Private or offline installation

Domino provides bundles of offline installation media for use when running the fleetcommand-agent without Internet access to upstream sources of images and charts. To serve these resources, you must have a Docker regsitry accessible to your cluster.




Downloading

You can find URLs of available offline installation bundles in the fleetcommand-agent release notes. These bundles can be downloaded via cURL with basic authentication. Contact your domino account team for credentials.

Note that there is one file required: a versioned collection of images.

Example download:

curl -u username:password -#SfLOJ https://mirrors.domino.tech/s3/domino-artifacts/offline/fleetcommand-agent-docker-images-v20-4.2.0.tar



Extracting and loading

The images bundle is a .tar archive that must be extracted before being used.

tar -xvf fleetcommand-agent-docker-images-v20-4.2.0.tar

In the fleetcommand-agent-docker-images bundle there will be:

  • a collection of individual Docker image .tar files
  • a images.json metadata file
  • a domino-load-images.py script

domino-load-images.py is a script to ingest the images.json metadata file and load the associated Docker images for a specific Domino version into the given remote Docker registry.

To load images into your private registry, run domino-load-images.py and pass in the URL of your registry as an argument. The script expects to run in the same directory as the images.json metadata file and the .tar image files.

Example:

python domino-load-images.py your-registry-url.domain:port

Once images have been loaded into your private registry you’re ready to install Domino.




Installing

To install Domino using a custom registry, the image references must be modified to reference the upstream registry. Use the --image-registry argument on the init command to modify all image references to the external registry.

docker run --rm -v $(pwd):/install quay.io/domino/fleetcommand-agent:v27 \
init --image-registry your-registry-url.domain:port --full --file /install/domino.yml

If your registry requires authentication, ensure the private_docker_registry section of your installer configuration is filled in with the correct credentials:

private_docker_registry:
  server: your-registry-url.domain:port
  username: '<username>'
  password: '<password>'

Helm 3

Charts come pre packaged within the fleetcommand-agent image. Set up the helm object in configuration to match the following:

helm:
  version: 3
  host: gcr.io
  namespace: domino-eng-service-artifacts
  prefix: ''
  username: ''
  password: ''
  tiller_image: gcr.io/kubernetes-helm/tiller:v2.16.1 # Version is required and MUST be 2.16.1
  insecure: false
  cache_path: '/app/charts'

Note that the http protocol before the hostname in this configuration is important. Once these changes have been made to your installer configuration file, you can run the fleetcommand-agent to install Domino.




Configuration

When performing offline installations there are 3 main central configuration keys that need to be repointed to the private registry hosting the referenced images. From the Domino landing page, click Admin in the main menu. Then in the administration portal, click Advanced > Central Config. Use the Add Record button at top right to add the following records:

Key Value
com.cerebro.domino.builder.image IMAGE_URI of the latest domino/builder-job
com.cerebro.domino.computegrid.kubernetes.executor.imageName IMAGE_URI of the latest domino/executor
com.cerebro.domino.modelmanager.harnessProxy.image IMAGE_URI of the latest domino/harness-proxy