Open ccc13481 opened 6 months ago
Any OCI-compliant command line interface (CLI) like Docker or Podman will allow you to acquire images from a repository like the IBM Z and LinuxONE Container Registry using a pull
command. Once you have them pulled into a given environment on any platform - Linux, zCX on z/OS or a cloud environment, you can save those container images through the save
command. This will create a tar file archive that you can move to any platform you want within your enterprise. Once you have them on a target system for deployment, you can load
them, and effectively accomplish the same thing as if you had pull
-ed the image directly to the air-gapped system.
Collecting and managing container images like this from a different platform than the IBM Z system where they are deployed is a good isolation strategy that enhances security. By using a CLI like the ones provided by Podman or Docker to gather images from a secure server, you should have the tools you need for an air-gapped enterprise.
The Docker CLI documentation is pretty good at describing the kinds of operations available to manage container images: https://docs.docker.com/engine/reference/commandline/cli/
I was hoping for something easy like SMP/E... ;-)
I will read the Docker CLI and see if I can figure out how to do it...
Thank
BR Frank Allan Rasmussen
The ease-of-use issue is one to handle carefully, because it all depends on the background of the user. Since this is open source, we want to provide the infrastructure people generally use to interact with the software. However, this infrastructure overlaps in purpose with existing z/OS software deployment components like SMP/E. We have tried to re-factor open source software to deploy through SMP/E in the past, and it hasn't gone well, for a number of reasons.
That said, we're trying to strike a balance so we don't make the z/OS system admin job miserable when managing open source on z/OS. Please feel free comment in the discussion area if you have questions or suggestions. We're always looking for ways to make this deployment channel better.
Hi
How do I use a container in a airgaped environment?
Is the a way to clone the repository or to download a container?
BR Frank Allan Rasmussen