AWS Air-gapped FIPS: Load the Registry
After you create an image for your air-gapped environment, you will need to load it into your registry.
Load Images into your Registry
Before creating an air-gapped Kubernetes cluster, you need to load the required images in a local registry. This registry must be accessible from both the bastion machine and either the AWS EC2 instances (if deploying to AWS) or other machines that will be created for the Kubernetes cluster.
If you do not already have a local registry set up, please refer to Local Registry Tools page for more information.
Download
dkp-air-gapped-bundle_v2.6.2_linux_amd64.tar.gz
, and extract the tarball to a local directory:CODEtar -xzvf dkp-air-gapped-bundle_v2.6.2_linux_amd64.tar.gz && cd dkp-v2.6.2
Set an environment variable with your registry address using this command:
CODEexport REGISTRY_ADDRESS=<registry-address>:<registry-port> export REGISTRY_USERNAME=<username> export REGISTRY_PASSWORD=<password>
Execute the following command to load the air-gapped image bundle into your private registry:
CODEdkp push bundle --bundle ./container-images/konvoy-image-bundle-v2.6.2.tar --to-registry $REGISTRY_ADDRESS --to-registry-username $REGISTRY_USERNAME --to-registry-password $REGISTRY_PASSWORD
NOTE: To use ECR, set an environment variable with your registry address for ECR:
CODEexport REGISTRY_URL=<ecr-registry-URI>
REGISTRY_URL
: the address of an existing local registry accessible in the VPC that the new cluster nodes will be configured to use a mirror registry when pulling images.The environment where you are running the
dkp push
command must be authenticated with AWS in order to load your images into ECR.
It may take some time to push all the images to your image registry, depending on the performance of the network between the machine you are running the script on and the registry.
Kommander Load Images
If you are operating in an air-gapped environment, a local container registry containing all the necessary installation images, including the Kommander images is required. See below for how to push the necessary images to this registry.
Load Images to your Private Registry - Kommander
Load Kommander images to your Private Registry
For the air-gapped kommander
image bundle, run the command below:
Run the following command to load the image bundle:
dkp push bundle --bundle ./container-images/kommander-image-bundle-v2.6.2.tar --to-registry $REGISTRY_ADDRESS
Load Images to your Private Registry - DKP Catalog Applications
Optional: This step is required only if you have an Enterprise license.
For DKP Catalog Applications, also perform this image load:
Run the following command to load the dkp-catalog-applications
image bundle into your private registry:
dkp push bundle --bundle ./container-images/dkp-catalog-applications-image-bundle-v2.6.2.tar --to-registry $REGISTRY_ADDRESS