×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

   

This documentation supports an earlier version of BMC Helix IT Service Management on-premises deployment.

To view the documentation for the latest version, select 22.1.06 from the Product version picker.

BMC Helix IT Service Management Deployment 21.05 ... Installing Preparing for installation

Setting up a Harbor repository

The BMC Helix Innovation Suite platform and service management application container images are hosted on BMC Docker Trusted Registry (DTR) containers.bmc.com. You can access the platform and application container images in any of the following ways:


MethodDescription
Access images directly from BMC DTR

Configure the deployment pipeline to access the images directly from BMC DTR by using the image access key.

While performing the BMC Helix IT Service Management installation, based on the type in which you want to provide the deployment input configuration file, specify the parameter values:
  • If you want to provide the deployment input configuration file manually, specify the values for the REGISTRY, IMAGE_REGISTRY_USERNAME, IMAGE_REGISTRY_PASSWORD, and IMAGEPULLSECRETS_NAME parameters in the deployment input configuration file.
    Learn about the deployment input configuration file at Inventory parameters in the deployment input configuration file.
  • If you want to generate the deployment input configuration file automatically, specify the values for the REGISTRY_TYPE, HARBOR_REGISTRY_HOST, IMAGE_REGISTRY_USERNAME, IMAGE_REGISTRY_PASSWORD, and IMAGESECRET_NAME parameter in the HELIX_ONPREM_DEPLOYMENT Jenkins pipeline.
    Learn about the installation pipeline parameters at Performing the installation.
Access images from a local Harbor repository

Set up a Harbor repository, synchronize the Harbor repository with BMC DTR, and access the images from the local Harbor repository.

Important: To synchronize the container images with BMC DTR, BMC validates using the open-source Harbor repository. You can choose any container repository solution that is compatible with the BMC Helix IT Service Management deployment. BMC does not anticipate any issues with alternative repositories. However, BMC does not provide support for alternative container repositories.

Access images from an air-gapped environmentSee To access images from an air-gapped environment.

Important

Update your firewall policies to enable access to BMC DTR. Use the following fully qualified domain names:

  • containers.bmc.com
  • containers-glb.bmc.com
  • containers-irl.bmc.com
  • containers-msr-irl.bmc.com

Before you begin

  • Download the 210502_ITSM_Platform_Images.txt and 210502_ITSM_Smartapps_Images.txt files.
    These files contain the list of images that are synchronized from BMC DTR. You can use these files to verify your Harbor repository after you synchronize it with BMC DTR.
  • Make sure that you have downloaded the key to access the container images from the BMC Electronic Product Distribution (EPD) site.

  • Make sure that your system meets the following requirements to set up your Harbor repository:

    RequirementDescription
    Hardware

    Minimum 4 CPU with 8 GB memory and 250 GB disk space

    Software
    • Docker Engine version 20.10.7
      To install Docker Engine, see Install Docker Engine Open link .
    • Docker Compose version 1.29.2
      To install Docker Compose, see Install Docker Compose Open link .
    • OpenSSL latest version
    • Operating system CentOS 7/Red Hat 7
    Network port
    Harbor installation uses the following ports as the default ports:
    • Port 443 with HTTPS protocol
    • Port 4443 with HTTPS protocol
    • Port 80 with HTTP protocol

    Learn about Harbor installation network port requirements at Harbor Installation Prerequisites Open link .

To access container images from a local Harbor repository

Set up a Harbor repository and synchronize your Harbor repository with BMC DTR by using the access key. Perform the following actions to synchronize your Harbor repository with BMC DTR:

To create a Harbor registry

  1. In your local system, download Harbor by using the following command:

    wget https://github.com/goharbor/harbor/releases/download/v2.1.4/harbor-offline-installer-v2.1.4.tgz

  2. Unzip the TAR file by using the following command:

    tar xvzf harbor-offline-installer*.tgz

  3. Navigate to the harbor directory by using the following command:

    cd harbor

  4. Copy the configuration template by using the following command:

    cp harbor.yml.tmpl harbor.yml
  5. Install Harbor.
    • To install Harbor without using self signed SSL certificates, perform the following steps in the harbor.yml file:
      1. Update the values for the following parameters:

        • hostnameName of system where you want to install Harbor.

          Specify a fully qualified domain name. For example, hostname.company.com

        • harbor_admin_password—Password for the Harbor system administrator.

          The harbor.yml file contains a default harbor_admin_password. You can modify the password.

        • database password—Root password for the local database.

          The harbor.yml file contains a default database password. You can modify the password.

      2. Comment the following lines:

        https related config
https
https port for harbor, default is 443
port: 443
The path of cert and key files for nginx
certificate: /your/certificate/path
private_key: /your/private/key/path

        For example,

    • To install Harbor by using self signed SSL certificates, see Configure HTTPS Access to Harbor Open link .

  6. Run the following command:

     ./install.sh

  7. Verify that you can access the Harbor registry by using the admin username and password to log in.

    Important

    The default Harbor installation does not includes Notary and Clair services that are used for vulnerability scanning. To install Harbor with Notary and Clair services, see Installation with Notary Open link and Installation with Clair Open link .

