Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 5. Installing Orchestrator plugin in an air-gapped environment with the Operator
You can configure Red Hat Developer Hub (RHDH) with the Orchestrator plugin in a fully disconnected or partially disconnected environment by using the Operator.
You can install Red Hat Developer Hub with Orchestrator plugin in a fully air-gapped environment using the Operator.
A disconnected installation prevents unauthorized access, data transfer, or communication with external sources.
You can use the helper script to install Red Hat Developer Hub by mirroring the Operator-related images to disk and transferring them to your disconnected environment without any connection to the internet.
Prerequisites
- You have mirrored the Red Hat Developer Hub Operator images to the local registry using the RHDH mirroring script. For more information, see Installing Red Hat Developer Hub in a fully disconnected environment with the Operator.
- You have set up your disconnected environment using a local registry.
- You have permissions to push NPM packages to an NPM server available in your restricted network.
-
You have installed the
oc-mirrortool, with a version corresponding to the version of your OpenShift Container Platform cluster.
Procedure
Create an
ImageSetConfigurationfile foroc-mirror. You must include the images and operators required by the Serverless Logic Operator in theImageSetConfigurationfile, asoc-mirrordoes not automatically mirror all images. Use the following example:apiVersion: mirror.openshift.io/v2alpha1 kind: ImageSetConfiguration mirror: additionalimages: - name: registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8:1.36.0 operators: - catalog: registry.redhat.io/redhat/redhat-operator-index:4.19 # For example: registry.redhat.io/redhat/redhat-operator-index:v4.19 packages: - name: logic-operator-rhel8 channels: - name: alpha minVersion: 1.36.0 maxVersion: 1.36.0 - name: serverless-operator channels: - name: stable minVersion: 1.36.0 maxVersion: 1.36.1Alternatively, you can use
podmancommands to find the missing images and add them to theadditionalimageslist if the versions change:IMG=registry.redhat.io/openshift-serverless-1/logic-operator-bundle:1.36 mkdir local-manifests-osl podman create --name temp-container "$IMG" -c "cat /manifests/logic-operator-rhel8.clusterserviceversion.yaml" podman cp temp-container:/manifests ./local-manifests-osl podman rm temp-container yq -r '.data."controllers_cfg.yaml" | from_yaml | .. | select(tag == "!!str") | select(test("^.\\/.:.*$"))' ./local-manifests-osl/manifests/logic-operator-rhel8-controllers-config_v1_configmap.yamlMirror the images in the
ImageSetConfiguration.yamlfile by running theoc-mirrorcommand. For example:oc-mirror --config=ImageSetConfiguration.yaml file:///path/to/mirror-archive --authfile /path/to/authfile --v2NoteThe
oc-mirrorcommand generates a local workspace containing the mirror archive files and the required cluster manifests.-
Transfer the directory specified by
/path/to/mirror-archiveto a bastion host within your disconnected environment. From the bastion host which has access to the mirror registry, mirror the images from the disk directory to your target registry. For example:
oc-mirror --v2 --from <mirror-archive-file> docker://<target-registry-url:port> --workspace file://<workspace folder> --authfile /path/to/authfilewhere:
<mirror-archive-file>-
Enter the name of the transferred
tarfile. <target-registry-url:port>-
Enter your local registry, for example,
registry.localhost:5000.
Apply the cluster-wide resources generated during the push step to redirect all image pulls to your local registry, as shown in the following example:
cd <workspace folder>/working-dir/cluster-resources/ oc apply -f .Download the Node Package Manager (NPM) packages for orchestrator 1.7.1 using any of the following methods:
Download them as
tgzfiles from the following registry:- https://npm.registry.redhat.com/@redhat/backstage-plugin-orchestrator/-/backstage-plugin-orchestrator-1.7.1.tgz
- https://npm.registry.redhat.com/@redhat/backstage-plugin-orchestrator-backend-dynamic/-/backstage-plugin-orchestrator-backend-dynamic-1.7.1.tgz
- https://npm.registry.redhat.com/@redhat/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic/-/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic-1.7.1.tgz
- https://npm.registry.redhat.com/@redhat/backstage-plugin-orchestrator-form-widgets/-/backstage-plugin-orchestrator-form-widgets-1.7.1.tgz
Alternatively, use the NPM packages from Red Hat NPM registry as shown in the following example:
npm pack "@redhat/backstage-plugin-orchestrator@1.7.1" --registry=https://npm.registry.redhat.com npm pack "@redhat/backstage-plugin-orchestrator-backend-dynamic@1.7.1" --registry=https://npm.registry.redhat.com npm pack "@redhat/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic@1.7.1 --registry=https://npm.registry.redhat.com npm pack "@redhat/backstage-plugin-orchestrator-form-widgets@1.7.1" --registry=https://npm.registry.redhat.com
Push the NPM packages you have downloaded to your NPM server, as shown in the following example:
npm publish backstage-plugin-orchestrator-1.7.1.tgz npm publish backstage-plugin-orchestrator-backend-dynamic-1.7.1.tgz npm publish backstage-plugin-orchestrator-form-widgets-1.7.1.tgz npm publish backstage-plugin-scaffolder-backend-module-orchestrator-dynamic-1.7.1.tgz-
Install the OpenShift Serverless Operator and OpenShift Serverless Logic Operators using
OperatorHub. - Create a Backstage custom resource (CR).
Configure the Backstage CR for the Orchestrator as described in the Orchestrator plugin dependencies for Operator installation.
