Red Hat Summit Red Hat Summit지원콘솔개발자평가판 시작연락처

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 4. Installing Red Hat Developer Hub on a supported Kubernetes platform in an air-gapped environment with the Helm chart

If you are using a supported Kubernetes platform in a fully disconnected or partially disconnected environment, you can install Red Hat Developer Hub by using the Helm chart. Supported Kubernetes platforms include the following:

  • Microsoft Azure Kubernetes Service
  • Amazon Elastic Kubernetes Service
  • Google Kubernetes Engine

In environments without internet access, a fully disconnected installation ensures that Red Hat Developer Hub can run reliably without external dependencies. This approach involves mirroring images and transferring them manually to the air-gapped environment.

Prerequisites

  • You have installed Skopeo 1.17 or later
  • You have installed Yq 4.4 or later
  • You authenticated to registry.redhat.io for pulling images by using the skopeo login command.
  • You have access to the Kubernetes cluster with kubectl configured
  • You have installed Helm 3.13 or later on the air-gapped host

Procedure

  1. On the mirroring host, in a terminal, fetch the Helm charts values by running the following commands: 

    helm repo add <helm_chart_repo_name> https://charts.openshift.io/
helm repo update
helm show values <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version>  values.default.yaml
helm pull <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version>

    where

    <helm_chart_repo_name>
    Specifies the name of the Helm chart repository, for example, openshift-helm-charts.
    <rhdh_version>

    Specifies the Red Hat Developer Hub version that you want to use, for example, 1.6.5.

    Note

    The helm pull <helm_chart_repo_name>/redhat-developer-hub --version <rhdh_version> command automatically creates the Helm chart archive file and downloads the Helm chart to your current working directory.

  2. Extract the image digests by running the following commands: 

    RHDH_IMAGE=$(yq '.upstream.backstage.image | .registry + "/" + .repository' values.default.yaml)
RHDH_DIGEST=$(yq '.upstream.backstage.image.tag' values.default.yaml)
PG_IMAGE=$(yq '.upstream.postgresql.image | .registry + "/" + .repository' values.default.yaml)
PG_DIGEST=$(yq '.upstream.postgresql.image.tag' values.default.yaml)

  3. Mirror the images to your local archive by running the following commands: 

    skopeo login registry.redhat.io
skopeo copy --all docker://${RHDH_IMAGE}:${RHDH_DIGEST} dir:./rhdh-hub
skopeo copy --all docker://${PG_IMAGE}:${PG_DIGEST} dir:./postgresql

  4. Transfer the following files and directories to your air-gapped environment:

    • rhdh-hub
    • postgresql
    • Helm chart archive file, for example, redhat-developer-hub-1.6.5.tgz

  5. Load the images onto the air-gapped host by running the following commands: 

    skopeo copy --all dir:./rhdh-hub docker://<mirror_registry_name>/<rhdh_repo_name>:${RHDH_DIGEST}

skopeo copy --all dir:./postgresql docker://<mirror_registry_name>/<postgresql_repo_name>:${PG_DIGEST}

    where

    <mirror_registry_name>
    Specifies the name of the target mirror registry that you want to push the images to, for example, registry.example.com.
    <rhdh_repo_name>
    Specifies the name of the repository where your Red Hat Developer Hub image is stored, for example, rhdh/rhdh-hub-rhel9. This value must match the name of the Red Hat Developer Hub image that you loaded onto the air-gapped host.
    <postgresql_repo_name>
    Specifies the name of the repository where your PostgreSQL image is stored, for example, rhdh/postgresql-15.

