Private or offline installation

Domino provides bundles of offline installation media for when you use fleetcommand-agent without Internet access to upstream sources of images and charts. To serve these resources, you must have a Docker registry accessible to your cluster, and an application registry. Domino includes a Docker image to run an application registry in each bundle.

Downloads

URLs of available offline installation bundles are in the release notes. You can download these bundles using the curl command with basic authentication. If there are network connectivity issues you can use the wget command with the --continue or -c option. Contact your Domino account team for credentials.

Note
 The versioned collection of images (named docker-images-{4.2}.tar) contains all required images for this type of deployment and must be the only downloaded file.

Example curl download:

curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v32/docker-images-5.x.x.tar

Example wget download:

wget -c --user domino-registry --password xxxxxxx https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-v32/docker-images-5.x.x.tar

Extract and load

The images bundle is a .tar archive that must be extracted before you use it.

tar -xvf docker-images-5.x.x.tar

In the docker-images bundle there will be:

  • a collection of individual Docker image .tar files

  • a images.json metadata file

  • a domino-load-images.py script

domino-load-images.py is a script to ingest the images.json metadata file and load the associated Docker images for a specific Domino version into the given remote Docker registry.

To load images into your private registry, run domino-load-images.py and pass in the URL of your registry as an argument. The script expects to run in the same directory as the images.json metadata file and the .tar image files.

Example:

python domino-load-images.py your-registry-url.domain:port

One of the images provided as part of the bundle is an appr image that can be used to host an application registry to serve charts to fleetcommand-agent. After you extract the domino-appr-latest archive you will have a top level appr directory that contains chart data formatted for use in an application registry. You can start an application registry server on any Docker-enabled machine that can connect to your private registry through docker run, such as in the following example. Pass in a filesystem path to the extracted appr directory where shown:

docker run --name dom-offline-appr
-d -p 50001:50001
-v /path/to/appr:/var/lib/appr
-e DATABASE_URL="/var/lib/appr"
--restart=always "your-registry-url.domain:port/appr:latest"
run-server --port 50001 --db-class filesystem

Once images have been loaded into your private registry and charts have been loaded into an active application registry server, you’re ready to install Domino.

Install

To install Domino with a custom registry, the image references must be modified to reference the upstream registry. Use the --image-registry argument on the init command to modify all image references to the external registry.

docker run --rm -v $(pwd):/install quay.io/domino/fleetcommand-agent:v32
init --image-registry your-registry-url.domain:port --full --file /install/domino.yml

If your registry requires authentication, ensure the private_docker_registry section of your installer configuration is filled in with the correct credentials:

private_docker_registry:
  server: your-registry-url.domain:port
  username: '<username>'
  password: '<password>'

Helm 3

Charts come prepackaged within the fleetcommand-agent image. Set up the helm object in configuration to match the following:

helm:
  host: gcr.io
  namespace: domino-eng-service-artifacts
  username: ''
  password: ''
  insecure: false