Sync operation fetches artifacts data from Broadcom official websites of specified TCA releases after 2.3. The artifacts data includes TCA container images, helm charts, TKG container images, and Photon OS packages.

Site Whitelist to access on the Internet

Following is the whitelist sites to allow the TCA Airgap Appliance to synchronize artifacts:

The sites on the whitelist must be added to your network or security device, such as firewall or proxy server, and removed after the synchronization.

Prerequisites

  • The TCA Airgap Appliance must be reachable to Broadcom official websites on the internet.

  • Server certificate is correctly configured in the Airgap Appliance.

Procedure

  1. Login to the TCA Airgap Appliance using SSH admin account then switch to root by running su to use agctl command.
  2. Verify the connectivity to the remote site.

    Run agctl selfcheck remote command, all the printed remote sites must be reachable. If not, solve the connectivity issue by:

    • Wire the Airgap Appliance interface to the network having access to the internet.

    • Add the remote sites list in the command line to the white list of your Firewall or Proxy.

  3. Prepare the parameters and trigger the synchronization.

    Edit /usr/local/airgap/scripts/vars/user-inputs.yml by running the following command:

    vi /usr/local/airgap/scripts/vars/user-inputs.yml

    Modify parameters products, build_sync, and local_only on demand:

    • product.name

      Artifacts of product name to synchronize. The value could be “tca” or “photon”. It is worthy to note that Photon repositories to be fetched irrespective of TCA release defined in product versions, it is always the latest.

    • product.versions

      Versions of the products to synchronize. Currently, the version is only meaningful when the product name is “tca”. It could be a range of versions, or a single version string with format <major version number>.<minor version number>.<patch version number>.

    • product.baseline

      Only the artifacts after a baseline will be synchronized. Currently, the version is only meaningful when the product name is “photon”. The baseline can be a previous TCA release number starting from 2.3.0. TCA made a snapshot on the photon package list after a TCA version was released. Without the baseline version specified, the full set of photon packages will be mirrored, otherwise only the incremental packages will be synchronized.

    • build_sync

      This field is required to be specified for the highest TCA release supported. It is formatted with <tca version>-<build number>. The build number could be found on the release note of VMware Telco Automation product.

    • local_only

      If this flag is True, only the TCA artifacts belonging to the specified TCA releases will be synchronized. TCA dependent TKG artifacts and photon repositories are skipped.

      TCA releases bom files are downloaded automatically to folder /usr/local/airgap/bom during the operation, and then and then the artifacts list in the bom files will be synchronized.

    Examples:

    1. Synchronizing full artifacts of TCA releases, and their dependent TKG releases, and all the packages of current photon repositories.

      products:  
   - name: "tca"    
   versions: "2.3.0-3.2.0"

build_sync: "3.2.0-<build number>"
local_only: False

    2. Synchronizing artifacts of TCA 3.2.0 and only the incremental photon packages added after the time TCA 3.1.1 released.

      products:  
    - name: "tca"    
      versions: "3.2.0"  
    - name: "photon"    
      baseline: "3.1.1"

build_sync: "3.2.0-<build number>"
local_only: False

    3. Synchronizing only the TCA artifacts of certain releases, and skipping TKG and Photon synchronization.

      products:  
      - name: "tca"    
        versions: "3.2.0"

build_sync: "3.2.0-<build number>"
local_only: True

      Save and run agctl sync command to trigger the operation.

  4. Monitor the synchronization progress.

    Run agctl sync status command to check the operation status, or the sync log files under /user/local/airgap/logs directory.

    Important:

    The operation will be retried until success automatically. You can run agctl cancel command to abort it in the middle.

  5. Verify the completion.

    Once the operation is completed, the agctl sync status will report all the Image Repositories as Completed Status and the ansible sync log under /user/local/airgap/logs/ folder end with failed=0.

    Run agctl show readyz to check the completion of TCA releases.

    Run agctl selfcheck data to check the integrity of TCA images in harbor.

    Note:

    If you synchronize the artifacts data via some HTTPS proxy, and there are intermediate failure in the sync log under /user/local/airgap/logs/ with message proxyconnect tcp: net/http: TLS handshake timeout, please check your HTTPS proxy performance.