Deploy and scan ITRS Docker images before installing

If you are planning to use an air-gapped BYO installation, you can push images from the ITRS Docker registry (docker.itrsgroup.com) to your private registry without having to install anything yet. To deploy ITRS Docker images for scanning before you proceed with installation, run the following commands.

Note

The airgap bundle should have been previously provided to you. Contact your ITRS representative if you do not have the required information.

KOTS airgap images Copied

Run the following command to extract KOTS admin console images from the airgap bundle, upload them to your private registry using the provided credentials, and store them in the specified namespace.

kubectl kots admin-console push-images ./kotsadm.tar.gz private.registry.host/app-name \
  --registry-username rw-username \
  --registry-password rw-password

Note

push-images temporarily stores uncompressed images in the /tmp directory before uploading them. Make sure that there is enough space in /tmp to avoid issues.

Obcerv images Copied

Run the following command to extract Obcerv images from the airgap bundle, upload them to your private registry using the provided credentials, and store them in the specified namespace.

kubectl kots admin-console push-images ./Obcerv-<version>+gj5.airgap private.registry.host/app-name \
  --registry-username rw-username \
  --registry-password rw-password

Note

push-images temporarily stores uncompressed images in the /tmp directory before uploading them. Make sure that there is enough space in /tmp to avoid issues.

Refer below for a sample output:

kubectl kots admin-console push-images ./Obcerv-2.5.0+gj5.airgap 429114214526.dkr.ecr.eu-west-2.amazonaws.com \
  --registry-username AWS \
  --registry-password <>
  • Validating registry information ✓
Pushing application images (1/74)
Pushing image 429114214526.dkr.ecr.eu-west-2.amazonaws.com/controller:stable-2.14.10
Copying blob 0cdeb622d492 skipped: already exists
Copying blob f107e0fae885 skipped: already exists
Copying blob 462ed555c74d skipped: already exists
Copying config 50f16c7149 done   |
Writing manifest to image destination
Pushing application images (2/74)
Pushing image 429114214526.dkr.ecr.eu-west-2.amazonaws.com/cert-manager-package-debian:20210119.0
Copying blob 5790256ffd78 done   |
Copying blob 724948e2dc1b done   |
Copying blob 112f44c73cac done   |
Copying config c5801b0b16 done   |
Writing manifest to image destination
Pushing application images (3/74)
Pushing image 429114214526.dkr.ecr.eu-west-2.amazonaws.com/obcerv-app-entities-ui:1.1.0
...

Once deployed, you can scan the images to be used in your air-gapped environment.

Sample list of images from the Docker registry Copied

Refer below for a list of sample images from the Docker registry:

docker.itrsgroup.com/obcerv/dpd:*VERSION*
docker.itrsgroup.com/obcerv/kafka:*VERSION*
docker.itrsgroup.com/obcerv/sinkd:*VERSION*
quay.io/prometheus/alertmanager:*VERSION*
docker.itrsgroup.com/obcerv/iam-tools:*VERSION*
docker.itrsgroup.com/obcerv/timescale:*VERSION*
registry.k8s.io/kube-state-metrics/kube-state-metrics:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:*VERSION*
docker.itrsgroup.com/obcerv/loki:*VERSION*
quay.io/prometheus/prometheus:*VERSION*
quay.io/jetstack/cert-manager-package-debian:*VERSION*
cr.l5d.io/linkerd/proxy-init:*VERSION*
docker.itrsgroup.com/obcerv/iam-tools:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:*VERSION*
docker.itrsgroup.com/obcerv/collection-agent:*VERSION*
cr.l5d.io/linkerd/cni-plugin:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:*VERSION*
docker.itrsgroup.com/obcerv/collection-agent-privileged:*VERSION*
docker.itrsgroup.com/obcerv/metrics-forecastd:*VERSION*
quay.io/prometheus/pushgateway:*VERSION*
bitnami/kubectl:*VERSION*
docker.itrsgroup.com/obcerv/app/thirdparty/postgres:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:*VERSION*
registry.k8s.io/ingress-nginx/kube-webhook-certgen:*VERSION*
docker.itrsgroup.com/obcerv/operator:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:*VERSION*
docker.itrsgroup.com/obcerv/data-pipeline-utility:*VERSION*
docker.itrsgroup.com/obcerv/etcd:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:*VERSION*
docker.itrsgroup.com/obcerv/configuration-installer:*VERSION*
registry.k8s.io/ingress-nginx/controller:*VERSION*
quay.io/jetstack/cert-manager-webhook:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-upgrade:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:*VERSION*
docker.itrsgroup.com/obcerv/final-entity-stream:*VERSION*
docker.itrsgroup.com/obcerv/licenced:*VERSION*
quay.io/prometheus-operator/prometheus-config-reloader:*VERSION*
quay.io/jetstack/trust-manager:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:*VERSION*
docker.itrsgroup.com/obcerv/downsampled-metrics-stream:*VERSION*
docker.itrsgroup.com/obcerv/platform-tools:*VERSION*
cr.l5d.io/linkerd/policy-controller:stable-*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:*VERSION*
docker.itrsgroup.com/obcerv/platform-statusd:*VERSION*
quay.io/jetstack/cert-manager-cainjector:*VERSION*
docker.itrsgroup.com/obcerv/app/thirdparty/busybox:*VERSION*
quay.io/jetstack/cert-manager-startupapicheck:*VERSION*
docker.itrsgroup.com/obcerv/keycloak:*VERSION*
docker.itrsgroup.com/obcerv/platformd:*VERSION*
docker.itrsgroup.com/obcerv/timescale-schema:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:*VERSION*
cr.l5d.io/linkerd/proxy:stable-*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:*VERSION*
docker.itrsgroup.com/obcerv/intermediate-entity-stream:*VERSION*
docker.itrsgroup.com/obcerv/signals-stream:*VERSION*
quay.io/prometheus/node-exporter:*VERSION*
quay.io/jetstack/cert-manager-controller:*VERSION*
cr.l5d.io/linkerd/controller:stable-*VERSION*
replicated/replicated-sdk:*VERSION*

Note

The VERSION shown for each component is a placeholder for the supported version number in the bundle.
["Obcerv"] ["User Guide", "Technical Reference"]

Was this topic helpful?