×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

   

This documentation supports an earlier version of BMC Helix IT Service Management on-premises deployment.

To view the documentation for the latest version, select 22.1.06 from the Product version picker.

BMC Helix IT Service Management Deployment 21.3.06 ... Installing Preparing for installation

Setting up a Harbor repository

The BMC Helix Innovation Suite and application container images are hosted on BMC Docker Trusted Registry (DTR). BMC Docker Trusted Repository is available at https://containers.bmc.com

To deploy BMC Helix IT Service Management, you can configure the deployment pipeline to access the container images directly from BMC DTR by using the image access key. This method requires a direct connection to the internet. Alternatively, you can synchronize the container images to a local container repository and configure the deployment pipeline to use the container images from the local repository. This method allows you to perform a secure or air-gapped deployment that does not require a direct connection to the internet.

Important

We recommend that you use the Harbor repository to synchronize the container images with BMC DTR.
Related topic

Preparing for installation

Accessing container images

You can access the platform and application container images in any of the following ways:

MethodDescription
Access images directly from BMC DTR

While performing the BMC Helix IT Service Management installation, specify the following parameters so that the deployment pipeline can access the images directly from BMC DTR.

Specify the parameter values based on the type in which you want to provide the deployment input configuration file:

  • If you want to provide the deployment input configuration file manually, specify the values for the REGISTRY, IMAGE_REGISTRY_USERNAME, IMAGE_REGISTRY_PASSWORD, and IMAGEPULLSECRETS_NAME parameters in the deployment input configuration file.
    Learn about the deployment input configuration file at Inventory parameters in the deployment input configuration file.
  • If you want to generate the deployment input configuration file automatically, specify the values for the REGISTRY_TYPE, HARBOR_REGISTRY_HOST, IMAGE_REGISTRY_USERNAME, IMAGE_REGISTRY_PASSWORD, and IMAGESECRET_NAME parameter in the HELIX_ONPREM_DEPLOYMENT Jenkins pipeline.
    Learn about the installation pipeline parameters at Performing the BMC Helix IT Service Management installation.
Access images from a local repository

Set up a Harbor repository, synchronize the Harbor repository with BMC DTR, and access the images from the local Harbor repository.

Important: To synchronize the container images with BMC DTR, BMC validates using the open-source Harbor repository. You can choose any container repository solution that is compatible with the BMC Helix IT Service Management deployment. BMC does not anticipate any issues with alternative repositories. However, BMC does not provide support for alternative container repositories.

Access images from an air-gapped environmentSee To access images from an air-gapped environment.

Important

Update your firewall policies to enable access to BMC DTR. Use the following fully qualified domain names:

Repository content

The images required for BMC Helix IT Service Management installation are located in the following repositories in BMC DTR:

BMC RepositoryRepository content
bmc/lp00x

BMC Helix IT Service Management images

This repository includes all components of BMC Helix IT Service Management such as AR System server, BMC Helix Innovation Studio, Mid Tier, BMC Helix ITSM: Smart IT, BMC Digital Workplace, BMC Digital Workplace Catalog, and BMC Helix Innovation Suite applications.

bmc/lp0lz

BMC Helix Platform images
The BMC Helix platform is required for all installations of BMC containerized software. This repository includes BMC Helix Platform services, data lake, BMC Helix Dashboards, AI Service Management, and other essential services. 

Accessing container images from a local Harbor repository

Set up a Harbor repository and synchronize your Harbor repository with BMC DTR by using the access key. The following images shows the actions to synchronize your Harbor repository with BMC DTR.



Important

The Harbor registry that you create must be active after BMC Helix Platform services and BMC Helix IT Service Management installation, which allows the pods to access the images if the worker nodes do not have previously pulled images.

Before you begin

These files contain the list of images that are synchronized from BMC DTR. You can use these files to verify your Harbor repository after you synchronize it with BMC DTR.

