Deploy and scan ITRS Docker images before installing
If you are planning to use an air-gapped BYO installation, you can push images from the ITRS Docker registry (docker.itrsgroup.com
) to your private registry without having to install anything yet. To deploy ITRS Docker images for scanning before you proceed with installation, run the following commands.
Note
The airgap bundle should have been previously provided to you. Contact your ITRS representative if you do not have the required information.
KOTS airgap images Copied
Run the following command to extract KOTS admin console images from the airgap bundle, upload them to your private registry using the provided credentials, and store them in the specified namespace.
kubectl kots admin-console push-images ./kotsadm.tar.gz private.registry.host/app-name \
--registry-username rw-username \
--registry-password rw-password
Note
push-images
temporarily stores uncompressed images in the/tmp
directory before uploading them. Make sure that there is enough space in/tmp
to avoid issues.
Obcerv images Copied
Run the following command to extract Obcerv images from the airgap bundle, upload them to your private registry using the provided credentials, and store them in the specified namespace.
kubectl kots admin-console push-images ./Obcerv-<version>+gj5.airgap private.registry.host/app-name \
--registry-username rw-username \
--registry-password rw-password
Note
push-images
temporarily stores uncompressed images in the/tmp
directory before uploading them. Make sure that there is enough space in/tmp
to avoid issues.
Refer below for a sample output:
kubectl kots admin-console push-images ./Obcerv-2.5.0+gj5.airgap 429114214526.dkr.ecr.eu-west-2.amazonaws.com \
--registry-username AWS \
--registry-password <>
• Validating registry information ✓
Pushing application images (1/74)
Pushing image 429114214526.dkr.ecr.eu-west-2.amazonaws.com/controller:stable-2.14.10
Copying blob 0cdeb622d492 skipped: already exists
Copying blob f107e0fae885 skipped: already exists
Copying blob 462ed555c74d skipped: already exists
Copying config 50f16c7149 done |
Writing manifest to image destination
Pushing application images (2/74)
Pushing image 429114214526.dkr.ecr.eu-west-2.amazonaws.com/cert-manager-package-debian:20210119.0
Copying blob 5790256ffd78 done |
Copying blob 724948e2dc1b done |
Copying blob 112f44c73cac done |
Copying config c5801b0b16 done |
Writing manifest to image destination
Pushing application images (3/74)
Pushing image 429114214526.dkr.ecr.eu-west-2.amazonaws.com/obcerv-app-entities-ui:1.1.0
...
Once deployed, you can scan the images to be used in your air-gapped environment.
Sample list of images from the Docker registry Copied
Refer below for a list of sample images from the Docker registry:
docker.itrsgroup.com/obcerv/dpd:*VERSION*
docker.itrsgroup.com/obcerv/kafka:*VERSION*
docker.itrsgroup.com/obcerv/sinkd:*VERSION*
quay.io/prometheus/alertmanager:*VERSION*
docker.itrsgroup.com/obcerv/iam-tools:*VERSION*
docker.itrsgroup.com/obcerv/timescale:*VERSION*
registry.k8s.io/kube-state-metrics/kube-state-metrics:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-intelli-views-daemon:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-entities-daemon:*VERSION*
docker.itrsgroup.com/obcerv/loki:*VERSION*
quay.io/prometheus/prometheus:*VERSION*
quay.io/jetstack/cert-manager-package-debian:*VERSION*
cr.l5d.io/linkerd/proxy-init:*VERSION*
docker.itrsgroup.com/obcerv/iam-tools:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-ui:*VERSION*
docker.itrsgroup.com/obcerv/collection-agent:*VERSION*
cr.l5d.io/linkerd/cni-plugin:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-daemon:*VERSION*
docker.itrsgroup.com/obcerv/collection-agent-privileged:*VERSION*
docker.itrsgroup.com/obcerv/metrics-forecastd:*VERSION*
quay.io/prometheus/pushgateway:*VERSION*
bitnami/kubectl:*VERSION*
docker.itrsgroup.com/obcerv/app/thirdparty/postgres:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-capacity-planner-metrics-daemon:*VERSION*
registry.k8s.io/ingress-nginx/kube-webhook-certgen:*VERSION*
docker.itrsgroup.com/obcerv/operator:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-webconsole:*VERSION*
docker.itrsgroup.com/obcerv/data-pipeline-utility:*VERSION*
docker.itrsgroup.com/obcerv/etcd:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-sink-daemon:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-query-service-bff-daemon:*VERSION*
docker.itrsgroup.com/obcerv/configuration-installer:*VERSION*
registry.k8s.io/ingress-nginx/controller:*VERSION*
quay.io/jetstack/cert-manager-webhook:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-upgrade:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-entities-ui:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-bff-daemon:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-ingestion-ui:*VERSION*
docker.itrsgroup.com/obcerv/final-entity-stream:*VERSION*
docker.itrsgroup.com/obcerv/licenced:*VERSION*
quay.io/prometheus-operator/prometheus-config-reloader:*VERSION*
quay.io/jetstack/trust-manager:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-api-gateway:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-fixmonitor-ui:*VERSION*
docker.itrsgroup.com/obcerv/downsampled-metrics-stream:*VERSION*
docker.itrsgroup.com/obcerv/platform-tools:*VERSION*
cr.l5d.io/linkerd/policy-controller:stable-*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-notifier-daemon:*VERSION*
docker.itrsgroup.com/obcerv/platform-statusd:*VERSION*
quay.io/jetstack/cert-manager-cainjector:*VERSION*
docker.itrsgroup.com/obcerv/app/thirdparty/busybox:*VERSION*
quay.io/jetstack/cert-manager-startupapicheck:*VERSION*
docker.itrsgroup.com/obcerv/keycloak:*VERSION*
docker.itrsgroup.com/obcerv/platformd:*VERSION*
docker.itrsgroup.com/obcerv/timescale-schema:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-notifications-ui:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-signal-forecaster-ui:*VERSION*
cr.l5d.io/linkerd/proxy:stable-*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-alerting-ui:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-rest-server:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-platform-tools-cli:*VERSION*
docker.itrsgroup.com/obcerv/app/obcerv-app-centralised-config-ui:*VERSION*
docker.itrsgroup.com/obcerv/intermediate-entity-stream:*VERSION*
docker.itrsgroup.com/obcerv/signals-stream:*VERSION*
quay.io/prometheus/node-exporter:*VERSION*
quay.io/jetstack/cert-manager-controller:*VERSION*
cr.l5d.io/linkerd/controller:stable-*VERSION*
replicated/replicated-sdk:*VERSION*
Note
The VERSION shown for each component is a placeholder for the supported version number in the bundle.