Domino provides bundles of offline installation media for when you use fleetcommand-agent
without Internet access to upstream sources of images and charts.
To serve these resources, you must have a Docker registry accessible to your cluster.
URLs of available offline installation bundles are in the
release notes. You can download
these bundles using the curl command with basic authentication. If there are network connectivity issues you can use the wget
command with the --continue
or -c
option. Contact your Domino account team for credentials.
Note
|
The versioned collection of images (named docker-images-{5.8}.tar ) contains all required images for this type of deployment and must be the only downloaded file.
|
Example curl
download:
curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/docker-images-5.x.x.tar
Example wget
download:
wget -c --user domino-registry --password xxxxxxx https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/docker-images-5.x.x.tar
If you are unable to download the full bundle, a partitioned bundle is available. To use the partitioned bundle, download all parts to recreate the full tarball and then follow the rest of the instructions.
Download the list of newline-separated part filenames:
curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/docker-images-5.x.x.parts.txt
Download each part of the bundle using the provided filenames:
while read part; do curl -u username:password -#SfLOJ "https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/$part"; done < docker-images-5.x.x.parts.txt
Use the downloaded parts to recreate the full bundle:
cat docker-images-5.x.x.tar[0-9]* > docker-images-5.x.x.tar
SHA-256 checksums of files are available to verify the contents of downloaded bundles once downloaded.
Example verifications:
curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/docker-images-5.x.x.tar.sha256sum
sha256sum -c docker-images-5.x.x.tar.sha256sum
If <filename>: OK
is not displayed, ensure the downloaded bundles were not tampered with before loading and installing them.
For partitioned bundles, use the following:
curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/docker-images-5.x.x.parts.sha256sum
sha256sum -c docker-images-5.x.x.parts.sha256sum
If you require a list of images contained in a Domino release, they can be downloaded alongside the installation bundle.
curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v65/images.json
The resulting JSON file contains a key-value pairing of Domino version and list of images.
Below is an example of extracting image names for Domino 5.x.x using jq:
jq -r '.["5.x.x"][].name' images.json
The images bundle is a .tar
archive that must be extracted before you use it.
tar -xvf docker-images-5.x.x.tar
In the docker-images
bundle there will be:
-
a collection of individual Docker image
.tar
files -
a
images.json
metadata file -
a
domino-load-images.py
script
domino-load-images.py
is a script to ingest the images.json
metadata
file and load the associated Docker images for a specific Domino version
into the given remote Docker registry.
To load images into your private registry, run domino-load-images.py
and pass in the URL of your registry as an argument. The script expects
to run in the same directory as the images.json
metadata file and the
.tar
image files.
Example:
python domino-load-images.py your-registry-url.domain:port
Once images have been loaded into your private registry you’re ready to install Domino.
To install Domino with a custom registry, the image references must be
modified to reference the upstream registry. Use the --image-registry
argument on the init
command to modify all image references to the
external registry.
docker run --rm -v $(pwd):/install quay.io/domino/fleetcommand-agent:v65
init --image-registry your-registry-url.domain:port --file /install/domino.yml
If your registry requires authentication, ensure the
image_registries
section of your installer configuration is
filled in with the correct credentials:
helm:
image_registries:
- server: your-registry-url.domain:port
username: '<username>'
password: '<password>'
Helm charts come prepackaged within the fleetcommand-agent
image. The helm
configuration
object does not need to contain additional fields besides image_registries
.