Task 1: To create a Harbor registry

  1. On your local system, download Harbor latest version by using the following command:

    wget <Harbor installer link>

    For example:

    wget https://github.com/goharbor/harbor/releases/download/v2.1.4/harbor-offline-installer-v2.1.4.tgz

  2. Unzip the TAR file by using the following command:

    tar xvzf harbor-offline-installer*.tgz

  3. Navigate to the harbor directory by using the following command:

    cd harbor

  4. Copy the configuration template by using the following command:

    cp harbor.yml.tmpl harbor.yml

  5. Edit the harbor.yml file and add the values for the following parameters:

    Best practice

    We recommend that you use the HTTPS configuration and install Harbor by using self signed SSL certificates. See Configure HTTPS Access to Harbor Open link .

    Parameter NameDescription

    hostname

    		Name of the host where you want to install Harbor.
    harbor_admin_passwordPassword for the admin username.

    In the harbor.yml file, uncomment the https related config section, and add the values for parameters such as port, certificate, and  private_key.
    For example:

    # https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /data/cert/dsmlab.bmc.com.crt
  private_key: /data/cert/dsmlab.bmc.com.key

  6. Run the following command:

     sudo ./install.sh

  7. Verify that you can access the Harbor registry by using the admin username and password to log in.

Task 2: To configure a Harbor registry endpoint

  1. In the Harbor admin UI, from the Administration menu, select Registries.
  2. Click NEW ENDPOINT, and specify the following field values:

    • ProviderDocker Registry

    • Endpoint URLhttps://containers.bmc.com

    • Access IDSupport user ID that you use to log in to EPD.

    • Access Secret—Container image access key specified in the container-token.bmc file that you downloaded from EPD.

    The following image shows an example configuration:
  3. To verify the connection, click TEST CONNECTION.

  4. Click OK.

    The configuration is saved, and the status is displayed as Healthy as shown in the following image:

    Use this configuration in a replication rule to synchronize your local Harbor repository and BMC DTR.
  5. From the Administration menu, click Projects.
  6. Create a new project and specify the project name as bmc.
    This project is used to synchronize the container images.

Task 3: To synchronize a Harbor repository with BMC DTR

You must synchronize your Harbor repository with BMC Helix Innovation Suite and BMC Helix Platform services container images in BMC DTR.

To synchronize BMC Helix Innovation Suite container images

  1. In the Harbor admin UI, from the Administration menu, click Replications.

  2. Click NEW REPLICATION RULE and specify the values for the following fields:

    FieldDescription
    NameName of the replication rule.
    Use lower case letters to specify the name.
    Replication modeType of replication mode.
    Select the Pull-based mode.
    Source registryName of the Harbor registry that you configured to synchronize with BMC DTR.
    Source resource filter: Name Path of the image in the BMC DTR that you want to synchronize to your Harbor repository.
    Specify the path as bmc/lp00x.
    Source resource filter: TagTag of the images that you want to synchronize.
    Specify the tag value as *21306-HF7*
    Destination namespaceKeep this field blank.
    Trigger ModeOne of the following rule trigger modes:
    • Manual
    • Scheduled
  3. Click Save.
  4. Select the rule and click REPLICATE.
  5. After rule execution is complete, navigate to Projects, and verify that the container images are synchronized.

  6. Create replication rules for the following source resources by repeating steps 1 to 5 and specifying the appropriate source resource filter name and tag values in step 2:

    Source resource filter: NameSource resource filter: Tag 

    bmc/lp00x

    VIRTUALCHAT_REMOTEINSTALL-190201-213004HF202203162316_2

    bmc/lp00x

    APPSD2PJOB_UPGRADE-213000-HF202203042335

    bmc/lp00x

    *213006-HF6*

    bmc/lp00x

    *213006-RTM*

    bmc/lp00x

    *202205041615*

    bmc/lp00x

    *202206281644*

    bmc/lp00x

    D2PJOB-ASTFLD-22103-RC5

    bmc/lp00x

    D2PJOB-PLD2P-22103-RC4

    bmc/lp0lz

    *tctlrest-14*

    bmc/lp00x

    *assisttool-v112_101220221746*

    bmc/lp00x

    *RSSO_Auth_Proxy_121*

    bmc/lp0xz

    *213003-HF6*

    Important: bmc/lp0xz contains the images for  BMC Helix ITSM: Smart Reporting containers. To request access to BMC Helix ITSM: Smart Reporting containers, contact  BMC Support Open link .

