이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 4. Installing the Red Hat Integration - AMQ Interconnect Operator in a restricted environment


In a production environment which has no or limited internet access, installing the Red Hat Integration - AMQ Interconnect Operator as described in Chapter 3, Adding the Red Hat Integration - AMQ Interconnect Operator is not possible. This section explains how to install Red Hat Integration - AMQ Interconnect Operator in a restricted environment by mirroring the required components to the cluster.

Prerequisites

  • A OpenShift Container Platform cluster version 4.6, 4.7, 4.8, 4.9 or 4.10
  • A RHEL machine with:

    • podman version 1.9.3 or later
    • The opm CLI as described in the OpenShift documentation
    • The oc CLI version 4.9.9 or later
  • Network access

    • network access to the Red Hat Container Registry
    • network access to the OpenShift Container Platform cluster
Note

You only need access to the Red Hat Container Registry while mirroring. You do not need simultaneous access to the Red Hat Container Registry and the OpenShift Container Platform cluster.

The steps required are described in the following sections:

4.1. Setting up the OpenShift Container Platform cluster

Complete the following steps on the OpenShift Container Platform cluster to prepare for the mirroring process:

  1. Log into the cluster as cluster-admin.
  2. Disable the sources for the default catalogs using either the CLI or the OpenShift console:

    1. For the CLI, set disableAllDefaultSources: true for OperatorHub:

      $ oc patch OperatorHub cluster --type json \
      -p '[{"op": "add", "path": "/spec/disableAllDefaultSources", "value": true}]'
    2. For the OpenShift console, navigate to Administration Cluster Settings Configuration OperatorHub.

      On the OperatorHub page, click the Sources tab, and disable the sources.

4.2. Creating the AMQ Interconnect images on a RHEL machine

Complete the following steps on the RHEL machine to prepare for the mirroring process:

Prerequisites

  • Access to registry.redhat.io

    1. Login to registry.redhat.io from the RHEL machine.

      $ podman login -u USERNAME -p PASSWORD registry.redhat.io
    2. Keep only the Interconnect Operator in the list of operators:

      $ opm index prune -f registry.redhat.io/redhat/redhat-operator-index:v<openshift-version> -p amq7-interconnect-operator -t <cluster-domain>:<registry-port>/iib:my-operator-iib

      where

      • <openshift-version> is the version of OpenShift Container Platform, for example, 4.9.
      • <cluster-domain> is the domain name for the OpenShift Container Platform cluster, for example, mycluster.example.com.
      • <registry-port> is the port number used by the registry in the OpenShift Container Platform cluster, the default being 5000.

      Verify that you have only created a podman image of the Interconnect Operator:

      $ podman images | grep my-operator-iib <cluster-domain>:<registry-port>/iib
      
      my-operator-iib  39b6148e6981  3 days ago     138 MB

4.3. Pushing images to the OpenShift Container Platform cluster

Prerequisites

  • Access from the RHEL machine to the OpenShift Container Platform cluster.

    1. From the RHEL machine, push the image to the cluster registry :

      $ podman push <cluster-domain>:<registry-port>/iib:my-operator-iib
    2. Create the three files required for the mirroring process :

      $ /usr/local/bin/oc adm catalog mirror  \
        <cluster-domain>:<registry-port>/iib:my-operator-iib \
        <cluster-domain>:<registry-port> \
        -a /home/customer-user/.docker/config.json \
        --insecure=true \
        --registry-config /home/customer-user/.docker/config.json \
        --index-filter-by-os=linux/amd64 \
        --manifests-only
    3. Make sure that the following files exist:

      • catalogSource.yaml - A YAML file describing the catalogSource.
      • imageContentSourcePolicy.yaml - A YAML file that maps the images in the internal registry with the addresses from RedHat registries.
      • mapping.txt- A text file that drives the mirroring process of the images to the internal registry.
    4. Edit mapping.txt to list only the images you want to mirror.

      The file has the following format:

      [ Operator address on RedHat registry : Operator SHA ] = [ Operator address on internal mirror registry : tag ]

      Example of a mapping.txt file :

      registry.redhat.io/amq7/amq-interconnect@sha256:6101cc735e4d19cd67c6d80895c425ecf6f1d2604d88f999fa0cae57a7d6abaf=<cluster-domain>:<registry-port>/amq7-amq-interconnect:f793b0cc
      registry.redhat.io/amq7/amq-interconnect-operator@sha256:8dd53290c909589590b88a1544d854b4ad9f8b4a639189597c0a59579bc60c40=<cluster-domain>:<registry-port>/amq7-amq-interconnect-operator:73c142ff
      registry.redhat.io/amq7/amq-interconnect-operator-metadata@sha256:799ce48905d5d2a91b42e2a7943ce9b756aa9da80f6924be06b2a6275ac90214=<cluster-domain>:<registry-port>/amq7-amq-interconnect-operator-metadata:14cc4a4e
    5. Mirror the required images

      $ /usr/local/bin/oc image mirror \
        -f mapping-ic.yaml \
        -a /home/customer-user/.docker/config.json \
        --insecure=true \
        --registry-config /home/customer-user/.docker/config.json \
        --keep-manifest-list=true
    6. Configure the ImageContentSourcePolicy (ICSP) name:

      Set the field 'name' in the file imageContentSourcePolicy.yaml, for example, my-operator-icsp

      Example of a ICSP snippet :

      ---
      apiVersion: operator.openshift.io/v1alpha1
      kind: ImageContentSourcePolicy
      metadata:
          labels:
              operators.openshift.org/catalog: "true"
          name: my-operator-icsp
      spec:
          repositoryDigestMirrors:
          - mirrors:
              - <cluster-domain>:<registry-port>/amq7-amq-interconnect-operator
              source: registry.redhat.io/amq7/amq-interconnect-operator
    7. Apply the policy (ICSP) file :

      $ /usr/local/bin/oc create -f imageContentSourcePolicy.yaml

      After you apply this file, all cluster nodes are reset automatically. You can check the nodes status using oc get nodes or in the OpenShift console by navigating to Compute Nodes.

      Note

      Make sure all nodes are in Ready state before you continue.

    8. Configure the catalogSource name :

      Set the field name in the catalogSource.yaml file, for example, my-operator-catalog

      Example of a catalogSource.yaml file:

      apiVersion: operators.coreos.com/v1alpha1
      kind: CatalogSource
      metadata:
        name: iib
        namespace: openshift-marketplace
      spec:
        image: <cluster-domain>:<registry-port>/iib:my-operator-iib
        sourceType: grpc
    9. Apply the catalog source configuration to complete the installation of the Red Hat Integration - AMQ Interconnect Operator:

      $ /usr/local/bin/oc apply -f catalogSource.yaml
    10. Make sure the installation is working by deploying a router as described in Section 5.1, “Creating an interior router deployment”
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.