OpenShift Disconnected Installs – Part 1

So for my initial posts, I’m going to cover my adventures in performing a disconnected install of OpenShift on vSphere using the IPI install method. This involves several steps which I will list below:

  • A Dockver v2 compatible registry (for my examples, I am using SonaType Nexus)
  • Mirroring an OpenShift update channel
  • Mirroring any operators you want available in your disconnected install
  • Mirroring the RHCOS Image for deployments

As mentioned, for my examples I am using SonaType Nexus, which hosts all the necessary mirrored content (including the OVA for RHCOS). I worked with the Nexus administrator to get access to Nexus to be able to upload content to it. Before starting this procedure yourselves, I highly recommend taking some time to review the oc-mirror documentation on the OpenShift docs website here.

With the requisite documentation linking out of the way, let’s get to what’s involved in actually performing the first 3 steps listed. The first thing we need to deal with is creating your docker config for logins to all the required locations. For my example purposes, Nexus makes this easy as it exposes your base64 credentials as a token option. If you are using a different docker registry use the following command from your Linux host you are doing the install from to base64 encode your username and password:

echo -n ':' | base64 -w0
BGVtbYk3ZHAtqXs=

Once you have your base64 encoded username and password for your registry, you need your login credentials for the Red Hat sources. To get that, you need to login to the Red Hat console and download your pull secret from this link. Once you have that file downloaded, you need to edit it to add your previously encoded credentials. Once completed, the file should look something like this:

{
  "auths": {
    "cloud.openshift.com": {
      "auth": "<credentials>",
      "email": "some.one@company.com"
    },
    "quay.io": {
      "auth": "<credentials>",
      "email": "some.one@company.com"
    },
    "registry.connect.redhat.com": {
      "auth": "<credentials>",
      "email": "some.one@company.com"
    },
    "registry.redhat.io": {
      "auth": "<credentials>",
      "email": "some.one@company.com"
    },
    "registry.company.com": {
      "auth": "<credentials>",
      "email": "some.one@company.com"
    }
  }
}

Save this file, then copy it to ~/.docker/config.json (create the .docker directory if it doesn’t already exist). After that, you are ready to start building your imageset config to mirror contents which we will cover in the next post.

Similar Posts

3 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *