Airgap example #25
Comments
|
@jaudiger this reminds me of the following Porter issue: getporter/porter#1609 When convenient, could you try the same steps using https://github.com/getporter/porter/releases/tag/v0.38.3 or higher (or latest v1 build?) Those versions should have a fix related to this issue... |
|
Ok, so I think I'm definitively doing something wrong here (maybe I missed a command). I already have the latest version available of Porter: jaudiger@fedora: …/porter-application [🌱 develop](9139c2f0)(🛤️)
➜ porter mixin list
Name Version Author
arm v0.8.2 Porter Authors
aws v0.3.2 Porter Authors
az v0.5.2 Porter Authors
docker v0.2.3 Porter Authors
docker-compose v0.4.1 Porter Authors
exec v0.38.4 Porter Authors
gcloud v0.4.2 Porter Authors
helm v0.13.4 Porter Authors
kubernetes v0.28.4 Porter Authors
terraform v0.6.2 Porter Authors
jaudiger@fedora: …/porter-application [🌱 develop](9139c2f0)(🛤️)
➜ porter -v
porter v0.38.4 (3d6d0f77) |
|
Hi @jaudiger, thanks for checking the Porter version used. I believe the issue lies in commands used (thanks for listing). Here's what you have: However, I believe the flow should look like this: Basically, the bundle needs to be published on the other side of the airgap, using the archive, and then installed from that new location. In the original approach, installation of the bundle was attempted via the archived cnab-file/bundle.json directly... which, without all of the image artifacts that are part of the .tgz archive, will always try to look up the original images from the references in that bundle.json. |
|
Ok, I see @vdice. I got another error while trying to publish the images to the local registry: Beginning bundle publish to localhost:5000/redis-application:0.1.0. This may take some time.
Error: unable to push image localhost:5000/redis: failed to write image sha256:0145cc5df5e657154b83fa04b90e48f6f89b608850d0906addfc0d1681a66a1e to localhost:5000/redis: failed to write image index localhost:5000/redis: unexpected media type: application/vnd.docker.image.rootfs.foreign.diff.tar.gzip for layer: sha256:4612f6d0b889cad0ed0292fae3a0b0c8a9e49aff6dea8eb049b2386d9b07986f
Error: unable to pull bundle before uninstall: unable to pull bundle localhost:5000/redis-application:0.1.0: unable to pull remote bundle: localhost:5000/redis-application:0.1.0: not foundI used the following commands to create the local registry, and then to publish: # Local registry
docker run -d -p 5000:5000 --restart=always --name registry registry:2.7
# Publish images
porter publish --archive redis-application-installer.tgz --reference localhost:5000/redis-application:v0.1.0 |
|
Interesting. Do any errors crop up in the docker registry container logs? |
|
I got a lot of logs, find the two latest errors: @vdice I'll be (once again) on vacation for the next two weeks, I'll be back the last week of August! |
|
I'm working on a similar airgap deployment right now. I think the issue with docker-compose trying to contact the docker registry is that the images in the docker-compose.yaml file are still referring to "redis:6.2.4", but after publishing the redis image is relocated to localhost:5000/redis-application@sha256:0145cc5df5e657154b83fa04b90e48f6f89b608850d0906addfc0d1681a66a1e (or something like that). The docs at https://porter.sh/distribute-bundles/#image-references-after-publishing say "Bundles should not hard-code image references and instead should use the images section and templating so that they are referencing the published location of the image.". The approach in the docs works fine in the helm airgap example because there they pass the repository and digest to the helm command in the porter.yaml. Is there a similar way to use porter's templating in the docker-compose.yaml? Another solution might be to pass the relocated repository and perhaps image digests as environment variables to docker-compose. docker-compose will substitute environment variables into the compose.yaml. |
|
Interesting @bherw , you may be right. Or, if not directly responsible for this issue, it would indeed make sense to figure out how to update the compose yaml with relocated images -- otherwise if the airgap prevents accessing the original app images, as would be expected, the republished bundle would fail to install (or at least, I'd expect the compose app not to come up.) I'd definitely like to help with ideas here, if anyone would like to create an issue for this... Looking again at the original error, I see "unexpected media type: application/vnd.docker.image.rootfs.foreign.diff.tar.gzip". Perusing https://docs.docker.com/registry/spec/manifest-v2-2/ I see: I wasn't able to reproduce the issue publishing/archiving from a GitHub Container Registry to a local docker registry. Worth looking to see if some other origin registries, perhaps like ECR used above, push layers of those types and then error out when publishing to a Docker registry container. Not sure... just theorizing here. Worth exploring more. |
|
Added an issue at #26. |
I was looking for an example about how to use Porter images (https://porter.sh/author-bundles/#images) with the mixin docker-compose.
Once published (https://porter.sh/distribute-bundles/#image-references-after-publishing), the images referenced are built into the archive, but if I try to use this archive on a machine without internet access, docker is trying to pull the images.
This is what I did so far:
porter.yaml:
docker-compose.yml
My commands used:
I think I missed something but I don't know what... I also tried to look at helm airgap example: https://github.com/getporter/porter/tree/main/examples/airgap
The text was updated successfully, but these errors were encountered: