$ rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Frequently, portions of a data center might not have access to the Internet, even via proxy servers. You can still install OpenShift Container Platform in these environments, but you must download required software and images and make them available to the disconnected environment.
After the installation components are available to your node hosts, you install OpenShift Container Platform by following the standard installation steps.
After you install OpenShift Container Platform, you must make the s2i builder images that you pulled available to the cluster.
Review OpenShift Container Platform’s overall architecture and plan your environment topology.
Obtain a Red Hat Enterprise Linux (RHEL) 7 server that you have root access to with access to the Internet and at least 110 GB of disk space. You download the required software repositories and container images to this computer.
Plan to maintain a webserver within your disconnected environment to serve the mirrored repositories. You copy the repositories from the Internet-connected host to this webserver, either over the network or by using physical media in disconnected deployments.
Provide a source control repository. After installation, your nodes must access source code in a source code repository, such as Git.
When building applications in OpenShift Container Platform, your build might contain external dependencies, such as a Maven Repository or Gem files for Ruby applications.
Provide a registry within the disconnected environment. Options include:
Installing a stand alone OpenShift Container Platform registry.
Using a Red Hat Satellite 6.1 server that acts as a container image registry.
Before you install OpenShift Container Platform in your disconnected environment, obtain the required images and components and store them in your repository.
You must obtain the required images and software components on a system with the same architecture as the cluster that is in your disconnected environment. |
On the RHEL 7 server with an internet connection, sync the repositories:
To ensure that the packages are not deleted after you sync the repository, import the GPG key:
$ rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Register the server with the Red Hat Customer Portal. You must use the credentials that are associated with the account that has access to the OpenShift Container Platform subscriptions:
$ subscription-manager register
Pull the latest subscription data from RHSM:
$ subscription-manager refresh
Attach a subscription that provides OpenShift Container Platform channels.
Find an available subscription pool that provides the OpenShift Container Platform channels:
$ subscription-manager list --available --matches '*OpenShift*'
Attach a pool ID for a subscription that provides OpenShift Container Platform:
$ subscription-manager attach --pool=<pool_id>
$ subscription-manager repos --disable="*"
Enable only the repositories required by OpenShift Container Platform 3.11.
For cloud installations and on-premise installations on x86_64 servers, run the following command:
# subscription-manager repos \
--enable="rhel-7-server-rpms" \
--enable="rhel-7-server-extras-rpms" \
--enable="rhel-7-server-ose-3.11-rpms" \
--enable="rhel-7-server-ansible-2.9-rpms"
For on-premise installations on IBM POWER8 servers, run the following command:
# subscription-manager repos \
--enable="rhel-7-for-power-le-rpms" \
--enable="rhel-7-for-power-le-extras-rpms" \
--enable="rhel-7-for-power-le-optional-rpms" \
--enable="rhel-7-server-ansible-2.9-for-power-le-rpms" \
--enable="rhel-7-server-for-power-le-rhscl-rpms" \
--enable="rhel-7-for-power-le-ose-3.11-rpms"
For on-premise installations on IBM POWER9 servers, run the following command:
# subscription-manager repos \
--enable="rhel-7-for-power-9-rpms" \
--enable="rhel-7-for-power-9-extras-rpms" \
--enable="rhel-7-for-power-9-optional-rpms" \
--enable="rhel-7-server-ansible-2.9-for-power-9-rpms" \
--enable="rhel-7-server-for-power-9-rhscl-rpms" \
--enable="rhel-7-for-power-9-ose-3.11-rpms"
Older versions of OpenShift Container Platform 3.11 supported only Ansible 2.6. The most recent versions of the playbooks now support Ansible 2.9, which is the preferred version to use. |
Install required packages:
$ sudo yum -y install yum-utils createrepo docker git
The yum-utils
package provides the reposync utility, which lets you mirror
yum repositories, and you can use the createrepo
package to create a usable
yum
repository from a directory.