To configure a Harbor registry

  1. In the Harbor admin UI, navigate to the Administration menu, and click Registries.
  2. Click NEW ENDPOINT, and specify the following field values:

    • ProviderDocker Registry

    • Endpoint URLhttps://containers.bmc.com

    • Access IDSupport user ID that you use to log in to EPD.

    • Access Secret—Container image access key specified in the container-token.bmc file that you downloaded from EPD.

    The following image shows an example configuration:

  3. Click OK.

    The configuration is saved and the configuration status is displayed as Healthy as shown in the following image:

Use this configuration in a replication rule to synchronize your local Harbor repository and BMC DTR.

To synchronize a Harbor repository with BMC DTR

  1. In the Harbor admin UI, navigate to the Administration menu, and click Replications.

  2. Click NEW REPLICATION RULE and specify the values for the following fields:

    FieldDescription
    NameName of the replication rule.
    Use lower case letters to specify the name.
    Replication modeType of replication mode.
    Select the Pull-based mode.
    Source registryName of the Harbor registry that you configured to synchronize with BMC DTR.
    Source resource filter: Name Path of the image in the BMC DTR that you want to synchronize to your Harbor repository.
    Specify the path as bmc/lp00x.
    Source resource filter: TagTag of the images that you want to synchronize.
    Specify the tag value as *.
    Destination namespaceYour project name.
    Keep this field blank.
    Trigger ModeOne of the following rule trigger modes:
    • Manual
    • Scheduled

    The following image shows an example replication rule:

  3. Click Save.
  4. To run the rule manually, click REPLICATE.
  5. After rule execution is complete, navigate to Projects, and verify that the container images are synchronized.
  6. Create another replication rule by performing the steps 1 to 5 and specifying the Source resource filter: Name as bmc/lp0ry in step 2.

To access images from an air-gapped environment

The following image describes the process to access the BMC Helix Innovation Suite platform and service management application container images from an air-gapped environment:

Perform the following steps to access images from an air-gapped environment:

  1. Create and configure a local Harbor registry in your network.
  2. Create and configure a Harbor registry in a demilitarized zone (DMZ).
  3. Set up a proxy to enable communication between the local Harbor registry in your network and the Harbor registry in a DMZ.
  4. Synchronize your local Harbor repository in your network with BMC DTR.
  5. Synchronize your Harbor repository in a DMZ with your local Harbor repository in your network.
    Perform the steps in To synchronize a Harbor repository with BMC DTR by modifying the following fields:
    • Source registry—Name of the DMZ Harbor registry that you configured to synchronize with your local Harbor repository.
    • Source resource filter: Name—Path of the image in your local Harbor repository that you want to synchronize to your DMZ Harbor repository.

Where to go from here

Setting up BMC Deployment Engine

Was this page helpful? Yes No Submitting... Thank you
Last modified by Poonam Morti on Nov 01, 2023
access_container_images harbor_repository_setup sync_harbor_with_dtr dtr air_gapped air-gapped

Comments

  1. Marek Ceizel

    Should we install harbor using sudo like 'sudo ./install.sh'? Here is written just ./install.sh. It would be good to explain somewhere what user should be used for the whole procedure and if he needs some special settings.

    Sep 27, 2021 02:57
    1. Poonam Morti

      Hi Marek,

      Thanks for your feedback. We support the procedure by using the root user. If you are using the root user, you do not need to use sudo in the install command.

      Thanks,

      Poonam


      Sep 29, 2021 12:31
  2. Eric Wuensche

    Setting up the installation environment refers to the container images bmc/lp0ry, but this is not mentioned over here - are the images also contained in bmc/lp00x?

    see https://docs.bmc.com/docs/brid2105/setting-up-the-installation-environment-1031174023.html

    Sep 30, 2021 09:12
    1. Poonam Morti

      Hi Eric,

      Thanks for the feedback. We are working on your comment.

      Thanks,

      Poonam

      Oct 04, 2021 06:22
      1. Poonam Morti

        Thanks Eric. We have updated the details.

        Thanks,

        Poonam

        Oct 12, 2021 06:38
  3. John Gallagher

    There is an additional repository required for infra/platform services which is bmc/lp0ry, please update this doc to reflect.

    Nov 26, 2021 12:06
  4. Balaji Kumbhar

    For Harbor server you mentioned Disk size to 160GB Disk Space. I got 200 GB Disk Space.

    When I start the second replicate rule the Disk Space is filled to 198+ GB.. and Harbor admin UI not responding now.

    I am not sure why and how you mentioned 160 GB Disk space.

    Please can you advice on exact disk space.

    Dec 04, 2021 11:43
    1. Poonam Morti

      Hi Balaji,

      Thanks for bringing this to our notice. We have update the disk space value to 250 GB.

      Thanks, Poonam

      Dec 09, 2021 03:18
  5. Ismail Eltorgoman

    Is Redhat 7 supported?

    Jun 26, 2022 09:49
    1. Poonam Morti

      Hi Ismail,

      Red Hat 7 is supported.

      Thanks,

      Poonam


      Jun 27, 2022 02:38

Log in or register to comment.

Downloading the installation files
Preparing to install on a Unicode database
© Copyright 1991-2022 BMC Software, Inc. © Copyright 1991-2022 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.