    bmc/lp0xz

    *210503-HF9*

    Important: bmc/lp0xz contains the images for  BMC Helix ITSM: Smart Reporting containers. To request access to BMC Helix ITSM: Smart Reporting containers, contact  BMC Support Open link .

To synchronize BMC Helix Platform services container images

  1. Log in to the system where you downloaded and extracted the deployment manager helix-on-prem-deployment-manager-22.2.01.sh
  2. Create a new file named all_images.txt.
  3. Based on the BMC Helix Platform services version, you want to use copy the 23202_all_images.txt, 23102_all_images.txt, 224_all_images.txt, or 22201_all_images.txt to the all_images.txt file.
  4. Navigate to the helix-on-prem-deployment-manager/utilities/push_to_repo location.

  5. In the push_to_repo directory, copy the all_images.txt file.

  6. Convert the all_images.txt file to UNIX format by using the following command:

    dos2unix all_images.txt

  7. Open the push_to_custom_repo.sh file and update the following parameter values:

    Parameter NameDescription
    SOURCE_DOCKER_REPOSpecify the value as containers.bmc.com
    SOURCE_DOCKER_PASSWORDThe container image access key specified in the container-token.bmc file that you downloaded from EPD.
    SOURCE_DOCKER_USER

    Support user ID that you use to login to EPD.

    IMAGE_REGISTRY_HOSTHost name of your local registry.
    IMAGE_REGISTRY_PASSWORDSpecify the password to log in to your local registry.
    IMAGE_REGISTRY_USERNAME

    Specify the user name to log in to your local registry.

    IMAGE_REGISTRY_PROJECTSpecify the value as bmc
    IMAGE_REGISTRY_ORGSpecify the value as lp0lz

  8. Run the push_to_custom_repo.sh file by using the following command:

    Important

    Before you run the push_to_custom_repo.sh file, make sure that you have installed the Docker Engine. For more information, see Harbor repository requirements.

    ./push_to_custom_repo.sh

To access images from an air-gapped environment

The following image describes the process to access the BMC Helix IT Service Management images from an air-gapped environment:

Perform the following steps to access images from an air-gapped environment:

  1. Create and configure a local Harbor registry in your network.
  2. Create and configure a Harbor registry in a demilitarized zone (DMZ).
  3. Set up a proxy to enable communication between the local Harbor registry in your network and the Harbor registry in a DMZ.
  4. Synchronize your local Harbor repository in your network with BMC DTR.
  5. Synchronize your Harbor repository in a DMZ with the local Harbor repository in your network.
    Perform the steps to synchronize a Harbor repository with BMC DTR by modifying the following fields:
    • Source registry—Name of the DMZ Harbor registry that you configured to synchronize with your local Harbor repository.
    • Source resource filter: Name—Path of the image in your local Harbor repository that you want to synchronize to your DMZ Harbor repository.

Where to go from here

Next task

Proceed with preparing a database based on the database that you want to use:

Back to process

If you are finished preparing the database, return to the appropriate installation, update, or upgrade process:

Was this page helpful? Yes No Submitting... Thank you
Last modified by Poonam Morti on Sep 21, 2023
access_container_images harbor_repository_setup sync_harbor_with_dtr dtr air-gapped

Comments

Log in or register to comment.

Downloading the installation files
Preparing to install on a Unicode database
© Copyright 1991-2023 BMC Software, Inc. © Copyright 1991-2023 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.