Make a directory to store the software in the server’s storage or to a USB drive or other external device:
$ mkdir -p </path/to/repos>
If you can re-connect this server to the disconnected LAN and use it as the repository server, store the files locally. If you cannot, use USB-connected storage so you can transport the software to a repository server in your disconnected LAN. |
Sync the packages and create the repository for each of them.
For on-premise installations on x86_64 servers, run the following command:
$ for repo in \
rhel-7-server-rpms \
rhel-7-server-extras-rpms \
rhel-7-server-ansible-2.9-rpms \
rhel-7-server-ose-3.11-rpms
do
reposync --gpgcheck -lm --repoid=${repo} --download_path=</path/to/repos> (1)
createrepo -v </path/to/repos/>${repo} -o </path/to/repos/>${repo} (1)
done
1 | Provide the path to the directory you created. |
For on-premise installations on IBM POWER8 servers, run the following command:
$ for repo in \
rhel-7-for-power-le-rpms \
rhel-7-for-power-le-extras-rpms \
rhel-7-for-power-le-optional-rpms \
rhel-7-server-ansible-2.9-for-power-le-rpms \
rhel-7-server-for-power-le-rhscl-rpms \
rhel-7-for-power-le-ose-3.11-rpms
do
reposync --gpgcheck -lm --repoid=${repo} --download_path=</path/to/repos> (1)
createrepo -v </path/to/repos/>${repo} -o </path/to/repos/>${repo} (1)
done
1 | Provide the path to the directory you created. |
For on-premise installations on IBM POWER9 servers, run the following command:
$ for repo in \
rhel-7-for-power-9-rpms \
rhel-7-for-power-9-extras-rpms \
rhel-7-for-power-9-optional-rpms \
rhel-7-server-ansible-2.9-for-power-9-rpms \
rhel-7-server-for-power-9-rhscl-rpms \
rhel-7-for-power-9-ose-3.11-rpms
do
reposync --gpgcheck -lm --repoid=${repo} --download_path=/<path/to/repos> (1)
createrepo -v </path/to/repos/>${repo} -o </path/to/repos/>${repo} (1)
done
1 | Provide the path to the directory you created. |
Pull the required container images:
Start the Docker daemon:
$ systemctl start docker
Pull all of the required OpenShift Container Platform infrastructure component images.
Replace <tag>
with the version to install. For example, specify v3.11.634
for the latest version. You can specify a different minor version.
If you are using a containerized installer, pull
registry.redhat.io/openshift3/ose-ansible:v3.11
in addition to these required
images:
$ docker pull registry.redhat.io/openshift3/apb-base:<tag>
$ docker pull registry.redhat.io/openshift3/apb-tools:<tag>
$ docker pull registry.redhat.io/openshift3/automation-broker-apb:<tag>
$ docker pull registry.redhat.io/openshift3/csi-attacher:<tag>
$ docker pull registry.redhat.io/openshift3/csi-driver-registrar:<tag>
$ docker pull registry.redhat.io/openshift3/csi-livenessprobe:<tag>
$ docker pull registry.redhat.io/openshift3/csi-provisioner:<tag>
$ docker pull registry.redhat.io/openshift3/grafana:<tag>
$ docker pull registry.redhat.io/openshift3/kuryr-controller:<tag>
$ docker pull registry.redhat.io/openshift3/kuryr-cni:<tag>
$ docker pull registry.redhat.io/openshift3/local-storage-provisioner:<tag>
$ docker pull registry.redhat.io/openshift3/manila-provisioner:<tag>
$ docker pull registry.redhat.io/openshift3/mariadb-apb:<tag>
$ docker pull registry.redhat.io/openshift3/mediawiki:<tag>
$ docker pull registry.redhat.io/openshift3/mediawiki-apb:<tag>
