文章目录
- 🎯1:**目标是啥?**
- 🧰 2:看都有哪些 Operator 可下
- 📦 3:看这个 Operator 都有哪些版本
- ✍️ 4:配置镜像下载文件
- 4.1:下载**所有版本**写法
- 4.2:只下载指定版本
- 🚚 5:开始下载镜像
- 📤 6:上传到你自己的私有仓库
- 🧩 7: 禁用在线 OperatorHub 源
- ✅ 8:告诉 OpenShift 用我们自己的离线源
- 8.1:创建 CatalogSource
- 8.2:设置镜像源映射(ImageContentSourcePolicy)
- 8.3:等节点自动滚动更新(这步要等一会)
- 8.4:自定义标签
- ✅ 方法一:手动给镜像打 tag(推荐)
- ✅ 方法二:手动编辑 mapping.txt 添加 tag(进阶)
- ✅ 方法三:在私有仓库(如 Harbor)中手动打 tag
- 📡 9:用图形界面安装 Cert-manager
- 🎉10: 大功告成!
在企业内网部署 OpenShift 时,经常会遇到一个问题:很多组件依赖公网,尤其是证书相关的服务。比如常见的 cert-manager,它是 Kubernetes 里用来自动签发和管理证书的工具,很多 Operator、Ingress 或 Webhook 服务都会用到它。
但 cert-manager 的安装方式默认是联网下载,比如直接从 GitHub 拉 YAML 文件,镜像则从 quay.io 拉。这在离线环境里根本行不通。
很多人尝试手动复制 YAML 文件或者用 oc apply 导入,但还是发现各种问题,比如镜像拉不下来、证书无法生成、Webhook 起不来等。这是因为 cert-manager 不只是几个 YAML 文件,它还依赖多个镜像、CRD 资源、Webhook 服务,必须一步到位配置好。
所以在 OpenShift 的离线环境中,安装 cert-manager 是必要的,也是有挑战的。你需要准备好镜像、调整配置,再部署进集群,才能保证相关服务正常运行。
这篇文章就是来帮你搞定这件事的
🎯1:目标是啥?
从 Red Hat 官方的 OperatorHub 上,把 cert-manager 下载回来,离线安装。你可以选择下载 所有版本 或 指定版本。
准备条件:
- OCP版本: 4.16.36
- Bastion(help node)节点操作系统: RHEL 9.4 x64
- 需要先在openshift集群完成仓库部署。
🧰 2:看都有哪些 Operator 可下
这条命令会告诉你当前这个 Operator Catalog 里都有哪些可选的 Operator。比如你找的是 cert-manager,你可以看到它的名称和默认的 channel(stable)。
Logging to .oc-mirror.log
NAME DISPLAY NAME DEFAULT CHANNEL
3scale-community-operator 3scale API Management threescale-2.14
ack-acm-controller AWS Controllers for Kubernetes - Amazon ACM alpha
ack-acmpca-controller AWS Controllers for Kubernetes - Amazon ACM PCA alpha
ack-apigateway-controller AWS Controllers for Kubernetes - Amazon API Gateway alpha
ack-apigatewayv2-controller AWS Controllers for Kubernetes - Amazon API Gateway v2 alpha
ack-applicationautoscaling-controller AWS Controllers for Kubernetes - Amazon Application Auto Scaling alpha
ack-athena-controller AWS Controllers for Kubernetes - Amazon Athena alpha
ack-cloudfront-controller AWS Controllers for Kubernetes - Amazon CloudFront alpha
ack-cloudtrail-controller AWS Controllers for Kubernetes - Amazon CloudTrail alpha
ack-cloudwatch-controller AWS Controllers for Kubernetes - Amazon CloudWatch alpha
ack-cloudwatchlogs-controller AWS Controllers for Kubernetes - Amazon CloudWatch Logs alpha
ack-documentdb-controller AWS Controllers for Kubernetes - Amazon DocumentDB alpha
ack-dynamodb-controller AWS Controllers for Kubernetes - Amazon DynamoDB alpha
ack-ec2-controller AWS Controllers for Kubernetes - Amazon EC2 alpha
ack-ecr-controller AWS Controllers for Kubernetes - Amazon ECR alpha
ack-ecs-controller AWS Controllers for Kubernetes - Amazon ECS alpha
ack-efs-controller AWS Controllers for Kubernetes - Amazon Elastic File System (Amazon EFS) alpha
ack-eks-controller AWS Controllers for Kubernetes - Amazon EKS alpha
ack-elasticache-controller AWS Controllers for Kubernetes - Amazon ElastiCache alpha
ack-elbv2-controller AWS Controllers for Kubernetes - Amazon ELB alpha
ack-emrcontainers-controller AWS Controllers for Kubernetes - Amazon EMR on EKS alpha
ack-eventbridge-controller AWS Controllers for Kubernetes - Amazon EventBridge alpha
ack-iam-controller AWS Controllers for Kubernetes - Amazon IAM alpha
ack-kafka-controller AWS Controllers for Kubernetes - Amazon Kafka alpha
ack-keyspaces-controller AWS Controllers for Kubernetes - Amazon Keyspaces alpha
ack-kinesis-controller AWS Controllers for Kubernetes - Amazon Kinesis alpha
ack-kms-controller AWS Controllers for Kubernetes - Amazon KMS alpha
ack-lambda-controller AWS Controllers for Kubernetes - Amazon Lambda alpha
ack-memorydb-controller AWS Controllers for Kubernetes - MemoryDB alpha
ack-mq-controller AWS Controllers for Kubernetes - Amazon MQ alpha
ack-networkfirewall-controller AWS Controllers for Kubernetes - Amazon Network Firewall alpha
ack-opensearchservice-controller AWS Controllers for Kubernetes - Amazon OpenSearch Service alpha
