we tried to setup the operation center using IncusOS in a Proxmox VM. The connection is bridged but doesn’t offer an internet connection due to security restrictions. Is it possible to run Incus and it’s Operation Center in such an air-gapped envrionment?
The system boots, brings up the network, complains about not being able to check for Secure Boot key updates, bringing up the local storage and finishes with System is ready. It doesn’t list any installed applications, therefore not offering any services on port 8443.
Is this a user error or is it not supported to have a full offline setup?
Yeah, it’s possible to do it, though I don’t think we currently have any documentation on how to do it.
@gibmat could you add a tutorial for deploying an airgaped Operations Center to the IncusOS documentation?
Basically the way you do it is:
Download an IncusOS image as usual
Go to the image server (Index of /os/) and locate the image that matches your IncusOS build, then retrieve update.sjson and operations-center.raw.gz from the x86_64 folder.
Depending on your system, you’ll then need to either generate an ISO image or USB disk image (with a single VFAT partition), typically you’ll want to line that up with the media type used for the install media.
In either case, the label needs to be RESCUE_DATA and the file tree needs to look like:
update/
update/update.sjson
update/x86_64/operations-center.raw.gz
Attach that media to your VM and boot it.
The RESCUE_DATA media will be detected by IncusOS and it will use it as an image source, allowing for Operations Center to get loaded up that way.
Once Operations Center is up and running, the server will be fetching any further update through Operations Center so you won’t need to use that mechanism ever again.
To load images into Operations Center in a fully airgaped environment, you can upload a full image into Operations Center by downloading and making an uncompressed tarball from the files on our image server, then upload that through the Import mechanism available in both UI and CLI.