  6. Create a values.yaml file for the Kubernetes platform that you want to use and add the following image references to the file to reflect local use: 

    upstream:
  backstage:
    image:
      registry: "<mirror_registry_name>"
      repository: <rhdh_repo_name>
      tag: "${RHDH_DIGEST}"

  postgresql:
    image:
      registry: "<mirror_registry_name>"
      repository: <postgresql_repo_name>
      tag: "${PG_DIGEST}"

    where

    <mirror_registry_name>
    Specifies the name of the target mirror registry that you want to push the images to, for example, registry.example.com.
    <rhdh_repo_name>
    Specifies the name of the repository where your Red Hat Developer Hub image is stored, for example, rhdh/rhdh-hub-rhel9. This value must match the name of the Red Hat Developer Hub image that you loaded onto the air-gapped host.
    <postgresql_repo_name>

    Specifies the name of the repository where your PostgreSQL image is stored, for example, rhdh/postgresql-15.

    • For AKS, use the following values.yaml file template: 

      global:
  host: <app_address>
route:
  enabled: false
upstream:
  ingress:
    enabled: true
    className: webapprouting.kubernetes.azure.com
    host:
  backstage:
    image:
      pullSecrets:
        - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 3000
  postgresql:
    image:
      pullSecrets:
        - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

    • For EKS, use the following values.yaml file template: 

      global:
  # TODO: Set your application domain name.
  host: <your Developer Hub domain name>

route:
  enabled: false

upstream:
  service:
    # NodePort is required for the ALB to route to the Service
    type: NodePort

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: alb

      alb.ingress.kubernetes.io/scheme: internet-facing

      # TODO: Using an ALB HTTPS Listener requires a certificate for your own domain. Fill in the ARN of your certificate, e.g.:
      alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:xxx:xxxx:certificate/xxxxxx

      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'

      alb.ingress.kubernetes.io/ssl-redirect: '443'

      # TODO: Set your application domain name.
      external-dns.alpha.kubernetes.io/hostname: <your rhdh domain name>

  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      # you can assign any random value as fsGroup
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        # you can assign any random value as fsGroup
        fsGroup: 3000
  volumePermissions:
    enabled: true

    • For GKE, use the following values.yaml file template: 

      global:
  host: <rhdh_domain_name>
route:
  enabled: false
upstream:
  service:
    type: NodePort
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: gce
      kubernetes.io/ingress.global-static-ip-name: <ADDRESS_NAME>
      networking.gke.io/managed-certificates: <rhdh_certificate_name>
      networking.gke.io/v1beta1.FrontendConfig: <ingress_security_config>
    className: gce
  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

  7. Install the Helm chart in the current namespace by running the following command: 

    helm install rhdh ./<helm_chart_archive_file_name> -f values.yaml

    where

    <helm_chart_archive_file_name>
    Specifies the name of the Helm chart archive file, for example, redhat-developer-hub-1.4.0.tgz.

In a partially disconnected environment, the cluster cannot access external registries, for example, registry.redhat.io, but it can access an internal mirror registry. This method requires direct access to an internal mirror registry from the cluster.

Prerequisites

  • You have set up your workstation.

    • You have installed Skopeo 1.17 or later
    • You have installed Yq 4.4 or later
    • You have installed Helm 3.13 or later
    • You have an active Skopeo session against registry.redhat.io
    • You have an active Skopeo session against your target mirror registry, for example, registry.internal.example.com
    • You have access to the Kubernetes cluster with kubectl configured

Procedure

  1. In a terminal, download and extract the Helm chart by running the following commands: 

    helm repo add _<helm_chart_repo_name>_ https://charts.openshift.io/
helm repo update
helm pull _<helm_chart_repo_name>_/redhat-developer-hub --version _<rhdh_version>_
helm show values _<helm_chart_repo_name>_/redhat-developer-hub --version _<rhdh_version>_ > values.default.yaml

    where

    <helm_chart_repo_name>
    Specifies the name of the Helm chart repository, for example, openshift-helm-charts.
    <rhdh_version>
    Specifies the Red Hat Developer Hub version that you want to use, for example, 1.6.5.

