Learn how to mirror an application catalog to a private container registry, using the CLI.

A typical Kubernetes deployment requires many container images to function. When these Kubernetes deployments don't have internet access, such as those in air-gapped environments, it's time-consuming to move these images from the public container registry to another location that's accessible to the cluster nodes. The ocne catalog mirror command simplifies this process, by enabling users to migrate images used by applications in application catalogs between container registries.

The ocne catalog mirror command can clone either all the images that are available in an application catalog, or a subset of images based on a list of applications and their configuration in a cluster configuration file. For example, the following cluster configuration file pulls specific application images and their configuration settings from the Oracle Cloud Native Environment Application Catalog container registry:

applications:
  - application: headlamp
    name: myheadlamp
    catalog: Oracle Cloud Native Environment Application Catalog
    namespace: example-namespace-headlamp
  - application: oci-capi
    name: myoci-capi
    catalog: Oracle Cloud Native Environment Application Catalog
    configFrom: /home/opc/exampleValues.yaml
    namespace: example-namespace-capi
    config:
      authConfig:
        tenancy: exampleTenancy
        user: exampleUser
        fingerprint: exampleFingerprint
        release: 13     

The host that runs the ocne catalog mirror command must have access to all the relevant registries, using the public internet, internal networks, or a combination. A private container registry must be on a host that's accessible to all nodes within the cluster.

You can use an existing container registry on the network, or create one for this specific purpose. Oracle provides tools which can be used to create container registries. For example, see the instructions in the Setting up a Local Container Registry section in Oracle® Linux: Podman User's Guide.

Images are only mirrored when you specify the --push option in the ocne catalog mirror command. Run the ocne catalog mirror command without the --push option to see a list of the images that would be mirrored by the command.