConfig: <ingress_security_config>
    className: gce
  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

Copy to Clipboard

Toggle word wrap

Install the Helm chart in the current namespace by running the following command:
```
helm install rhdh ./_<helm_chart_archive_file_name>_ -f values.yaml
```
```
helm install rhdh ./_<helm_chart_archive_file_name>_ -f values.yaml
```
Copy to Clipboard Toggle word wrap
where
<helm_chart_archive_file_name>
Specifies the name of the Helm chart archive file, for example, redhat-developer-hub-1.6.5.tgz.

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 4. Installing Red Hat Developer Hub on a supported Kubernetes platform in an air-gapped environment with the Helm chart

4.1. Installing Red Hat Developer Hub on a supported Kubernetes platform in a fully disconnected environment with the Helm chart
Copier lien

4.2. Installing Red Hat Developer Hub on a supported Kubernetes platform in a partially disconnected environment with the Helm chart
Copier lien

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Rendre l’open source plus inclusif

À propos de Red Hat

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 4. Installing Red Hat Developer Hub on a supported Kubernetes platform in an air-gapped environment with the Helm chart

4.1. Installing Red Hat Developer Hub on a supported Kubernetes platform in a fully disconnected environment with the Helm chartCopier lienLien copié sur presse-papiers!

4.2. Installing Red Hat Developer Hub on a supported Kubernetes platform in a partially disconnected environment with the Helm chartCopier lienLien copié sur presse-papiers!

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Rendre l’open source plus inclusif

À propos de Red Hat

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

4.1. Installing Red Hat Developer Hub on a supported Kubernetes platform in a fully disconnected environment with the Helm chart
Copier lien

4.2. Installing Red Hat Developer Hub on a supported Kubernetes platform in a partially disconnected environment with the Helm chart
Copier lien