github.com/verrazzano/verrazzano@v1.7.1/tools/scripts/README.md (about) 1 # Installing Verrazzano From a Private Registry 2 3 Follow these required steps to populate a private image registry with Verrazzano images and install Verrazzano from that registry. 4 5 ## Prerequisites 6 You must have the following software installed: 7 8 - [Docker](https://docs.docker.com/get-docker/) 9 - [kubectl](https://kubernetes.io/docs/tasks/tools/) 10 - [Helm](https://helm.sh/docs/intro/install/) (version 3.x+) 11 - [jq](https://github.com/stedolan/jq/wiki/Installation) 12 13 ## Load the images 14 15 Before running the `vz-registry-image-helper.sh` script that pushes images to your private registry, run `docker login [SERVER]` with your credentials. 16 17 For use with the examples in this document, define the following variables with respect to your target registry and repository: 18 19 * `MYREG` 20 * `MYREPO` 21 * `VPO_IMAGE` 22 23 These identify the target Docker registry and repository, and the Verrazzano Platform Operator image, as defined in the BOM file. 24 25 For example, using a target registry of `myreg.io` and a target repository of `myrepo/v8o`: 26 27 ``` 28 MYREG=myreg.io 29 MYREPO=myrepo/v8o 30 VPO_IMAGE=$(cat verrazzano-bom.json | jq -r '.components[].subcomponents[] | select(.name == "verrazzano-platform-operator") | "\(.repository)/\(.images[].image):\(.images[].tag)"') 31 ``` 32 33 Go to the directory where you extracted the images archive and run the included helper script to push images to the registry: 34 35 ``` 36 $ sh vz-registry-image-helper.sh -t $MYREG -r $MYREPO -l . 37 ``` 38 39 Although most images can be protected using credentials stored in an image pull secret, the following images **must** be public: 40 41 * All of the Rancher images in the `rancher/additional-rancher` 42 subcomponent. 43 ``` 44 $ cat verrazzano-bom.json | jq -r '.components[].subcomponents[] | select(.name == "additional-rancher") | .images[] | "\(.image):\(.tag)"' 45 ``` 46 * The fluentd kubernetes daemonset image. 47 ``` 48 $ cat verrazzano-bom.json | jq -r '.components[].subcomponents[].images[] | select(.image == "fluentd-kubernetes-daemonset") | "\(.image):\(.tag)"' 49 ``` 50 * The istio proxy image. 51 ``` 52 $ cat verrazzano-bom.json | jq -r '.components[].subcomponents[] | select(.name == "istiod") | .images[] | select(.image == "proxyv2") | "\(.image):\(.tag)"' 53 ``` 54 * The WebLogic Monitoring Exporter image. 55 ``` 56 $ cat verrazzano-bom.json | jq -r '.components[].subcomponents[].images[] | select(.image == "weblogic-monitoring-exporter") | "\(.image):\(.tag)"' 57 ``` 58 * The Verrazzano Platform Operator image identified by `$VPO_IMAGE`, as defined above. 59 60 ## Install Verrazzano 61 62 As noted in the previous step, for all other Verrazzano Docker images in the private registry that are not explicitly marked public, you will need to create the secret `verrazzano-container-registry` in the `default` namespace, with the appropriate credentials for the registry, identified by `$MYREG`. 63 64 For example, 65 66 ``` 67 $ kubectl create secret docker-registry verrazzano-container-registry \ 68 --docker-server=$MYREG --docker-username=myreguser \ 69 --docker-password=xxxxxxxx --docker-email=me@example.com 70 ``` 71 72 Next, install the Verrazzano Platform Operator using the image defined by `$MYREG/$MYREPO/$VPO_IMAGE`. 73 74 ``` 75 helm template --include-crds ./charts/verrazzano-platform-operator \ 76 --set image=${MYREG}/${MYREPO}/${VPO_IMAGE} --set global.registry=${MYREG} \ 77 --set global.repository=${MYREPO} --set global.imagePullSecrets={verrazzano-container-registry} | kubectl apply -f - 78 ``` 79 80 After the Verrazzano Platform Operator is running, proceed with installing Verrazzano as documented at https://verrazzano.io/latest/docs/setup/install/installation/.