dvirlabs/brand-master
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
brand-master/AIR_GAPPED_SOLUTION.md
dvirlabs a02ba81b84
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
Add offline Python wheels and air-gapped deployment solution
2026-05-05 07:12:21 +03:00

3.6 KiB
Raw Blame History

Air-Gapped Cluster Build Solution

Problem

Your Kubernetes cluster has no external internet access:

  • Cannot reach Docker Hub (index.docker.io)
  • Cannot reach Debian repositories (deb.debian.org)
  • Cannot reach PyPI (pypi.org)
  • TLS handshake failures
  • HTTP 530 errors

Solution

Use Harbor as an internal registry for all base images.

Quick Fix (Implemented)

Backend Dockerfile Changes

Removed apt-get commands - Not needed since psycopg2-binary is pre-compiled Changed base image to harbor.dvirlabs.com/dockerhub/python:3.11-slim

What You Need to Do NOW

1. Download Python Wheels (on a machine with internet)

cd backend
.\download-wheels.bat  # Windows
# OR
./download-wheels.sh   # Linux/Mac

This downloads all Python packages as wheel files to backend/wheels/.

2. Push Base Images to Harbor

Run the appropriate script for your OS:

Windows:

.\push-base-images.bat

Linux/Mac:

chmod +x push-base-images.sh
./push-base-images.sh

This pushes these images to harbor.dvirlabs.com/dockerhub/:

  • python:3.11-slim
  • node:18-alpine
  • nginx:alpine
  • postgres:16-alpine
  • alpCommit Wheels and Test the Build**
git add .
git commit -m "fix: Bundle Python wheels for offline installation"
git push

See OFFLINE_PYPI_SOLUTION.md for details.e sure these projects exist in Harbor:

  • dockerhub - For public images from Docker Hub
  • base-images - For custom-built images (optional)
  • my-apps - For your application images

3. Test the Build

git add .
git commit -m "fix: Remove apt-get to avoid Debian repo access, use Harbor images"
git push

Advanced: Custom Base Image (Optional)

If you need gcc, postgresql-client, or other build tools in the future:

1. Build Custom Image (on a machine with internet):

# Windows
.\build-custom-base-images.bat

# Linux/Mac
chmod +x build-custom-base-images.sh
./build-custom-base-images.sh

2. Update Dockerfile to use it:

FROM harbor.dvirlabs.com/base-images/python:3.11-slim-dev

Project Structure

brand-master/
├── backend/
│   └── Dockerfile                    # ✅ Fixed - no apt-get needed
├── frontend/  
│   └── Dockerfile                    # ✅ Uses Harbor images
├── base-images/
│   ├── python-3.11-slim-dev/
│   │   └── Dockerfile                # Custom image with build tools
│   └── BUILD_INSTRUCTIONS.md
├── push-base-images.sh               # Push Docker Hub images to Harbor
├── push-base-images.bat
├── build-custom-base-images.sh       # Build custom images with deps
└── build-custom-base-images.bat

Troubleshooting

Build still fails with "unable to reach..."

  • Verify images are in Harbor: https://harbor.dvirlabs.com
  • Check project permissions (public or pull secrets configured)
  • Verify Kubernetes nodes can resolve harbor.dvirlabs.com

Need to add more dependencies

  • Option 1: Use custom base image (see Advanced section)
  • Option 2: Pre-install in a custom image layer

Images not found in Harbor

  • Run push-base-images.sh or .bat script
  • Check Harbor UI to verify images uploaded
  • Ensure project names match exactly

Current Status

Backend Dockerfile - FIXED (no apt-get, uses Harbor) Frontend Dockerfile - FIXED (uses Harbor) Helm Chart - FIXED (uses Harbor) CI Pipeline - FIXED (uses Harbor Kaniko)

Next Step: Run push-base-images.sh/.bat and commit your changes!