$ docker pull registry.redhat.io/openshift3/mysql-apb:<tag>
$ docker pull registry.redhat.io/openshift3/ose-ansible-service-broker:<tag>
$ docker pull registry.redhat.io/openshift3/ose-cli:<tag>
$ docker pull registry.redhat.io/openshift3/ose-cluster-autoscaler:<tag>
$ docker pull registry.redhat.io/openshift3/ose-cluster-capacity:<tag>
$ docker pull registry.redhat.io/openshift3/ose-cluster-monitoring-operator:<tag>
$ docker pull registry.redhat.io/openshift3/ose-console:<tag>
$ docker pull registry.redhat.io/openshift3/ose-configmap-reloader:<tag>
$ docker pull registry.redhat.io/openshift3/ose-control-plane:<tag>
$ docker pull registry.redhat.io/openshift3/ose-deployer:<tag>
$ docker pull registry.redhat.io/openshift3/ose-descheduler:<tag>
$ docker pull registry.redhat.io/openshift3/ose-docker-builder:<tag>
$ docker pull registry.redhat.io/openshift3/ose-docker-registry:<tag>
$ docker pull registry.redhat.io/openshift3/ose-efs-provisioner:<tag>
$ docker pull registry.redhat.io/openshift3/ose-egress-dns-proxy:<tag>
$ docker pull registry.redhat.io/openshift3/ose-egress-http-proxy:<tag>
$ docker pull registry.redhat.io/openshift3/ose-egress-router:<tag>
$ docker pull registry.redhat.io/openshift3/ose-haproxy-router:<tag>
$ docker pull registry.redhat.io/openshift3/ose-hyperkube:<tag>
$ docker pull registry.redhat.io/openshift3/ose-hypershift:<tag>
$ docker pull registry.redhat.io/openshift3/ose-keepalived-ipfailover:<tag>
$ docker pull registry.redhat.io/openshift3/ose-kube-rbac-proxy:<tag>
$ docker pull registry.redhat.io/openshift3/ose-kube-state-metrics:<tag>
$ docker pull registry.redhat.io/openshift3/ose-metrics-server:<tag>
$ docker pull registry.redhat.io/openshift3/ose-node:<tag>
$ docker pull registry.redhat.io/openshift3/ose-node-problem-detector:<tag>
$ docker pull registry.redhat.io/openshift3/ose-operator-lifecycle-manager:<tag>
$ docker pull registry.redhat.io/openshift3/ose-ovn-kubernetes:<tag>
$ docker pull registry.redhat.io/openshift3/ose-pod:<tag>
$ docker pull registry.redhat.io/openshift3/ose-prometheus-config-reloader:<tag>
$ docker pull registry.redhat.io/openshift3/ose-prometheus-operator:<tag>
$ docker pull registry.redhat.io/openshift3/ose-recycler:<tag>
$ docker pull registry.redhat.io/openshift3/ose-service-catalog:<tag>
$ docker pull registry.redhat.io/openshift3/ose-template-service-broker:<tag>
$ docker pull registry.redhat.io/openshift3/ose-tests:<tag>
$ docker pull registry.redhat.io/openshift3/ose-web-console:<tag>
$ docker pull registry.redhat.io/openshift3/postgresql-apb:<tag>
$ docker pull registry.redhat.io/openshift3/registry-console:<tag>
$ docker pull registry.redhat.io/openshift3/snapshot-controller:<tag>
$ docker pull registry.redhat.io/openshift3/snapshot-provisioner:<tag>
$ docker pull registry.redhat.io/rhel7/etcd:3.2.28
For on-premise installations on x86_64 servers, pull the following image.
Replace <tag>
with the version to install. For example, specify v3.11.634
for the latest version. You can specify a different minor version.
$ docker pull registry.redhat.io/openshift3/ose-efs-provisioner:<tag>
Pull all of the required OpenShift Container Platform component images for the
optional components.
Replace <tag>
with the version to install. For example, specify v3.11.634
for the latest version. You can specify a different minor version.
