Accessing container images from an air-gapped environment

An air-gapped environment is a security measure for your system. You can access container images from an environment that is disconnected or physically isolated from unsecured networks such as the public internet. Such environments are called air-gapped environments.

Perform the following steps to access container images from an air-gapped environment:

  1. Create and configure a local Harbor registry in your network.
  2. Create and configure a Harbor registry in a demilitarized zone (DMZ).
  3. Set up a proxy to enable communication between the local Harbor registry in your network and the Harbor registry in a DMZ.
  1. Synchronize your local Harbor repository in your network with the containers.bmc.com Docker Trusted Registry (DTR).
  1. Synchronize your Harbor repository in a DMZ with your local Harbor repository in your network by performing the following steps:
    1. In the Harbor admin UI, navigate to the Administration menu, and click Replications.

    2. Click NEW REPLICATION RULE and specify the values for the following fields:

    3. Click Save.
    4. To run the rule manually, click REPLICATE.
    5. After rule execution is complete, navigate to Projects, and verify that the container images are synchronized.
    6. Create replication rules for the following source resources:
      • bmc/lpcs5
      • bmc/lpdbt
      • bmc/lpt5c

Important

Make sure that all the images from containers.bmc.com/bmc/lpt5c are synced on the local harbor or local repository in the following projects:

  • bmc/lpt5c - All the infra images
  • bmc/lpdbt - All product service images
  • bmc/lpcs5 - All product service images

For information about creating replication rules, see the To synchronize your Harbor repository with BMC Docker Trusted Repository section in Setting-up-a-Harbor-repository.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*