From de8d014215b9ddf35efb99cddf95f5e0254750c3 Mon Sep 17 00:00:00 2001 From: Denislav Prodanov Date: Wed, 14 May 2025 15:00:38 +0300 Subject: [PATCH 1/2] script to retrieve airgap images from running cluster --- airgap-images/retrieve-airgap-images.sh | 71 +++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 airgap-images/retrieve-airgap-images.sh diff --git a/airgap-images/retrieve-airgap-images.sh b/airgap-images/retrieve-airgap-images.sh new file mode 100644 index 0000000..d8ddaad --- /dev/null +++ b/airgap-images/retrieve-airgap-images.sh @@ -0,0 +1,71 @@ +#!/usr/bin/env bash +set -euo pipefail + +# ——— CONFIGURATION ——— +WORKDIR="./hauler_temp" +mkdir -p "${WORKDIR}" + +# ——— 1. Add & update the Prime Helm repo ——— +helm repo add rancher-prime https://charts.rancher.com/server-charts/prime +helm repo update + +# ——— 2. Auto-detect Rancher version from your cluster (fallback to Helm) ——— +if RANCHER_IMAGE=$(kubectl -n cattle-system get deployment rancher \ + -o jsonpath='{.spec.template.spec.containers[0].image}' 2>/dev/null); then + RANCHER_VERSION="${RANCHER_IMAGE##*:}" + echo "→ Detected Rancher image in cluster: ${RANCHER_IMAGE}" + echo "→ Using Rancher version: ${RANCHER_VERSION}" +else + echo "→ Could not detect Rancher in cattle-system, falling back to Helm query" + RANCHER_VERSION=$(helm search repo rancher-prime/rancher \ + | awk 'NR==2 {print $3}') + echo "→ Using Rancher GitHub release tag: ${RANCHER_VERSION}" +fi + +# ——— 3. Download & fail if the tag doesn’t exist ——— +PRIME_BASE="https://prime.ribs.rancher.io/rancher/${RANCHER_VERSION}" +curl -fSL "${PRIME_BASE}/rancher-images.txt" \ + -o "${WORKDIR}/orig-rancher-images.txt" \ +|| { + echo >&2 "ERROR: Rancher Prime release ${RANCHER_VERSION} not found at ${PRIME_BASE}" + exit 1 +} + +# ——— 4. Filter out unneeded images ——— +sed -E '/neuvector|minio|gke|aks|eks|sriov|harvester|mirrored|longhorn|thanos|tekton|istio|hyper|jenkins|windows/d' \ + "${WORKDIR}/orig-rancher-images.txt" \ + > "${WORKDIR}/cleaned-rancher-images.txt" + +# Re-add Cluster API and kubectl entries +grep cluster-api "${WORKDIR}/orig-rancher-images.txt" >> "${WORKDIR}/cleaned-rancher-images.txt" +grep kubectl "${WORKDIR}/orig-rancher-images.txt" >> "${WORKDIR}/cleaned-rancher-images.txt" + +# ——— 5. Pick the latest tag for each repo ——— +> "${WORKDIR}/rancher-unsorted.txt" +awk -F: '{print $1}' "${WORKDIR}/cleaned-rancher-images.txt" | sort -u | +while read -r repo; do + grep -w "$repo" "${WORKDIR}/cleaned-rancher-images.txt" \ + | sort -Vr | head -1 \ + >> "${WORKDIR}/rancher-unsorted.txt" +done + +# ——— 6. Final sort & dedupe ——— +sort -u "${WORKDIR}/rancher-unsorted.txt" > "${WORKDIR}/rancher-images.txt" + +# ——— 7. Manual fix-ups ——— +{ + echo "rancher/kubectl:v1.20.2" + echo "rancher/shell:v0.1.24" + grep mirrored-ingress-nginx "${WORKDIR}/orig-rancher-images.txt" +} >> "${WORKDIR}/rancher-images.txt" + +# ——— 8. Generate airgap_hauler.yaml ——— +cat > airgap_hauler.yaml <> airgap_hauler.yaml + +echo " • ${WORKDIR}/rancher-images.txt" +echo " • airgap_hauler.yaml" From 056f8f2313dd2ff757d9191191026fb98293f3e3 Mon Sep 17 00:00:00 2001 From: Alberto Morgante Medina Date: Thu, 22 May 2025 10:55:02 +0200 Subject: [PATCH 2/2] add airgap scripts based on PR #120 --- airgap-images/README.md | 35 +++++++++++++++++++ .../eib-mgmt-cluster-airgap-images.sh | 4 +++ airgap-images/retrieve-airgap-images.sh | 24 ++++++------- 3 files changed, 51 insertions(+), 12 deletions(-) create mode 100644 airgap-images/README.md create mode 100644 airgap-images/eib-mgmt-cluster-airgap-images.sh diff --git a/airgap-images/README.md b/airgap-images/README.md new file mode 100644 index 0000000..02cbaea --- /dev/null +++ b/airgap-images/README.md @@ -0,0 +1,35 @@ +# Airgap images + +There are two types of airgap images: + +- Rancher images + +- EIB images for the mgmt-cluster + +## Requirements + +To retrieve the airgap images, you need to have the following tools installed: + +- helm `curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash` + +**IMPORTANT**: You need to run the following scripts in a cluster deployed with the final versions (the release you want to retrieve the airgap images list) + + +## Airgap images for the management cluster + +The airgap images for the management cluster are located in the `airgap-images` directory. The images are used to create a management cluster that is not connected to the internet. The images are stored in a tar file and can be loaded into the local container registry using the following command: + +```bash +./eib-mgmt-cluster-airgap-images.sh +``` + +This command will show you the full list images to be included in the EIB definition file for airgap scenarios + + +## Airgap images for rancher guide + +``` +./retrieve-rancher-airgap-images.sh +``` + +This will show you the list of images to be included in the rancher guide for airgap environments \ No newline at end of file diff --git a/airgap-images/eib-mgmt-cluster-airgap-images.sh b/airgap-images/eib-mgmt-cluster-airgap-images.sh new file mode 100644 index 0000000..f65efd4 --- /dev/null +++ b/airgap-images/eib-mgmt-cluster-airgap-images.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +set -euo pipefail + +kubectl get pods --all-namespaces -o jsonpath="{..image}" | tr -s '[[:space:]]' '\n' | sort | uniq diff --git a/airgap-images/retrieve-airgap-images.sh b/airgap-images/retrieve-airgap-images.sh index d8ddaad..e06c085 100644 --- a/airgap-images/retrieve-airgap-images.sh +++ b/airgap-images/retrieve-airgap-images.sh @@ -1,28 +1,28 @@ #!/usr/bin/env bash set -euo pipefail -# ——— CONFIGURATION ——— +# CONFIGURATION ——— WORKDIR="./hauler_temp" mkdir -p "${WORKDIR}" -# ——— 1. Add & update the Prime Helm repo ——— +# Add & update the Prime Helm repo helm repo add rancher-prime https://charts.rancher.com/server-charts/prime helm repo update -# ——— 2. Auto-detect Rancher version from your cluster (fallback to Helm) ——— +# Auto-detect Rancher version from your cluster (fallback to Helm) if RANCHER_IMAGE=$(kubectl -n cattle-system get deployment rancher \ -o jsonpath='{.spec.template.spec.containers[0].image}' 2>/dev/null); then RANCHER_VERSION="${RANCHER_IMAGE##*:}" - echo "→ Detected Rancher image in cluster: ${RANCHER_IMAGE}" - echo "→ Using Rancher version: ${RANCHER_VERSION}" + echo "Detected Rancher image in cluster: ${RANCHER_IMAGE}" + echo "Using Rancher version: ${RANCHER_VERSION}" else - echo "→ Could not detect Rancher in cattle-system, falling back to Helm query" + echo "Could not detect Rancher in cattle-system, falling back to Helm query" RANCHER_VERSION=$(helm search repo rancher-prime/rancher \ | awk 'NR==2 {print $3}') - echo "→ Using Rancher GitHub release tag: ${RANCHER_VERSION}" + echo "Using Rancher GitHub release tag: ${RANCHER_VERSION}" fi -# ——— 3. Download & fail if the tag doesn’t exist ——— +# Download & fail if the tag doesn’t exist PRIME_BASE="https://prime.ribs.rancher.io/rancher/${RANCHER_VERSION}" curl -fSL "${PRIME_BASE}/rancher-images.txt" \ -o "${WORKDIR}/orig-rancher-images.txt" \ @@ -31,7 +31,7 @@ curl -fSL "${PRIME_BASE}/rancher-images.txt" \ exit 1 } -# ——— 4. Filter out unneeded images ——— +# Filter out unneeded images sed -E '/neuvector|minio|gke|aks|eks|sriov|harvester|mirrored|longhorn|thanos|tekton|istio|hyper|jenkins|windows/d' \ "${WORKDIR}/orig-rancher-images.txt" \ > "${WORKDIR}/cleaned-rancher-images.txt" @@ -49,17 +49,17 @@ while read -r repo; do >> "${WORKDIR}/rancher-unsorted.txt" done -# ——— 6. Final sort & dedupe ——— +# Final sort & dedupe sort -u "${WORKDIR}/rancher-unsorted.txt" > "${WORKDIR}/rancher-images.txt" -# ——— 7. Manual fix-ups ——— +# Manual fix-ups { echo "rancher/kubectl:v1.20.2" echo "rancher/shell:v0.1.24" grep mirrored-ingress-nginx "${WORKDIR}/orig-rancher-images.txt" } >> "${WORKDIR}/rancher-images.txt" -# ——— 8. Generate airgap_hauler.yaml ——— +# Generate airgap_hauler.yaml cat > airgap_hauler.yaml <