For on-premise installations on x86_64 servers, run the following commands:
$ docker pull registry.redhat.io/openshift3/metrics-cassandra:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-hawkular-metrics:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-hawkular-openshift-agent:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-heapster:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-schema-installer:<tag>
$ docker pull registry.redhat.io/openshift3/oauth-proxy:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-curator5:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-elasticsearch5:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-eventrouter:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-fluentd:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-kibana5:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus-alertmanager:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus-node-exporter:<tag>
$ docker pull registry.redhat.io/cloudforms46/cfme-openshift-postgresql
$ docker pull registry.redhat.io/cloudforms46/cfme-openshift-memcached
$ docker pull registry.redhat.io/cloudforms46/cfme-openshift-app-ui
$ docker pull registry.redhat.io/cloudforms46/cfme-openshift-app
$ docker pull registry.redhat.io/cloudforms46/cfme-openshift-embedded-ansible
$ docker pull registry.redhat.io/cloudforms46/cfme-openshift-httpd
$ docker pull registry.redhat.io/cloudforms46/cfme-httpd-configmap-generator
$ docker pull registry.redhat.io/rhgs3/rhgs-server-rhel7
$ docker pull registry.redhat.io/rhgs3/rhgs-volmanager-rhel7
$ docker pull registry.redhat.io/rhgs3/rhgs-gluster-block-prov-rhel7
$ docker pull registry.redhat.io/rhgs3/rhgs-s3-server-rhel7
For on-premise installations on IBM POWER8 or IBM POWER9 servers, run the following commands:
$ docker pull registry.redhat.io/openshift3/metrics-cassandra:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-hawkular-openshift-agent:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-heapster:<tag>
$ docker pull registry.redhat.io/openshift3/metrics-schema-installer:<tag>
$ docker pull registry.redhat.io/openshift3/oauth-proxy:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-curator5:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-elasticsearch5:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-eventrouter:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-fluentd:<tag>
$ docker pull registry.redhat.io/openshift3/ose-logging-kibana5:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus-alert-buffer:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus-alertmanager:<tag>
$ docker pull registry.redhat.io/openshift3/prometheus-node-exporter:<tag>
For Red Hat support, a {gluster-native} subscription is required for |
Pull the Red Hat-certified Source-to-Image (s2i) builder images that you intend to use in your OpenShift Container Platform environment.
Make sure to indicate the correct tag by specifying the version number. See the s2i table in the OpenShift and Atomic Platform Tested Integrations page for details about image version compatibility.
You can pull the following images:
$ docker pull registry.redhat.io/jboss-amq-6/amq63-openshift:<tag>
$ docker pull registry.redhat.io/jboss-datagrid-7/datagrid71-openshift:<tag>
$ docker pull registry.redhat.io/jboss-datagrid-7/datagrid71-client-openshift:<tag>
$ docker pull registry.redhat.io/jboss-datavirt-6/datavirt63-openshift:<tag>
$ docker pull registry.redhat.io/jboss-datavirt-6/datavirt63-driver-openshift:<tag>
$ docker pull registry.redhat.io/jboss-decisionserver-6/decisionserver64-openshift:<tag>
$ docker pull registry.redhat.io/jboss-processserver-6/processserver64-openshift:<tag>
$ docker pull registry.redhat.io/jboss-eap-6/eap64-openshift:<tag>
$ docker pull registry.redhat.io/jboss-eap-7/eap71-openshift:<tag>
$ docker pull registry.redhat.io/jboss-webserver-3/webserver31-tomcat7-openshift:<tag>
$ docker pull registry.redhat.io/jboss-webserver-3/webserver31-tomcat8-openshift:<tag>
$ docker pull registry.redhat.io/openshift3/jenkins-2-rhel7:<tag>
$ docker pull registry.redhat.io/openshift3/jenkins-agent-maven-35-rhel7:<tag>
$ docker pull registry.redhat.io/openshift3/jenkins-agent-nodejs-8-rhel7:<tag>
$ docker pull registry.redhat.io/openshift3/jenkins-slave-base-rhel7:<tag>
$ docker pull registry.redhat.io/openshift3/jenkins-slave-maven-rhel7:<tag>
$ docker pull registry.redhat.io/openshift3/jenkins-slave-nodejs-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/mongodb-32-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/mysql-57-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/perl-524-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/php-56-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/postgresql-95-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/python-35-rhel7:<tag>
$ docker pull registry.redhat.io/redhat-sso-7/sso70-openshift:<tag>
$ docker pull registry.redhat.io/rhscl/ruby-24-rhel7:<tag>
$ docker pull registry.redhat.io/redhat-openjdk-18/openjdk18-openshift:<tag>
$ docker pull registry.redhat.io/redhat-sso-7/sso71-openshift:<tag>
$ docker pull registry.redhat.io/rhscl/nodejs-6-rhel7:<tag>
$ docker pull registry.redhat.io/rhscl/mariadb-101-rhel7:<tag>
If your environment does not have access to your internal network and requires physical media to transfer content, export the images to compressed files. If your host is connected to both the Internet and your internal networks, skip the following steps and continue to Prepare and populate the repository server.
