Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 3. Installing Fuse on Openshift in a restricted environment

To install Fuse on OpenShift imagestreams and templates, we use registry.redhat.io to pull images from the Red Hat Container registry. In a production environment which has no or limited internet access, it is impossible to use Red Hat Container Registry. This section explains how to install Fuse on OpenShift in a restricted environment.

Prerequisites

  • You have installed and configured OpenShift server so that it can run in a restricted environment.

3.1. Setting up internal Docker registry
Copia collegamento

This section explains how to set up internal docker registry which can be used to push or pull images. You must configure an internal docker registry where you can pull or push images.

Procedure

  1. Install internal ROOT CA. 

    cd /etc/pki/ca-trust/source/anchors
sudo curl -O https://password.corp.redhat.com/RH-IT-Root-CA.crt
sudo update-ca-trust extract
sudo update-ca-trust update
    Copy to Clipboard Toggle word wrap

    This certificate allows the system to authenticate itself to the registry.

  2. Login to Red Hat Container Registry. 

    docker login -u USERNAME -p PASSWORD registry.redhat.io
    Copy to Clipboard Toggle word wrap

  3. Pull the Fuse on OpenShift images from registry.redhat.io. 

    docker pull registry.redhat.io/fuse7/fuse-java-openshift:1.7
docker pull registry.redhat.io/fuse7/fuse-karaf-openshift:1.7
docker pull registry.redhat.io/fuse7/fuse7-fuse-console:1.7
docker pull registry.redhat.io/fuse7/fuse7-fuse-apicurito:1.7
docker pull registry.redhat.io/fuse7/fuse7-fuse-apicurito-generator:1.7
    Copy to Clipboard Toggle word wrap

  4. Tag the pulled imagestreams. 

    docker tag registry.redhat.io/fuse7/fuse-java-openshift:1.7 docker-registry.upshift.redhat.com/fuse7/fuse-java-openshift:1.7
docker tag registry.redhat.io/fuse7/fuse-karaf-openshift:1.7 docker-registry.upshift.redhat.com/fuse-karaf-openshift:1.7
docker tag registry.redhat.io/fuse7/fuse7-fuse-console:1.7 docker-registry.upshift.redhat.com/fuse7-fuse-console:1.7
docker tag registry.redhat.io/fuse7/fuse7-fuse-apicurito:1.7 docker-registry.upshift.redhat.com/fuse7-fuse-apicurito:1.7
docker tag registry.redhat.io/fuse7/fuse7-fuse-apicurito-generator:1.7 docker-registry.upshift.redhat.com/fuse7-fuse-apicurito-generator:1.7
    Copy to Clipboard Toggle word wrap

  5. Push the tagged imagestreams to the internal docker registry. 

    docker push docker-registry.upshift.redhat.com/fuse7/fuse-java-openshift:1.7
docker push docker-registry.upshift.redhat.com/fuse-karaf-openshift:1.7
docker push docker-registry.upshift.redhat.com/fuse7-fuse-console:1.7
docker push docker-registry.upshift.redhat.com/fuse7-fuse-apicurito:1.7
docker push docker-registry.upshift.redhat.com/fuse7-fuse-apicurito-generator:1.7
    Copy to Clipboard Toggle word wrap

3.2. Configuring internal registry secrets
Copia collegamento

After setting up the restricted docker registry and pushing all the images, it is necessary to configure the restricted OpenShift server so that it can communicate with the internal registry.

Procedure

  1. Log in to the OpenShift Server as an administrator. 

    oc login -u system:admin
    Copy to Clipboard Toggle word wrap

  2. Create a docker-registry secret using either your Red Hat Customer Portal account or your Red Hat Developer Program account credentials. Replace <pull_secret_name> with the name of the secret that you wish to create. 

    oc create secret docker-registry psi-internal-registry <pull_secret_name> \
--docker-server=docker-registry.upshift.redhat.com \
--docker-username=CUSTOMER_PORTAL_USERNAME \
--docker-password=CUSTOMER_PORTAL_PASSWORD \
--docker-email=EMAIL_ADDRESS
    Copy to Clipboard Toggle word wrap

  3. To use the secret for pulling images for pods, add the secret to your service account. The name of the service account must match the name of the service account pod uses. 

    oc secrets add serviceaccount/builder secrets/psi-internal-registry
oc secrets add serviceaccount/default secrets/psi-internal-registry --for=pull
oc secrets add serviceaccount/builder secrets/psi-internal-registry
    Copy to Clipboard Toggle word wrap

  4. To use the secret for pushing and pulling build images, the secret must be mountable inside of a pod. To mount the secret, use following command. 

    oc secrets link default psi-internal-registry
oc secrets link default psi-internal-registry --for=pull
oc secrets link builder psi-internal-registry
    Copy to Clipboard Toggle word wrap

3.3. Installing Fuse on OpenShift images in a restricted environment
Copia collegamento

The fis-image-streams.json file contains the imageStream definitions for Red Hat Fuse on OpenShift. But, all the imagestreams refer to registry.redhat.io. You must change all the registry.redhat.io references to the psi-internal-registry URL.

