Getting access to images from a local image registry

Use the load images script to access FNCM component images from a local image registry. The load images script pulls the images from IBM Entitled Registry and pushes them to your registry. The device that you use to run the script must be connected to the internet and have access to the local registry.

Before you begin

The loadimages.py script uses the following utility tools and needs them to be installed on your client machine:

  • Kubernetes CLI
  • Python
  • container-samples repository from GitHub
  • Skopeo
To install the specified tools that are used by the loadimages.py script, see topic Preparing a client to connect to the cluster.

If the script finds that any of these tools are missing on the client, it reports which tools are missing and provides a choice to install the tool.

About this task

The loadimages.py script creates a file that contains the image repository information for the FNCM components. Based on the information in the file, the component images are pulled from IBM Entitled Registry. You can review the file to specify the FNCM component images that you require, and update the repository or tag information for the components. The script then processes the file to copy the specified component images from the IBM Entitled Registry to a private image registry that you supply.

The loadimages.py script has two modes.
generate
When you run the script in generate mode, it first checks whether all the required descriptor files exist and flags files that are missing. When all the required files exist and the prerequisites validation passes, it generates the imageDetails.toml file. The imageDetails.toml file contains the image repository and tag information for the FNCM components that are supported in a FileNet P8 container environment.
push
The push mode copies the images for the FNCM components that are specified in imageDetails.toml from the IBM Entitled Registry to a private image registry that you supply.

After you downloaded the container-samples repository, change the directory to the container-samples/scripts folder.

The script can be run from this location and has the following options:
python3 loadimages.py --help

Usage: loadimages.py [OPTIONS] COMMAND [ARGS]...

FileNet Content Manager Deployment Load Images CLI.

Options:
  --version                      Show version and exit. 
  --install-completion           Install completion for the current shell.
  --show-completion              Show completion for the current shell, to copy it or customize the installation.
  --help                         Show this message and exit.

Customization and Utils:
  --silent     --no-silent       Enable Silent Install (no prompts). [default: no-silent]
  --verbose    --no-verbose      Enable verbose logging. [default: no-verbose]
  --dryrun     --no-dryrun       Perform a dry run [default: no-dryrun]

Commands:  
  generate       Generate the image details file.
  push           Push images to a registry based on existing image details file.
You can run the script interactively, or supply the environment variables beforehand and run the script as a silent deployment.
When you run the script in interactive mode, you can specify the mode that you want. When you run the script without specifying a mode, it runs in all modes. The following command runs the script interactively:
python3 loadimages.py
Tip: Before you run the script in silent mode, make sure that you fill the ./scripts/silent_config/silent_install_loadimages.toml file and then run the following command:
python3 loadimages.py --silent

Procedure

  1. Open a terminal or command prompt and navigate to the directory where the container-samples repository was downloaded:
    cd ./container-samples/scripts
  2. Run the following command to install the necessary Python packages from the requirements.txt file:
    python3 -m pip install -r requirements.txt
  3. Run the loadimages.py script in generate mode.
    • Generate mode (Interactive)
      The following command runs the script in generate mode interactively:
      python3 loadimages.py generate
    • Generate mode (Silent)
      Before you run the script in this mode silently, you need to fill the ./scripts/silent_config/silent_install_loadimages.toml. The following command runs the script in generate mode silently:
      python3 loadimages.py --silent generate
    The prerequisites validation for this mode checks whether all required descriptor files exist and flags missing files. When all the required files exist and the prerequisites validation passes, it generates the imageDetails.toml file. The imageDetails.toml file contains the image repository and tag information for the FNCM components that are supported in a FileNet P8 container environment.
  4. Review the imageDetails.toml.
    You can review the component images that you want to be pushed. You can also update or remove the repository or tag information for the components. For example, the component image details in the imageDetails.toml look like the following:
    # ####################################################
    # ##           FNCM Component Image Details          ##
    # ####################################################
    [DBA-KEYTOOL-INITCONTAINER]
    REPOSITORY = "cp.icr.io/cp/cp4a/common/dba-keytool-initcontainer"
    TAG = "24.0.0"
    [CPE]
    REPOSITORY = "cp.icr.io/cp/cp4a/fncm/cpe"
    TAG = "ga-560-p8cpe"
    [CSS]
    REPOSITORY = "cp.icr.io/cp/cp4a/fncm/css"
    TAG = "ga-560-p8css"
    
    
  5. Run the loadimages.py script in push mode.
    • Push mode (Interactive)
      The following command runs the script in push mode interactively:
      python3 loadimages.py push
    • Push mode (Silent)
      Before you run the script in this mode silently, you need to fill the ./scripts/silent_config/silent_install_loadimages.toml. The following command runs the script in push mode silently:
      python3 loadimages.py --silent push
      The prerequisites validation for this mode checks whether the required utility tools like Podman or Docker and Skopeo exist and flags them if they are missing.

    For interactive deployments, provide the following values:

    1. Enter your IBM Entitlement Registry key. For more information, see topic Getting access to images from the public IBM Entitled Registry.
    2. Enter your private registry host information and login information. You need to enter the host information and supply SSL certificate if SSL is enabled. The script checks if the private registry is reachable. You then need to supply the username and password to authenticate to the private image registry.
    3. Review whether you want to push the images to the private image registry.

Results

For the components mentioned in the imageDetails.toml, the script copies the container images to the private image registry successfully.

What to do next

To install the operator, see Installing the operator by running a script.