Create a directory to store your compressed images in and change to it:
$ mkdir </path/to/images>
$ cd </path/to/images>
Export the OpenShift Container Platform infrastructure component images. If you are using a
containerized installer, export
registry.redhat.io/openshift3/ose-ansible:v3.11
in addition to these required
images:
For on-premise installations on x86_64 servers, run the following command:
$ docker save -o ose3-images.tar \
registry.redhat.io/openshift3/apb-base \
registry.redhat.io/openshift3/apb-tools \
registry.redhat.io/openshift3/automation-broker-apb \
registry.redhat.io/openshift3/csi-attacher \
registry.redhat.io/openshift3/csi-driver-registrar \
registry.redhat.io/openshift3/csi-livenessprobe \
registry.redhat.io/openshift3/csi-provisioner \
registry.redhat.io/openshift3/grafana \
registry.redhat.io/openshift3/kuryr-controller \
registry.redhat.io/openshift3/kuryr-cni \
registry.redhat.io/openshift3/local-storage-provisioner \
registry.redhat.io/openshift3/manila-provisioner \
registry.redhat.io/openshift3/mariadb-apb \
registry.redhat.io/openshift3/mediawiki \
registry.redhat.io/openshift3/mediawiki-apb \
registry.redhat.io/openshift3/mysql-apb \
registry.redhat.io/openshift3/ose-ansible-service-broker \
registry.redhat.io/openshift3/ose-cli \
registry.redhat.io/openshift3/ose-cluster-autoscaler \
registry.redhat.io/openshift3/ose-cluster-capacity \
registry.redhat.io/openshift3/ose-cluster-monitoring-operator \
registry.redhat.io/openshift3/ose-console \
registry.redhat.io/openshift3/ose-configmap-reloader \
registry.redhat.io/openshift3/ose-control-plane \
registry.redhat.io/openshift3/ose-deployer \
registry.redhat.io/openshift3/ose-descheduler \
registry.redhat.io/openshift3/ose-docker-builder \
registry.redhat.io/openshift3/ose-docker-registry \
registry.redhat.io/openshift3/ose-efs-provisioner \
registry.redhat.io/openshift3/ose-egress-dns-proxy \
registry.redhat.io/openshift3/ose-egress-http-proxy \
registry.redhat.io/openshift3/ose-egress-router \
registry.redhat.io/openshift3/ose-haproxy-router \
registry.redhat.io/openshift3/ose-hyperkube \
registry.redhat.io/openshift3/ose-hypershift \
registry.redhat.io/openshift3/ose-keepalived-ipfailover \
registry.redhat.io/openshift3/ose-kube-rbac-proxy \
registry.redhat.io/openshift3/ose-kube-state-metrics \
registry.redhat.io/openshift3/ose-metrics-server \
registry.redhat.io/openshift3/ose-node \
registry.redhat.io/openshift3/ose-node-problem-detector \
registry.redhat.io/openshift3/ose-operator-lifecycle-manager \
registry.redhat.io/openshift3/ose-ovn-kubernetes \
registry.redhat.io/openshift3/ose-pod \
registry.redhat.io/openshift3/ose-prometheus-config-reloader \
registry.redhat.io/openshift3/ose-prometheus-operator \
registry.redhat.io/openshift3/ose-recycler \
registry.redhat.io/openshift3/ose-service-catalog \
registry.redhat.io/openshift3/ose-template-service-broker \
registry.redhat.io/openshift3/ose-tests \
registry.redhat.io/openshift3/ose-web-console \
registry.redhat.io/openshift3/postgresql-apb \
registry.redhat.io/openshift3/registry-console \
registry.redhat.io/openshift3/snapshot-controller \
registry.redhat.io/openshift3/snapshot-provisioner \
