Using ESS with a local registry in airgap networks
Using ESS with a local registry in airgap networks
In some airgap environments, rather than downloading the airgapped artifacts from the Element EMS service, it may be prefereble to setup your local repository to download the artifacts automatically and make them available to the air-gapped K8s cluster. This article explains the steps required to set this up.
Remote repositories
During the installation, the ESS Installer downloads artifacts from several remote repositories including:
- gitlab-registry.matrix.org
- docker.io
- ghcr.io
- quay.io
- gcr.io
The exact location of the required artifacts are defined in the images_digests.yml file.
You will need to inject a ConfogMap with the following structure:
`data: images_digests: | adminbot: access_element_web: haproxy: pipe: auditbot: access_element_web: haproxy: pipe: element_call: element_call: jwt: redis: sfu: element_web: element_web: groupsync: groupsync: hookshot: hookshot: integrator: appstore: integrator: modular_widgets: matrix_authentication_service: init: matrix_authentication_service: matrix_content_scanner: clam_anti_virus: icap: matrix_content_scanner: sliding_sync: api: poller: sydent: sydent: sygnal: sygnal: synapse: haproxy: redis: synapse: synapse_admin: synapse_admin: well_known_delegation: well_known_delegation:
Using registry.local as the URL of your local repository, an example manifest would be:
apiVersion: v1
kind: ConfigMap
metadata:
name:
Steps:
- Modify the images_digest.yml file to create a ConfigMap definition as follows:
- If your registry modifies the package, remove the digest, or create a new one.
- If required, modify the image_repository_path to match your local repository structure.
- Replace the image_repository_server with the URL of your local repository.
- Remove the image_tag (this is automatically added by the Operator)
- Add the
- Create the ConfigMap
- Apply the configmap with
kubectl apply -f images_digest_