https://rancher.com/ logo
Powered by
Title
b

best-address-42882

12/23/2022, 3:37 PM
Hi, does anybody know how to set up apps for air gapped env? I need to deploy it in artifactory, but I couldn't find how to do that.
a

adorable-train-88202

12/23/2022, 6:24 PM
I'm in the same boat as you
a lot of dependencies (installs) from external sources
while I was able to get initial install completed airgapped, it was not an easy task (more because of the private registry and all of the rancher images)
have to not use the tools to create clusters via rancher because of that reason
unless I can figure out how to make a local repo for "Default Docker engine installation URL"
b

best-address-42882

12/23/2022, 7:04 PM
I have no idea how to setup local repo for apps
thinking just create a proxy for it
If you will be able to find solution for apps private registry let me know
a

adorable-train-88202

12/23/2022, 8:31 PM
I might go down the proxy route as well
no easy way to get all of these external dependencies
Rancher docs say "Alternatively, it is also possible to set up Rancher completely air-gapped without any Internet access. This process is described in detail in the Rancher docs."
while you can install it initially air gapped
I don't see how you can continue air gapped and use the tools for creating clusters and growing them adhoc
would have to create the clusters outside of rancher and then import
and add nodes not using rancher to existing clusters
Talk about frustrating. Anyone else configure rancher infra to use proxies ? I don’t see rancher even attempting to use the proxy in the proxy logs 😕 there is the proxy /no proxy setting you do add to the start of rancher then you can also add variables (http_proxy /no proxy) to new clusters being created. I must be missing something or doing something wrong.
s

steep-furniture-72588

12/25/2022, 4:20 AM
You can. In the cluster creation you can use a local registry as a mirror.
a

adorable-train-88202

12/25/2022, 4:20 AM
That’s a docker registry though
But it also tries to use other resources that are not docker registries
s

steep-furniture-72588

12/25/2022, 4:22 AM
For cluster creation?
a

adorable-train-88202

12/25/2022, 4:22 AM
For instance it would try to install kubernetes
Yeah
Why I was trying to make it use a proxy but having difficulties configuring that
s

steep-furniture-72588

12/25/2022, 4:23 AM
Never been my experience. The images are all from rancher docker registry namespace. Can you explain further which images you are trying to get?
How are you creating the proxy?
a

adorable-train-88202

12/25/2022, 4:24 AM
Kiberneties install is not an image
It’s just a normal web proxy
Just like any other web proxy
s

steep-furniture-72588

12/25/2022, 4:25 AM
Ok. Use a local container registry like sonatype nexus or artifactory
a

adorable-train-88202

12/25/2022, 4:26 AM
Kuberneties install is not an image though
You need something to put the images into
It can’t install kubernetes in cluster creation
I’m using Ubuntu cloud image so it’s doesn’t come with anything
s

steep-furniture-72588

12/25/2022, 4:27 AM
Yes it is. All our clusters have no internet access and we mirror through nexus. Works like a charm
a

adorable-train-88202

12/25/2022, 4:28 AM
It’s supposed to install rke1 (or rke2) depending what I pick
s

steep-furniture-72588

12/25/2022, 4:28 AM
I have tracked what images it uses.
a

adorable-train-88202

12/25/2022, 4:29 AM
So are you telling it to use a local private registry
s

steep-furniture-72588

12/25/2022, 4:29 AM
As a mirror. Yes
a

adorable-train-88202

12/25/2022, 4:29 AM
Or are you also telling it to use a proxy as well
I made a simple docker private registry with images from rancher
s

steep-furniture-72588

12/25/2022, 4:30 AM
Mirror a local private registry
a

adorable-train-88202

12/25/2022, 4:30 AM
On rancher 2.7
s

steep-furniture-72588

12/25/2022, 4:31 AM
You can tell it to use a private registry too
There are multiple options
a

adorable-train-88202

12/25/2022, 4:32 AM
I must be missing something then
Even if I wasn’t using a private registry
The proxy should be handling the outbound
But it doesn’t even seem that it’s even trying to use the proxy
To go outbound
s

steep-furniture-72588

12/25/2022, 4:33 AM
for getting what?
Have you looked at this?
a

adorable-train-88202

12/25/2022, 4:39 AM
yeah, private registry...
example
when creating a rke1 cluster via ranger
the nodes fail to get any further when they attempt that step
s

steep-furniture-72588

12/25/2022, 4:40 AM
Why are you using rke1?
a

adorable-train-88202

12/25/2022, 4:40 AM
hehe
that's beside the point
same thing happens when creating rke2
just not that step
they try to install external resources to install software and it can't
rke2 would need to install rke2 before it can put any images into it
s

steep-furniture-72588

12/25/2022, 4:43 AM
Rke has an airgapped way of installing it
Yoy don't need to access internet
Rke2
a

adorable-train-88202

12/25/2022, 4:43 AM
I can install it manually airgapped
I can't install it when using rancher to deploy
my issue currently
s

steep-furniture-72588

12/25/2022, 4:44 AM
So when you use rancher to deploy use with a local container registry 😊
a

adorable-train-88202

12/25/2022, 4:45 AM
the airgap docs only speak of manual initial installs
and you are using your own OS images?
or the rancherOS ones?
(curious)
s

steep-furniture-72588

12/25/2022, 4:59 AM
Own images
a

adorable-train-88202

12/25/2022, 5:30 AM
will try other registry offerings
maybe like you said they have more options (mirror helm repos, etc)
s

steep-furniture-72588

12/25/2022, 5:35 AM
My work flow is use packer to build base linux os image that has dependencies for long horn and such
Then i use that resultant 'template' to deploy using rancher
2 Views
#generalJoin Slack
Powered by