registry.redhat.io/rhel7/etcd:3.2.28 \
For on-premise installations on IBM POWER8 or IBM POWER9 servers, run the following command:
$ docker save -o ose3-images.tar \
registry.redhat.io/openshift3/apb-base \
registry.redhat.io/openshift3/apb-tools \
registry.redhat.io/openshift3/automation-broker-apb \
registry.redhat.io/openshift3/csi-attacher \
registry.redhat.io/openshift3/csi-driver-registrar \
registry.redhat.io/openshift3/csi-livenessprobe \
registry.redhat.io/openshift3/csi-provisioner \
registry.redhat.io/openshift3/grafana \
registry.redhat.io/openshift3/kuryr-controller \
registry.redhat.io/openshift3/kuryr-cni \
registry.redhat.io/openshift3/local-storage-provisioner \
registry.redhat.io/openshift3/manila-provisioner \
registry.redhat.io/openshift3/mariadb-apb \
registry.redhat.io/openshift3/mediawiki \
registry.redhat.io/openshift3/mediawiki-apb \
registry.redhat.io/openshift3/mysql-apb \
registry.redhat.io/openshift3/ose-ansible-service-broker \
registry.redhat.io/openshift3/ose-cli \
registry.redhat.io/openshift3/ose-cluster-autoscaler \
registry.redhat.io/openshift3/ose-cluster-capacity \
registry.redhat.io/openshift3/ose-cluster-monitoring-operator \
registry.redhat.io/openshift3/ose-console \
registry.redhat.io/openshift3/ose-configmap-reloader \
registry.redhat.io/openshift3/ose-control-plane \
registry.redhat.io/openshift3/ose-deployer \
registry.redhat.io/openshift3/ose-descheduler \
registry.redhat.io/openshift3/ose-docker-builder \
registry.redhat.io/openshift3/ose-docker-registry \
registry.redhat.io/openshift3/ose-egress-dns-proxy \
registry.redhat.io/openshift3/ose-egress-http-proxy \
registry.redhat.io/openshift3/ose-egress-router \
registry.redhat.io/openshift3/ose-haproxy-router \
registry.redhat.io/openshift3/ose-hyperkube \
registry.redhat.io/openshift3/ose-hypershift \
registry.redhat.io/openshift3/ose-keepalived-ipfailover \
registry.redhat.io/openshift3/ose-kube-rbac-proxy \
registry.redhat.io/openshift3/ose-kube-state-metrics \
registry.redhat.io/openshift3/ose-metrics-server \
registry.redhat.io/openshift3/ose-node \
registry.redhat.io/openshift3/ose-node-problem-detector \
registry.redhat.io/openshift3/ose-operator-lifecycle-manager \
registry.redhat.io/openshift3/ose-ovn-kubernetes \
registry.redhat.io/openshift3/ose-pod \
registry.redhat.io/openshift3/ose-prometheus-config-reloader \
registry.redhat.io/openshift3/ose-prometheus-operator \
registry.redhat.io/openshift3/ose-recycler \
registry.redhat.io/openshift3/ose-service-catalog \
registry.redhat.io/openshift3/ose-template-service-broker \
registry.redhat.io/openshift3/ose-tests \
registry.redhat.io/openshift3/ose-web-console \
registry.redhat.io/openshift3/postgresql-apb \
registry.redhat.io/openshift3/registry-console \
registry.redhat.io/openshift3/snapshot-controller \
registry.redhat.io/openshift3/snapshot-provisioner \
registry.redhat.io/rhel7/etcd:3.2.28 \
If you synchronized images for optional components, export them:
For on-premise installations on x86_64 servers, run the following command:
$ docker save -o ose3-optional-imags.tar \
registry.redhat.io/openshift3/metrics-cassandra \
registry.redhat.io/openshift3/metrics-hawkular-metrics \
registry.redhat.io/openshift3/metrics-hawkular-openshift-agent \
registry.redhat.io/openshift3/metrics-heapster \
registry.redhat.io/openshift3/metrics-schema-installer \
registry.redhat.io/openshift3/oauth-proxy \
registry.redhat.io/openshift3/ose-logging-curator5 \
registry.redhat.io/openshift3/ose-logging-elasticsearch5 \
registry.redhat.io/openshift3/ose-logging-eventrouter \
registry.redhat.io/openshift3/ose-logging-fluentd \
registry.redhat.io/openshift3/ose-logging-kibana5 \
registry.redhat.io/openshift3/prometheus \
registry.redhat.io/openshift3/prometheus-alertmanager \
registry.redhat.io/openshift3/prometheus-node-exporter \
registry.redhat.io/cloudforms46/cfme-openshift-postgresql \
registry.redhat.io/cloudforms46/cfme-openshift-memcached \
registry.redhat.io/cloudforms46/cfme-openshift-app-ui \
registry.redhat.io/cloudforms46/cfme-openshift-app \
registry.redhat.io/cloudforms46/cfme-openshift-embedded-ansible \
registry.redhat.io/cloudforms46/cfme-openshift-httpd \
registry.redhat.io/cloudforms46/cfme-httpd-configmap-generator \
registry.redhat.io/rhgs3/rhgs-server-rhel7 \
registry.redhat.io/rhgs3/rhgs-volmanager-rhel7 \
registry.redhat.io/rhgs3/rhgs-gluster-block-prov-rhel7 \
registry.redhat.io/rhgs3/rhgs-s3-server-rhel7 \
For on-premise installations on IBM POWER8 or IBM POWER9 servers, run the following command:
$ docker save -o ose3-optional-imags.tar \
registry.redhat.io/openshift3/metrics-cassandra \
registry.redhat.io/openshift3/metrics-hawkular-openshift-agent \
registry.redhat.io/openshift3/metrics-heapster \
registry.redhat.io/openshift3/metrics-schema-installer \
registry.redhat.io/openshift3/oauth-proxy \
registry.redhat.io/openshift3/ose-logging-curator5 \
registry.redhat.io/openshift3/ose-logging-elasticsearch5 \
registry.redhat.io/openshift3/ose-logging-eventrouter \
registry.redhat.io/openshift3/ose-logging-fluentd \
registry.redhat.io/openshift3/ose-logging-kibana5 \
registry.redhat.io/openshift3/prometheus \
registry.redhat.io/openshift3/prometheus-alert-buffer \
registry.redhat.io/openshift3/prometheus-alertmanager \
registry.redhat.io/openshift3/prometheus-node-exporter \
Export the s2i builder images that you pulled. For example, if you synced only the Jenkins and Tomcat images:
$ docker save -o ose3-builder-images.tar \
registry.redhat.io/jboss-webserver-3/webserver31-tomcat7-openshift:<tag> \
registry.redhat.io/jboss-webserver-3/webserver31-tomcat8-openshift:<tag> \
registry.redhat.io/openshift3/jenkins-2-rhel7:<tag> \
registry.redhat.io/openshift3/jenkins-agent-maven-35-rhel7:<tag> \
registry.redhat.io/openshift3/jenkins-agent-nodejs-8-rhel7:<tag> \
registry.redhat.io/openshift3/jenkins-slave-base-rhel7:<tag> \
registry.redhat.io/openshift3/jenkins-slave-maven-rhel7:<tag> \
registry.redhat.io/openshift3/jenkins-slave-nodejs-rhel7:<tag> \
Copy the compressed files from your Internet-connected host to your internal host.
Load the images that you copied:
$ docker load -i ose3-images.tar
$ docker load -i ose3-builder-images.tar
$ docker load -i ose3-optional-images.tar
During the installation, and any future updates, you need a webserver to host the software. RHEL 7 can provide the Apache webserver.