ack-organizations-controller AWS Controllers for Kubernetes - Amazon Organizations alpha
ack-pipes-controller AWS Controllers for Kubernetes - Amazon EventBridge Pipes alpha
ack-prometheusservice-controller AWS Controllers for Kubernetes - Amazon Prometheus alpha
ack-rds-controller AWS Controllers for Kubernetes - Amazon RDS alpha
ack-recyclebin-controller AWS Controllers for Kubernetes - Amazon Recycle Bin alpha
ack-route53-controller AWS Controllers for Kubernetes - Amazon Route53 alpha
ack-route53resolver-controller AWS Controllers for Kubernetes - Amazon Route53Resolver alpha
ack-s3-controller AWS Controllers for Kubernetes - Amazon S3 alpha
ack-sagemaker-controller AWS Controllers for Kubernetes - Amazon SageMaker alpha
ack-secretsmanager-controller AWS Controllers for Kubernetes - Amazon Secrets Manager alpha
ack-ses-controller AWS Controllers for Kubernetes - Amazon SES alpha
ack-sfn-controller AWS Controllers for Kubernetes - Amazon Step Functions alpha
ack-sns-controller AWS Controllers for Kubernetes - Amazon SNS alpha
ack-sqs-controller AWS Controllers for Kubernetes - Amazon SQS alpha
ack-ssm-controller AWS Controllers for Kubernetes - Amazon SSM alpha
ack-wafv2-controller AWS Controllers for Kubernetes - Amazon WAFV2 alpha
aerospike-kubernetes-operator Aerospike Kubernetes Operator stable
airflow-helm-operator Airflow Helm Operator alpha
alvearie-imaging-ingestion Alvearie Imaging Ingestion Operator alpha
amd-gpu-operator amd-gpu-operator alpha
analytics-operator Observability Analytics alpha
annotationlab NLPLab alpha
apicast-community-operator APIcast stable
apicurio-api-controller Apicurio API Controller 0.x
apicurio-registry Apicurio Registry Operator 2.x
apicurito API Designer latest
apimatic-kubernetes-operator APIMatic Operator alpha
application-services-metering-operator Application Services Metering Operator alpha
aqua Aqua Security Operator 2022.4.0
argocd-operator Argo CD alpha
assisted-service-operator Infrastructure Operator for Red Hat OpenShift alpha
authorino-operator Authorino Operator stable
automotive-infra Automotive-CI alpha
aws-efs-operator AWS EFS Operator stable
awss3-operator-registry AWS S3 Operator alpha
azure-service-operator Azure Service Operator stable
beegfs-csi-driver-operator BeeGFS CSI Driver stable
bookkeeper-operator BookKeeper Operator alpha
bpfd-operator Bpfd Operator alpha
bpfman-operator Bpfman Operator alpha
camel-k Camel K Operator stable-v2
camel-karavan-operator Camel Karavan Operator alpha
cass-operator-community DataStax Kubernetes Operator for Apache Cassandra stable
cert-manager cert-manager stable
cert-utils-operator Cert Utils Operator alpha
cluster-aas-operator Cluster as a service operator alpha
cluster-impairment-operator cluster-impairment-operator beta
cluster-manager Cluster Manager stable
cluster-relocation-operator Cluster Relocation Operator stable
cockroachdb CockroachDB Helm Operator stable-v6.x
codeflare-operator CodeFlare Operator alpha
community-kubevirt-hyperconverged KubeVirt HyperConverged Cluster Operator 1.10.7
community-trivy-operator Community Trivy Operator stable
community-windows-machine-config-operator Community Windows Machine Config Operator preview
customized-user-remediation Customized User Remediation Operator - Community Edition alpha
cxl-operator extend-community-operator alpha
dapr-kubernetes-operator Dapr Control Plane Operator alpha
datadog-operator Datadog Operator stable
datatrucker-operator DataTrucker.IO alpha
dbaas-operator OpenShift Database Access Operator stable
debezium-operator Debezium Operator debezium-latest
dell-csm-operator Dell Container Storage Modules stable
deployment-validation-operator Deployment Validation Operator 
最低0.47元/天 解锁文章
扫一扫
716
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
