Support air-gapped environment

[bwgjoseph]

Is your feature request related to a problem? Please describe

Does not support installation on air-gapped environment and non WSL Windows setup. See #180

Describe the solution you'd like

• To allow for installation in air-gapped environment
• To optionally support non WSL Windows (Hyper-V setup)

Describe alternatives you've considered

No response

Sub Tasks

• Provide an installer which include the podman machine image for windows and mac
• Handle the case of upgrading podman desktop with a newer version of the podman-machine image
• Provide an option in the settings to enable a user to indicate the path to a podman-machine image

[gbraad]

To optionally support non WSL Windows (Hyper-V setup)

The Hyper-V installation flow is performed using crc. This installs a VM prepared for podman and has the same settings, but also has a userspace networking stack that can work with route-all VPNs.

[gbraad]

This is not clearly specified, but believe this is a Windows specific issue? This partially applies to macOS too.

To allow for installation in air-gapped environment

On Windows with the introduction of containers/podman@0f53abd the issue containers/podman#14698 has been resolved. Images are downloaded from: https://github.com/containers/podman-wsl-fedora. The init flow automatically determines the latest version. But they can be embedded in an installer or manually provided and used as podman machine init --image-path [rootfs.tar.xz]

[braunsonm]

@gbraad Can they optionally be embedded in the installer than along with the podman CLI to support this issue? Or at least docs on the method users should do.

[gbraad]

For non-Windows platforms this is more problematic as the installation flow expects to run an ignition installation description, which pulls packages from the internet. To optimize this we can use a similar way by using prepped images. The Podman team prefers to be flexible as the ignition file allows more customization. I think we can have both; a generic image deployment (which will always succeed and result in the same setup) and the ignition flow as an advanced usecase. Note; prepping images is also an involved; automation is possible as we have seen with WSL. I remember running tests to even convert the WSL images to bootable ones, though this is not the approach we wanna take; too involved. Best to run ignition on a pipeline and package an image.

---

I understand that the ignition file does not pull packages anymore, but instead only removes a specific package. So the deployment on non-Windows should also be possible in an air-gapped setup.

[gbraad]

@braunsonm Will put this discussion on the agenda again. A fallback image for an airgapped/network failure might be an option.

[gbraad]

@braunsonm for docs, a possible FAQ or doc entry would be possible. The steps are something along the lines of:

1. download a rootfs.tar.xz from a release at https://github.com/containers/podman-wsl-fedora/releases/
2. run podman machine init --image-path pointing to this image

Ref: containers/podman#16670

[slemeur]

AI: break down into sub-tasks.
It will be possible to include the VM image (for podman-machine) as part of the binaries for Windows and Mac and automatically configure podman+podman desktop to use that image. So it will be an all-in-one air gapped package.

[bwgjoseph]

thanks for working on this feature.

May I know if there's a user doc on how to do it on user end? i.e caching the binaries and installing it on airgap machine?

I don't see it listed anywhere in https://podman-desktop.io/docs/Installation/windows-install

[benoitf]

hello @bwgjoseph the binaries will only produced for the "releases" and not for the "pre-releases"

You can build the binaries on your own for now to try it out

Follow all pre-requisites to build Podman Desktop and call:

AIRGAP_DOWNLOAD=1 yarn compile:current

on Windows or macOS to have .exe or dmg airgapped files.

[bwgjoseph]

Hi @benoitf,

What do you mean by "releases" and not "pre-releases"?

I just cloned and followed the instruction to build, and this is what is in the dist directory

Do I bring everything to airgap machine to install podman-desktop? Or can I just bring podman-desktop-airgap-0.11.0-next-setup.exe? And what's the difference between this and podman-desktop-airgap-0.11.0-next.exe?

Thanks!

[benoitf]

@bwgjoseph

pre-releases = push to github releases new artifacts on each commits to the main branch

releases = only when we create a tag

You've everything you need with these Windows assemblies.

-next.exe = self-contained unpacked executable. On each start it's unpacking content and then run from a temporary directory
-next-setup.exe = installer. You install it once and then you run Podman Desktop from Program Files

[bwgjoseph]

ah, thanks! To further clarify, you mentioned that it produces "release", but the filename shows ~next which sounds more like a "pre-release" executable/installer.

Anyhow, I will test it on airgap machine soon, and see if it has any issue installing and running it. Will report back once I am done tested it

[bwgjoseph]

I have tested installing on an air-gapped machine and the installation is looking good! I just realize that the installer is also provided as part of the release binaries.

Thanks!