Setting up a Harbor repository
Accessing container images
You can access the platform and application container images in any of the following ways:
Method | Description |
|---|---|
Access images directly from BMC DTR | While performing the BMC Helix Service Management installation, specify the following parameters so that the deployment pipeline can access the images directly from BMC DTR. Specify the parameter values based on the type in which you want to provide the deployment input configuration file:
|
Access images from a local repository | Important: To synchronize the container images with BMC DTR, BMC validates using the open-source Harbor repository. You can choose any container repository solution that is compatible with the BMC Helix Service Management deployment. BMC does not anticipate any issues with alternative repositories. However, BMC does not provide support for alternative container repositories. |
Access images from an air-gapped environment |
Repository content
The images required for BMC Helix Service Management installation are located in the following repositories in BMC DTR:
BMC Repository | Repository content |
|---|---|
bmc/lp00x | BMC Helix Service Management images This repository includes all components of BMC Helix Service Management such as AR System server, BMC Helix Innovation Studio, Mid Tier, BMC Helix ITSM: Smart IT, BMC Digital Workplace, BMC Digital Workplace Catalog, and BMC Helix Innovation Suite applications. |
bmc/lp0lz | BMC Helix Platform images |
Accessing container images from a local Harbor repository
Set up a Harbor repository and synchronize your Harbor repository with BMC DTR by using the access key. The following images shows the actions to synchronize your Harbor repository with BMC DTR.
Before you begin
- Download the following files:
- To perform fresh installation of BMC Helix ITSM: Smart Reporting, download the file.
- To perform update of BMC Helix ITSM: Smart Reporting, download the and files.
These files contain the list of images that are synchronized from BMC DTR. You can use these files to verify your Harbor repository after you synchronize it with BMC DTR.
- Make sure that you have downloaded the key to access the container images from the BMC Electronic Product Distribution (EPD) site.
- Make sure that you meet the Harbor repository requirements.
Task 1: To create a Harbor registry
On your local system, download Harbor latest version by using the following command:
wget <Harbor installer link>For example:
wget https://github.com/goharbor/harbor/releases/download/v2.1.4/harbor-offline-installer-v2.1.4.tgzUnzip the TAR file by using the following command:
tar xvzf harbor-offline-installer*.tgzNavigate to the harbor directory by using the following command:
cd harborCopy the configuration template by using the following command:
cp harbor.yml.tmpl harbor.ymlEdit the harbor.yml file and add the values for the following parameters:
Parameter Name
Description
hostname
Name of the host where you want to install Harbor.
harbor_admin_password
Password for the admin username.
In the harbor.yml file, uncomment the https related config section, and add the values for parameters such as port, certificate, and private_key.
For example:# https related config
https:
# https port for harbor, default is 443
port: 443
# The path of cert and key files for nginx
certificate: /data/cert/dsmlab.bmc.com.crt
private_key: /data/cert/dsmlab.bmc.com.keyRun the following command:
sudo ./install.sh- Verify that you can access the Harbor registry by using the admin username and password to log in.
Task 2: To configure a Harbor registry endpoint
- In the Harbor admin UI, from the Administration menu, select Registries.
Click NEW ENDPOINT, and specify the following field values:
- Provider—Docker Registry
- Endpoint URL—https://containers.bmc.com
- Access ID—Support user ID that you use to log in to EPD.
- Access Secret—Container image access key specified in the container-token.bmc file that you downloaded from EPD.
The following image shows an example configuration:
- To verify the connection, click TEST CONNECTION.
Click OK.
The configuration is saved, and the status is displayed as Healthy as shown in the following image:
Use this configuration in a replication rule to synchronize your local Harbor repository and BMC DTR.
- From the Administration menu, click Projects.
- Create a new project and specify the project name as bmc.
This project is used to synchronize the container images.
Task 3: To synchronize a Harbor repository with BMC DTR
You must synchronize your Harbor repository with BMC Helix Innovation Suite and BMC Helix Platform services container images in BMC DTR.
To synchronize BMC Helix Innovation Suite container images
- In the Harbor admin UI, from the Administration menu, click Replications.
Click NEW REPLICATION RULE and specify the values for the following fields:
Field
Description
Name
Name of the replication rule.
Use lower case letters to specify the name.Replication mode
Type of replication mode.
Select the Pull-based mode.Source registry
Name of the Harbor registry that you configured to synchronize with BMC DTR.
