Wipe Portworx in an airgapped cluster
When wiping Portworx in Kubernetes, a number of docker images are fetched from registries on the internet.
This topic explains how to load these images onto your nodes when they don’t have access to the standard registries on the internet.
Step 1: Download the wiper script
Click Download wiper script and save it any node which has kubectl access to your cluster.
Alternately, you can also use wget
.
wget -O px-wipe.sh https://install.portworx.com/2.1/px-wipe
Step 2: Download the images that the wiper script will use
First let’s pull all the images required for the wipe process.
PX_IMGS="$PX_IMGS portworx/talisman:latest portworx/px-node-wiper:2.0.2.1"
echo $PX_IMGS | xargs -n1 docker pull
Step 3: Push to local registry server, accessible by air-gapped nodes
This steps assumes your cluster nodes have access to a custom/private registry.
Export your registry location:
export REGISTRY=<YOUR_REGISTRY_LOCATION>
Note that the registry location can be:
- a registry and its port:
export REGISTRY=myregistry.net:5443
or
- it could include your own repository:
export REGISTRY=_myregistry.net:5443/px-images
Push the images to the registry:
# Trim trailing slashes: REGISTRY=${REGISTRY%/} # re-tag and push into custom/local registry defined previously # Check if using custom registry+repository (e.g. `REGISTRY=myregistry.net:5443/px-images`) # or just the registry (e.g. `REGISTRY=myregistry.net:5443`) echo $REGISTRY | grep -q / if [ $? -eq 0 ]; then # registry + repo are used -- we'll strip original image repositories for i in $PX_IMGS $PX_ENT; do tg="$REGISTRY/$(basename $i)" ; docker pull $i; docker tag $i $tg ; docker push $tg ; done else # only registry used -- we'll keep original image repositories for i in $PX_IMGS $PX_ENT; do tg="$REGISTRY/$i" ; docker pull $i; docker tag $i $tg ; docker push $tg ; done fi
Now that you have the images in your registry, continue with Step 4: Run the wiper script.
Step 4: Run the wiper script
First let’s figure out the image names and tags for our private registry.
Below we are simply prefixing the actual image names with the custom/private registry.
echo $REGISTRY
.
export WIPER_IMAGE=$REGISTRY/portworx/px-node-wiper
export TALISMAN_IMAGE=$REGISTRY/portworx/talisman
Now let’s run the wiper script we downloaded previously from any node that has kubectl access.
chmod +x px-wipe.sh
./px-wipe.sh -I $TALISMAN_IMAGE -wi $WIPER_IMAGE