  2. Use yq to extract the image digests by running the following commands: 

    RHDH_IMAGE=$(yq '.upstream.backstage.image | .registry + "/" + .repository' values.default.yaml)
RHDH_DIGEST=$(yq '.upstream.backstage.image.tag' values.default.yaml)
PG_IMAGE=$(yq '.upstream.postgresql.image | .registry + "/" + .repository' values.default.yaml)
PG_DIGEST=$(yq '.upstream.postgresql.image.tag' values.default.yaml)

  3. Mirror the images to the internal mirror registry by entering the following commands: 

    skopeo login registry.redhat.io

skopeo login _<mirror_registry_name>_

skopeo copy --remove-signatures \
  docker://${PG_IMAGE}@${PG_DIGEST} \
  docker://_<mirror_registry_name>_/_<postgresql_repo_name>_:${PG_DIGEST}

skopeo copy --remove-signatures \
  docker://${RHDH_IMAGE}@${RHDH_DIGEST} \
  docker://_<mirror_registry_name>_/_<rhdh_repo_name>_${RHDH_DIGEST}

    where

    <mirror_registry_name>
    Specifies the name of the internal mirror registry, for example, registry.internal.example.com.
    <postgresql_repo_name>
    Specifies the name of the PostgreSQL repository, for example, rhdh/postgresql-15.
    <rhdh_repo_name>
    Specifies the name of the Red Hat Developer Hub repository, for example, rhdh/rhdh-hub-rhel9.

  4. Create a values.yaml file for the Kubernetes platform that you want to use and add the following image references to the file to reflect local use: 

    upstream:
  backstage:
    image:
      registry: "_<mirror_registry_name>_"
      repository: _<rhdh_repo_name>_
      tag: "${RHDH_DIGEST}"

  postgresql:
    image:
      registry: "_<mirror_registry_name>_"
      repository: _<postgresql_repo_name>_
      tag: "${PG_DIGEST}"

    • For AKS, use the following values.yaml file template: 

      global:
  host: <app_address>
route:
  enabled: false
upstream:
  ingress:
    enabled: true
    className: webapprouting.kubernetes.azure.com
    host:
  backstage:
    image:
      pullSecrets:
        - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 3000
  postgresql:
    image:
      pullSecrets:
        - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

    • For EKS, use the following values.yaml file template: 

      global:
  # TODO: Set your application domain name.
  host: <your Developer Hub domain name>

route:
  enabled: false

upstream:
  service:
    # NodePort is required for the ALB to route to the Service
    type: NodePort

  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: alb

      alb.ingress.kubernetes.io/scheme: internet-facing

      # TODO: Using an ALB HTTPS Listener requires a certificate for your own domain. Fill in the ARN of your certificate, e.g.:
      alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:xxx:xxxx:certificate/xxxxxx

      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'

      alb.ingress.kubernetes.io/ssl-redirect: '443'

      # TODO: Set your application domain name.
      external-dns.alpha.kubernetes.io/hostname: <your rhdh domain name>

  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      # you can assign any random value as fsGroup
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        # you can assign any random value as fsGroup
        fsGroup: 3000
  volumePermissions:
    enabled: true

    • For GKE, use the following values.yaml file template: 

      global:
  host: <rhdh_domain_name>
route:
  enabled: false
upstream:
  service:
    type: NodePort
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: gce
      kubernetes.io/ingress.global-static-ip-name: <ADDRESS_NAME>
      networking.gke.io/managed-certificates: <rhdh_certificate_name>
      networking.gke.io/v1beta1.FrontendConfig: <ingress_security_config>
    className: gce
  backstage:
    image:
      pullSecrets:
      - rhdh-pull-secret
    podSecurityContext:
      fsGroup: 2000
  postgresql:
    image:
      pullSecrets:
      - rhdh-pull-secret
    primary:
      podSecurityContext:
        enabled: true
        fsGroup: 3000
  volumePermissions:
    enabled: true

  5. Install the Helm chart in the current namespace by running the following command: 

    helm install rhdh ./_<helm_chart_archive_file_name>_ -f values.yaml

    where

    <helm_chart_archive_file_name>
    Specifies the name of the Helm chart archive file, for example, redhat-developer-hub-1.6.5.tgz.
Red Hat logoGithubredditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다. 최신 업데이트를 확인하세요.

Legal Notice

Theme

© 2026 Red Hat맨 위로 이동