Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-1453

Disconnected Mirroring Appliance

    XMLWordPrintable

Details

    • Feature
    • Resolution: Done
    • Major
    • omr-v1.0.0
    • None
    • OMR
    • False
    • False
    • 100
    • 100% 100%
    • Undefined
    • 0

    Description

      Customer Problem: OpenShift clusters are usually production environments that are all running without direct internet connectivity. Quay is preferably installed of an OpenShift cluster. At the same time Quay is a pre-requisite to install OpenShift in a disconnected environment which results in a chicken/egg problem. Customers want a supported and easy way to install OpenShift clusters and production Quay instances within air-gapped environments.

       

      Goal: Make seeding the installation content for Quay and OpenShift trivial via automation and support for offline-media.

       

      Why is this important: Many customers run with an actual air-gap between their network perimeter and production clusters. That is, there is no system that has physical network access to a DMZ and the production clusters. Any content transfer happens with offline media. Assembling this offline transfer is a tedious and manual task that every customer has to learn from scratch and built their own automation around it.

       

      How does the ideal solution look like: A customer in a highly regulated industry (health care, FSI, Government) can install a mirroring appliance on a server node at the network perimeter. The mirroring appliance is a canned, simplistic quay deployment pre-configured to continuously mirror the entire release payload of Quay, OpenShift and OperatorHub, given a certain release or range or releases. After startup and the initial mirroring is automatically started. Mirroring is continuously happening to receive z-stream updates. A UI and/or CLI can be used to reason about the mirroring progress and content. In the case of an air-gap the mirrored content can be exported to disk and a second mirroring appliance can be stood up in the internal network, which is then configured create a mirror from a disk location which is populated with offline media from the first mirror. In case there is no air-gap the initial mirroring appliance will be used as a source for install and subsequent updates of OCP and Quay. This way release payload is constantly mirrored and made available securely to disconnected clusters.

       

      Prioritized deliverables:

      • all-in-one scripted installer that minimally deploys Quay and enables Mirroring on a single RHEL machine
      • integrated mirroring of all OpenShift, OperatorHub and Quay release content, given a certain version
      • all-in-one installer which automatically configures mirroring of above content right after Quay deployment finishes
      • the ability to mirror to and from disk continuously 

      Attachments

        Activity

          People

            Unassigned Unassigned
            DanielMesser Daniel Messer
            Votes:
            0 Vote for this issue
            Watchers:
            14 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: