dvirlabs/brand-master
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
brand-master/AIR_GAPPED_SOLUTION.md
dvirlabs a02ba81b84
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
Add offline Python wheels and air-gapped deployment solution
2026-05-05 07:12:21 +03:00

137 lines
3.6 KiB
Markdown
Raw Blame History

# Air-Gapped Cluster Build Solution
## Problem
Your Kubernetes cluster has **no external internet access**:
- ❌ Cannot reach Docker Hub (`index.docker.io`)
- ❌ Cannot reach Debian repositories (`deb.debian.org`)
- ❌ Cannot reach PyPI (`pypi.org`)
- ❌ TLS handshake failures
- ❌ HTTP 530 errors
## Solution
Use Harbor as an internal registry for all base images.
## Quick Fix (Implemented)
### Backend Dockerfile Changes
**Removed `apt-get` commands** - Not needed since `psycopg2-binary` is pre-compiled
**Changed base image** to `harbor.dvirlabs.com/dockerhub/python:3.11-slim`
### What You Need to Do NOW
**1. Download Python Wheels (on a machine with internet)**
```bash
cd backend
.\download-wheels.bat # Windows
# OR
./download-wheels.sh # Linux/Mac
```
This downloads all Python packages as wheel files to `backend/wheels/`.
**2. Push Base Images to Harbor**
Run the appropriate script for your OS:
**Windows:**
```bash
.\push-base-images.bat
```
**Linux/Mac:**
```bash
chmod +x push-base-images.sh
./push-base-images.sh
```
This pushes these images to `harbor.dvirlabs.com/dockerhub/`:
- python:3.11-slim
- node:18-alpine
- nginx:alpine
- postgres:16-alpine
- alpCommit Wheels and Test the Build**
```bash
git add .
git commit -m "fix: Bundle Python wheels for offline installation"
git push
```
See [OFFLINE_PYPI_SOLUTION.md](OFFLINE_PYPI_SOLUTION.md) for details.e sure these projects exist in Harbor:
- `dockerhub` - For public images from Docker Hub
- `base-images` - For custom-built images (optional)
- `my-apps` - For your application images
**3. Test the Build**
```bash
git add .
git commit -m "fix: Remove apt-get to avoid Debian repo access, use Harbor images"
git push
```
## Advanced: Custom Base Image (Optional)
If you need `gcc`, `postgresql-client`, or other build tools in the future:
**1. Build Custom Image (on a machine with internet):**
```bash
# Windows
.\build-custom-base-images.bat
# Linux/Mac
chmod +x build-custom-base-images.sh
./build-custom-base-images.sh
```
**2. Update Dockerfile to use it:**
```dockerfile
FROM harbor.dvirlabs.com/base-images/python:3.11-slim-dev
```
## Project Structure
```
brand-master/
├── backend/
│ └── Dockerfile # ✅ Fixed - no apt-get needed
├── frontend/
│ └── Dockerfile # ✅ Uses Harbor images
├── base-images/
│ ├── python-3.11-slim-dev/
│ │ └── Dockerfile # Custom image with build tools
│ └── BUILD_INSTRUCTIONS.md
├── push-base-images.sh # Push Docker Hub images to Harbor
├── push-base-images.bat
├── build-custom-base-images.sh # Build custom images with deps
└── build-custom-base-images.bat
```
## Troubleshooting
### Build still fails with "unable to reach..."
- Verify images are in Harbor: `https://harbor.dvirlabs.com`
- Check project permissions (public or pull secrets configured)
- Verify Kubernetes nodes can resolve `harbor.dvirlabs.com`
### Need to add more dependencies
- Option 1: Use custom base image (see Advanced section)
- Option 2: Pre-install in a custom image layer
### Images not found in Harbor
- Run `push-base-images.sh` or `.bat` script
- Check Harbor UI to verify images uploaded
- Ensure project names match exactly
## Current Status
✅ Backend Dockerfile - **FIXED** (no apt-get, uses Harbor)
✅ Frontend Dockerfile - **FIXED** (uses Harbor)
✅ Helm Chart - **FIXED** (uses Harbor)
✅ CI Pipeline - **FIXED** (uses Harbor Kaniko)
**Next Step:** Run `push-base-images.sh/.bat` and commit your changes!
Reference in New Issue View Git Blame Copy Permalink