Mirroring images to a private registry
You must mirror all of the images that your deployment needs from the public image
registries to a private registry. An ImageContentSourcePolicy is also needed to
redirect the image pull requests from the public registries to the private registry.
About this task
The custom resource file must use the default settings for the sc_image_repository parameter in an air gap environment. The running pods show the public image addresses even though the private registry is being used.
Tip: If the image fails to load from the private registry, the request uses the public
registry. The public registry request always fails in an air gap environment, so these errors might
be misleading if you focus on the public registry request.
Choose the type of host you want to set up. Your choice determines how you mirror the images to the private registry. A portable compute device can be used with or without the use of a portable storage device.
Important: You must set up an air gap environment for testing, quality assurance (QA),
and user acceptance testing (UAT). These environments can help to ensure that the software is
error-free before you roll the same tested Cloud Pak operator version or interim fix out to a
production environment. You must use the same bastion host, portable compute device, or portable
storage device to mirror all of the tested images in all your deployment environments. When testing
is complete in your test/QA/UAT environments and you are ready to roll the deployment out to
production do not mirror the images again. Mirroring the images again pulls the latest versions of
IBM Automation foundation and Cloud Pak foundational services. These images might be different from
what you tested in your test, QA, UAT, or pre-production environments.