Source resource filter: Name
Path of the image in the BMC DTR that you want to synchronize to your Harbor repository.
Specify the path as bmc/lp00x.Source resource filter: Tag
Tag of the images that you want to synchronize.
Specify the tag value as *21306-HF7*Destination namespace
Keep this field blank.
Trigger Mode
One of the following rule trigger modes:
- Manual
- Scheduled
- Click Save.
- Select the rule and click REPLICATE.
- After rule execution is complete, navigate to Projects, and verify that the container images are synchronized.
Create replication rules for the following source resources by repeating steps 1 to 5 and specifying the appropriate source resource filter name and tag values in step 2:
Source resource filter: Name
Source resource filter: Tag
bmc/lp00x
VIRTUALCHAT_REMOTEINSTALL-190201-213004HF202203162316_2
bmc/lp00x
APPSD2PJOB_UPGRADE-213000-HF202203042335
bmc/lp00x
*213006-HF6*
bmc/lp00x
*213006-RTM*
bmc/lp00x
*202205041615*
bmc/lp00x
*202206281644*
bmc/lp00x
D2PJOB-ASTFLD-22103-RC5
bmc/lp00x
D2PJOB-PLD2P-22103-RC4
bmc/lp0lz
*tctlrest-14*
bmc/lp00x
*assisttool-v112_101220221746*
bmc/lp00x
*RSSO_Auth_Proxy_121*
bmc/lp0xz
*213003-HF6*
Important: bmc/lp0xz contains the images for BMC Helix ITSM: Smart Reporting containers. To request access to BMC Helix ITSM: Smart Reporting containers, contact BMC Support.
bmc/lp0xz
*210503-HF9*
Important: bmc/lp0xz contains the images for BMC Helix ITSM: Smart Reporting containers. To request access to BMC Helix ITSM: Smart Reporting containers, contact BMC Support.
To synchronize BMC Helix Platform services container images
- Log in to the system where you downloaded and extracted the deployment manager helix-on-prem-deployment-manager-22.2.01.sh
- Create a new file named all_images.txt.
- Based on the BMC Helix Platform services version, you want to use copy the 23202_all_images.txt, 23102_all_images.txt, 224_all_images.txt, or 22201_all_images.txt to the all_images.txt file.
- Navigate to the helix-on-prem-deployment-manager/utilities/push_to_repo location.
- In the push_to_repo directory, copy the all_images.txt file.
Convert the all_images.txt file to UNIX format by using the following command:
dos2unix all_images.txtOpen the push_to_custom_repo.sh file and update the following parameter values:
Parameter Name
Description
SOURCE_DOCKER_REPO
Specify the value as containers.bmc.com
SOURCE_DOCKER_PASSWORD
The container image access key specified in the container-token.bmc file that you downloaded from EPD.
SOURCE_DOCKER_USER
Support user ID that you use to login to EPD.
IMAGE_REGISTRY_HOST
Host name of your local registry.
IMAGE_REGISTRY_PASSWORD
Specify the password to log in to your local registry.
IMAGE_REGISTRY_USERNAME
Specify the user name to log in to your local registry.
IMAGE_REGISTRY_PROJECT
Specify the value as bmc
IMAGE_REGISTRY_ORG
Specify the value as lp0lz
Run the push_to_custom_repo.sh file by using the following command:
./push_to_custom_repo.sh
To access images from an air-gapped environment
The following image describes the process to access the BMC Helix Service Management images from an air-gapped environment:
Perform the following steps to access images from an air-gapped environment:
- Create and configure a local Harbor registry in your network.
- Create and configure a Harbor registry in a demilitarized zone (DMZ).
- Set up a proxy to enable communication between the local Harbor registry in your network and the Harbor registry in a DMZ.
- Synchronize your local Harbor repository in your network with BMC DTR.
- Synchronize your Harbor repository in a DMZ with the local Harbor repository in your network.
Perform the steps to synchronize a Harbor repository with BMC DTR by modifying the following fields:- Source registry—Name of the DMZ Harbor registry that you configured to synchronize with your local Harbor repository.
- Source resource filter: Name—Path of the image in your local Harbor repository that you want to synchronize to your DMZ Harbor repository.
Where to go from here
Next task | Proceed with preparing a database based on the database that you want to use: |
|---|---|
Back to process | If you are finished preparing the database, return to the appropriate installation, update, or upgrade process: |