Installing QRadar Suite Software in an air-gapped environment

If your cluster is not connected to the internet, you can install IBM Security QRadar® Suite Software in your cluster by using either a bastion host, a portable compute device, or a portable storage device.

It is common in production to have a cluster that does not have internet access. In these cases, you can still install QRadar Suite Software, IBM Cloud Pak® solutions, and Red Hat® OpenShift® Container Platform in an air-gapped (otherwise known as offline or disconnected) environment. Unlike online installations, air-gapped installations require you to enable the IBM Operator Catalog to mimic a typical online installation by using images in your own registry.

The following diagram provides an overview of air-gapped installation scenarios for portable compute, portable storage, and bastion hosts.

An image that shows a Bastion host, a portable compute device, and a portable storage device. Each of these devices is shown pushing a product image to a local image registry. Then after the local image registry is disconnecting from the device, the Red Hat OpenShift Container Platform cluster in an air-gapped environment is connected to the local image registry to pull in the product image.

Air-gapped scenarios

All of these scenarios use Container Application Software for Enterprises (CASE) files to mirror content from a source to a target. CASE is a specification that defines metadata and structure for packaging, managing, and unpacking containerized applications.

You can store the product code and images to a portable compute device, a portable storage device, or a bastion host and then transfer them to a local air-gapped network. If you are using either a portable compute device or a portable storage device, you don't need a bastion host to install in your air-gapped environment.

Air-gapped installation approach Example Description
Bastion host bastion host A bastion server is a device that has access to both the public internet and the local intranet where a local registry and Red Hat OpenShift Container Platform clusters reside. Using the bastion server, you can replicate your images through the bastion server directly to the local intranet registry behind the firewall.
Portable compute device Laptop A portable compute device, such as a laptop, can be used to download images from the entitled registry to a portable container registry that is running locally on the device. You can then bring the device behind your firewall and copy the images from your portable registry on the device to the local intranet registry behind the firewall.
Portable storage device Portable hard disk drive A portable storage device, such as a hard disk drive, can be connected to a compute device external to your firewall to download the images. This portable storage can then be connected to a device behind the firewall so that the images can be loaded to the local intranet registry.
From a high level, air-gapped installations consist of four steps.
  1. Setting up your mirroring environment.
  2. Setting environment variables and downloading CASE files.
  3. Mirroring images.
  4. Installing QRadar Suite Software.

Setting up proxy environment variables

If your bastion host, portable compute device, or portable storage device must be able to connect to the internet via a proxy, set the following environment variables on the machine that accesses the internet via the proxy server.
export https_proxy=http://<URL>:<port> &&
export http_proxy=http://<URL>:<port>
For example:
export https_proxy=http://example.com:5018 &&
export http_proxy=http://example.com:5018