Procedure

  1. Download Red Hat Fuse on OpenShift imagestream json file. 

    curl -o fis-image-streams.json {BASEURL}
    Copy to Clipboard Toggle word wrap

  2. Open the fis-image-streams.json file and locate all the references to registry.redhat.io. For example, 

    {
"name": "1.7",
"annotations": {
"description": "Red Hat Fuse 7.7 Karaf S2I images.",
"openshift.io/display-name": "Red Hat Fuse 7.7 Karaf",
"iconClass": "icon-rh-integration",
"tags": "builder,jboss-fuse,java,karaf,xpaas,hidden",
"supports":"jboss-fuse:7.7.0,java:8,xpaas:1.2",
"version": "1.7"
},
"referencePolicy": {
"type": "Local"
},
"from": {
"kind": "DockerImage",
"name": "registry.redhat.io/fuse7/fuse-karaf-openshift:1.7"
}
},
    Copy to Clipboard Toggle word wrap

  3. Replace all the registry.redhat.io references in the file with psi-internal-registry name. For example, 

    {
"name": "1.7",
"annotations": {
"description": "Red Hat Fuse 7.7 Karaf S2I images.",
"openshift.io/display-name": "Red Hat Fuse 7.7 Karaf",
"iconClass": "icon-rh-integration",
"tags": "builder,jboss-fuse,java,karaf,xpaas,hidden",
"supports":"jboss-fuse:7.7.0,java:8,xpaas:1.2",
"version": "1.7"
},
"referencePolicy": {
"type": "Local"
},
"from": {
"kind": "DockerImage",
"name": "docker-registry.upshift.redhat.com/fuse7/fuse-karaf-openshift:1.7"
}
},
    Copy to Clipboard Toggle word wrap

  4. Once all the references are replaced, run the following command to install Fuse on OpenShift imagestreams: 

    oc create -f fis-image-streams.json -n {namespace}
    Copy to Clipboard Toggle word wrap

3.4. Using an internal Maven repository
Copia collegamento

In a restricted environment, you need to use a different Maven Repository. You can specify it using a template parameter named MAVEN_MIRROR_URL. You can use this MAVEN_MIRROR_URL parameter to create a new application from command line.

3.4.1. Running a Spring Boot application with MAVEN_MIRROR_URL
Copia collegamento

This example explains how to deploy and run a Spring Boot Application using MAVEN_MIRROR_URL.

Procedure

  1. Download the Spring Boot Camel XML quickstart. 

    oc create -f {BASEURL}/quickstarts/spring-boot-camel-xml-template.json
    Copy to Clipboard Toggle word wrap

  2. Enter the following command to create the resources required for running the Spring Boot quickstart template using the MAVEN_MIRROR_URL parameter. This will create a deployment config and build config for the quickstart. The information about the default parameters of the quickstart and the resources created is displayed on the terminal. 

    oc new-app s2i-fuse77-spring-boot-camel-xml -n {namespace} -p IMAGE_STREAM_NAMESPACE={namespace} -p MAVEN_MIRROR_URL={Maven mirror URL}
    Copy to Clipboard Toggle word wrap

3.4.2. Running a Spring Boot application with Fabric8 Maven plugin
Copia collegamento

This example explains how to deploy and run a Spring Boot application with Fabric8 Maven plugin using internal Maven repository.

Procedure

  1. To run the quickstart with Fabric8 Maven plugin, download the Spring Boot 2 camel archetype from local repository and then deploy the quickstart. Replace {Maven Mirror URL} with the Maven mirror repository URL. 

    mvn org.apache.maven.plugins:maven-archetype-plugin:2.4:generate \
  -DarchetypeCatalog={Maven Mirror URL}/archetypes/archetypes-catalog/2.2.0.fuse-sb2-770011-redhat-00001/archetypes-catalog-2.2.0.fuse-sb2-770011-redhat-00001-archetype-catalog.xml \
  -DarchetypeGroupId=org.jboss.fuse.fis.archetypes \
  -DarchetypeArtifactId=spring-boot-camel-xml-archetype
  -DarchetypeVersion=2.2.0.fuse-sb2-770011-redhat-00001
    Copy to Clipboard Toggle word wrap

  2. The archetype plug-in switches to interactive mode to prompt you for the remaining fields. 

    Define value for property 'groupId': : org.example.fis
Define value for property 'artifactId': : fuse77-spring-boot2
Define value for property 'version':  1.0-SNAPSHOT: :
Define value for property 'package':  org.example.fis: :
Confirm properties configuration:
groupId: org.example.fis
artifactId: fuse77-spring-boot
version: 1.0-SNAPSHOT
package: org.example.fis
 Y: : Y
    Copy to Clipboard Toggle word wrap
  3. If the above command exited with the BUILD SUCCESS status, you should now have a new Fuse on OpenShift project under the fuse77-spring-boot2 subdirectory.

  4. You are now ready to build and deploy the fuse77-spring-boot2 project. Assuming you are still logged into OpenShift, change to the directory of the fuse77-spring-boot2 project, and then build and deploy the project, as follows. 

    cd fuse77-spring-boot2
mvn fabric8:deploy -Popenshift
    Copy to Clipboard Toggle word wrap
Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat