You can deploy a Kubernetes cluster with Deckhouse in a closed environment without internet access. To achieve this, download the Deckhouse platform images on a computer with internet access and upload them to a local image registry. Harbor is chosen as the local image registry in this article. For more details on configuring and installing Harbor, refer to Install Harbor.
Loading Deckhouse images consists of three steps:
Step 1: Create a new project in Harbor
- Log in to the Harbor web interface. In the main left menu, go to the Projects section. To create a new project, click +New project.
- Enter a lowercase project name, for example, images. Specify whether the project should be public. Click OK.
Step 2: Download Deckhouse images
- On a computer with internet access, download the script for downloading images. Open the terminal and execute the following command:
curl -fsSL -o d8-pull.sh https://raw.githubusercontent.com/deckhouse/deckhouse/main/tools/release/d8-pull.sh
chmod 700 d8-pull.sh
Note: Docker, crane, and jq must be installed on the host..
Example command for downloading images for Deckhouse Platform Enterprise Edition:
./d8-pull.sh --license YOUR_DECKHOUSE_LICENSE_KEY --output-dir /your/output-dir/
Example command for downloading images for Deckhouse Platform Community Edition:
./d8-pull.sh --edition ce --output-dir /your/output-dir/
Wait for the image download to complete. If errors occur during image loading, run the script again.
- On a computer with internet access, download the script for downloading images to the local registry. Execute the following command:
curl -fsSL -o d8-push.sh https://raw.githubusercontent.com/deckhouse/deckhouse/main/tools/release/d8-push.sh
chmod 700 d8-push.sh
- Upload the directory with images and the script for loading images to the host with access to the private image registry.
Step 3: Upload Deckhouse images to Harbor
- On the computer where the installation will take place, go to the directory with images and the script for loading images. Crane must be installed on the host.
- To upload Deckhouse images to the private registry, execute the following command:
./d8-push.sh --source-dir /your/source-dir/ --path hostname:port/path/deckhouse --username username --password password
where:
/your/source-dir/
is the path to the directory with images;hostname
is the FQDN or IP address through which the registry will be accessible, in this article it is registry.example.com;port
is the connection port;path
is the path to the project created in Harbor, in this article it is images;username
is the username with privileges to upload images to the project;password
is the password for the specified username.
Note: If the local registry is only accessible via the HTTP protocol, an additional flag ‑‑insecure
should be specified.
./d8-push.sh --source-dir /your/source-dir/ --path hostname:port/path/deckhouse --username username --password password --insecure
./d8-push.sh--source-dir/your/source-dir/--pathregistry.example.com:443/images/deckhouse--usernameadmin--passwordHarbor12345 where:
|
- Wait for the completion of the Deckhouse image upload script.