Prepare the webserver:
If you need to install a new webserver in your disconnected environment, install a new RHEL 7 system with at least 110 GB of space on your LAN. During RHEL installation, select the Basic Web Server option.
If you are re-using the server where you downloaded the OpenShift Container Platform software and required images, install Apache on the server:
$ sudo yum install httpd
Place the repository files into Apache’s root folder.
If you are re-using the server:
$ mv /path/to/repos /var/www/html/
$ chmod -R +r /var/www/html/repos
$ restorecon -vR /var/www/html
If you installed a new server, attach external storage and then copy the files:
$ cp -a /path/to/repos /var/www/html/
$ chmod -R +r /var/www/html/repos
$ restorecon -vR /var/www/html
Add the firewall rules:
$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --reload
Enable and start Apache for the changes to take effect:
$ systemctl enable httpd
$ systemctl start httpd
From within your disconnected environment, tag and push the images to your internal registry:
The following steps are a generic guide to loading the images into a registry. You might need to take more or different actions to load the images. |
Before you push the images into the registry, re-tag each image.
For images in the openshift3
repository, tag the image as both the major
and minor version number. For example, to tag the OpenShift Container Platform node image:
$ docker tag registry.redhat.io/openshift3/ose-node:<tag> registry.example.com/openshift3/ose-node:<tag>
$ docker tag registry.redhat.io/openshift3/ose-node:<tag> registry.example.com/openshift3/ose-node:{major-tag}
For other images, tag the image with the exact version number. For example, to tag the etcd image:
$ docker tag registry.redhat.io/rhel7/etcd:3.2.28 registry.example.com/rhel7/etcd:3.2.28
Push each image into the registry. For example, to push the OpenShift Container Platform node images:
$ docker push registry.example.com/openshift3/ose-node:<tag>
$ docker push registry.example.com/openshift3/ose-node:{major-tag}
Now that you have the installation files, prepare your hosts.
Create the hosts for your OpenShift Container Platform cluster. It is recommended to use the latest version of RHEL 7 and to perform a minimal installation. Ensure that the hosts meet the system requirements.
On each node host, create the repository definitions. Place the following text in the /etc/yum.repos.d/ose.repo file:
[rhel-7-server-rpms] name=rhel-7-server-rpms baseurl=http://<server_IP>/repos/rhel-7-server-rpms (1) enabled=1 gpgcheck=0 [rhel-7-server-extras-rpms] name=rhel-7-server-extras-rpms baseurl=http://<server_IP>/repos/rhel-7-server-extras-rpms (1) enabled=1 gpgcheck=0 [rhel-7-server-ansible-2.9-rpms] name=rhel-7-server-ansible-2.9-rpms baseurl=http://<server_IP>/repos/rhel-7-server-ansible-2.9-rpms (1) enabled=1 gpgcheck=0 [rhel-7-server-ose-3.11-rpms] name=rhel-7-server-ose-3.11-rpms baseurl=http://<server_IP>/repos/rhel-7-server-ose-3.11-rpms (1) enabled=1 gpgcheck=0
1 | Replace <server_IP> with the IP address or host name of the Apache server
that hosts the software repositories. |
Finish preparing the hosts for installation. Follow the Preparing your hosts steps, omitting the steps in the Host Registration section.
After you prepare the software, images, and hosts, you use the standard installation method to install OpenShift Container Platform:
Configure your inventory file to reference your internal registry:
For a internal registry:
oreg_url=registry.example.com/openshift3/ose-<component>:<version> (1) openshift_examples_modify_imagestreams=true
1 | Specify both the ose component name and version number. |
For a Satellite image registry:
oreg_url=satellite.example.com/oreg-prod-openshift3_ose-<component>:<version> (1) osm_etcd_image=satellite.example.com/oreg-prod-rhel7_etcd:3.2.28 (2) openshift_examples_modify_imagestreams=true
1 | Specify both the ose component name and version number. |
2 | If the URL prefix for the etcd image is different on your Satellite server,
you must specify the location and name of the etcd image in the
osm_etcd_image parameter. |