Create all the resources and configure the Backstage instance accordingly. See Configuring a custom NPM registry for instructions on how to point RHDH towards the custom NPM registry.
Verification
- Restart the RHDH pod and wait for the components to deploy properly.
- Once stable, go to the RHDH UI, and confirm that the Orchestrator UI is accessible and functioning correctly.
The successful accessibility of the Orchestrator UI confirms that the underlying components are running and the cluster recognizes the plugin.
You can install Red Hat Developer Hub with Orchestrator plugin in a partial air-gapped environment using the Operator.
A disconnected installation prevents unauthorized access, data transfer, or communication with external sources.
You can use the oc-mirror command to mirror resources directly to your accessible local mirror registry and apply the generated cluster resources.
Prerequisites
- You have mirrored the Red Hat Developer Hub Operator images to the local registry using the RHDH mirroring script. For more information, see Installing Red Hat Developer Hub in a partially disconnected environment with the Operator.
- You have set up your disconnected environment using a local registry.
- You have permissions to push NPM packages to an NPM server available in your restricted network.
-
You have installed the
oc-mirrortool, with a version corresponding to the version of your OpenShift Container Platform cluster.
Procedure
Create an
ImageSetConfigurationfile foroc-mirror. You must include the images and operators required by the Serverless Logic Operator in theImageSetConfigurationfile, asoc-mirrordoes not automatically mirror all images. Use the following example:apiVersion: mirror.openshift.io/v2alpha1 kind: ImageSetConfiguration mirror: additionalimages: - name: registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-db-migrator-tool-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8:1.36.0 - name: registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8:1.36.0 operators: - catalog: registry.redhat.io/redhat/redhat-operator-index:4.19 # For example: registry.redhat.io/redhat/redhat-operator-index:v4.19 packages: - name: logic-operator-rhel8 channels: - name: alpha minVersion: 1.36.0 maxVersion: 1.36.0 - name: serverless-operator channels: - name: stable minVersion: 1.36.0 maxVersion: 1.36.1Alternatively, you can use the
podmancommands to find the missing images and add them to theadditionalimageslist if the versions change:IMG=registry.redhat.io/openshift-serverless-1/logic-operator-bundle:1.36.0-8 mkdir local-manifests-osl podman create --name temp-container "$IMG" -c "cat /manifests/logic-operator-rhel8.clusterserviceversion.yaml" podman cp temp-container:/manifests ./local-manifests-osl podman rm temp-container yq -r '.data."controllers_cfg.yaml" | from_yaml | .. | select(tag == "!!str") | select(test("^.\\/.:.*$"))' ./local-manifests-osl/manifests/logic-operator-rhel8-controllers-config_v1_configmap.yamlMirror the images in the
ImageSetConfiguration.yamlfile by running theoc-mirrorcommand. For example:oc-mirror --config=imagesetconfiguration.yaml docker://<registry URL:port> --workspace file://<workspace folder> --authfile /path/to/authfile --v2 cd <workspace folder>/working-dir/cluster-resources/ oc apply -f .Download the Node Package Manager (NPM) packages for orchestrator 1.7.1 using any of the following methods:
Download them as
tgzfiles from the following registry:- https://npm.registry.redhat.com/@redhat/backstage-plugin-orchestrator/-/backstage-plugin-orchestrator-1.7.1.tgz
- https://npm.registry.redhat.com/@redhat/backstage-plugin-orchestrator-backend-dynamic/-/backstage-plugin-orchestrator-backend-dynamic-1.7.1.tgz
- https://npm.registry.redhat.com/@redhat/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic/-/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic-1.7.1.tgz
- https://npm.registry.redhat.com/@redhat/backstage-plugin-orchestrator-form-widgets/-/backstage-plugin-orchestrator-form-widgets-1.7.1.tgz
Alternatively, use the NPM packages from Red Hat NPM registry as shown in the following example:
npm pack "@redhat/backstage-plugin-orchestrator@1.7.1" --registry=https://npm.registry.redhat.com npm pack "@redhat/backstage-plugin-orchestrator-backend-dynamic@1.7.1" --registry=https://npm.registry.redhat.com npm pack "@redhat/backstage-plugin-scaffolder-backend-module-orchestrator-dynamic@1.7.1 --registry=https://npm.registry.redhat.com npm pack "@redhat/backstage-plugin-orchestrator-form-widgets@1.7.1" --registry=https://npm.registry.redhat.com
Push the NPM packages you have downloaded to your NPM server, as shown in the following example:
npm publish backstage-plugin-orchestrator-1.7.1.tgz npm publish backstage-plugin-orchestrator-backend-dynamic-1.7.1.tgz npm publish backstage-plugin-orchestrator-form-widgets-1.7.1.tgz npm publish backstage-plugin-scaffolder-backend-module-orchestrator-dynamic-1.7.1.tgz-
Install the OpenShift Serverless Operator and OpenShift Serverless Logic Operators using
OperatorHub. - Create a Backstage custom resource (CR).
Configure the Backstage CR for the Orchestrator as described in the Orchestrator plugin dependencies for Operator installation.
Create all the resources and configure the Backstage instance accordingly. See Configuring a custom NPM registry for instructions on how to point RHDH towards the custom NPM registry.
Verification
- Restart the RHDH pod and wait for the components to deploy properly.
- Once stable, go to the RHDH UI, and confirm that the Orchestrator UI is accessible and functioning correctly.
The successful accessibility of the Orchestrator UI confirms that the underlying components are running and the cluster recognizes the plugin.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}