User would like to use openBalena in an air-gapped (no internet) environment

pdcastro commented 2 years ago

As originally reported in:

When users run the balena CLI command balena fleet create, regardless of whether or not they specify the device type with the --type flag, I understand that the CLI calls the balena SDK's models.application.create() method that retrieves the device manifest from S3 as coded in the following lines:

https://github.com/balena-io/balena-sdk/blob/v15.48.3/lib/models/application.ts#L693-L713
https://github.com/balena-io/balena-sdk/blob/v15.48.3/lib/models/device.ts#L1395

https://github.com/balena-io/balena-sdk/blob/v15.48.3/lib/models/config.ts#L146-L151

        const deviceTypeIdPromise = deviceModel()
            .getManifestBySlug(deviceType)

        const deviceTypes = await configModel().getDeviceTypes();

        const { body: deviceTypes } = await request.send({
            method: 'GET',
            url: '/device-types/v1',
            baseUrl: apiUrl,
        });

In turn, the SDK queries the /device-types/v1 endpoint from openbalena-api:

Where the S3 bucket URL / hostname comes from environment variable IMAGE_STORAGE_BUCKET which, as I understand, open-balena hardcodes as s3.amazonaws.com:

https://github.com/balena-io/open-balena/blob/v3.4.1/compose/services.yml#L36
```
  IMAGE_STORAGE_ENDPOINT: s3.amazonaws.com
```

Hence accessing the internet.

pdcastro commented 2 years ago

Connects-to: #70

jellyfish-bot commented 2 years ago

[pdcastro] This issue has attached support thread https://jel.ly.fish/ce70c1de-e821-4f10-8912-d55af99bbcab

lacendarko commented 2 years ago

Hello, any progress on this?

compiaffe commented 1 year ago

@pdcastro I'm also in need for an air-gapped deployment. In our case I have a fixed number of fleets that are effectively mirroring a hosted non-open balena fleet. I guess a workaround would be to either run the balena fleet create while the server is temporarily connected to the internet or to deploy a fully preconfigured openBalena installation including all DB,S3 etc docker volumes.

It looks as if it shouldn't be too hard to patch the API to load supported devices and version from a file. I guess one could use the SDK logic to generate that file from the official s3 bucket and deploy it with the openBalena deployment.

jmalves5 commented 1 year ago

Just to share that this seems to be fixed.

balena fleet create only tries to make selectDeviceType() call if option.type is not passed as an argument as can be seen here:

https://github.com/balena-io/balena-cli/blob/535ffccbade89716539f10edb26cf9905c538dcc/lib/commands/fleet/create.ts#L95-L97

That means that in our air-gapped environment one can still create a fleet using:

balena fleet create myFleet --type raspberry-pi

ab77 commented 1 month ago

Still relevant in 2024? Perhaps someone can pick up the new guide and see if it works in air-gapped environments (especially given Docker's improvements in this space recently)?

dfunckt commented 1 month ago

I think this is still relevant but is not a limitation of openBalena specifically, it also applies to balenaMachine. It’s due to the way device types (and images) are loaded into the instance.

compiaffe commented 1 month ago

We have a working air-gapped configuration which I would like to upstream. I'm not quite sure how to best integrate it. I'll make a DRAFT merge request and would appreciate feedback.

See here https://github.com/balena-io/open-balena/pull/241

I need to clean it up a little and move a couple of things out of our proprietary repo into there. CiCD was easier for me there (gitlab CICD).

balena-io / open-balena

User would like to use openBalena in an air-gapped (no internet) environment #129