Anchore Enterprise in an Air-Gapped Environment

Download images locally

Follow these steps to manually transfer the images and deploy Anchore Enterprise on Docker.

  1. Download Images from a System with Internet Access On a machine that has internet access, pull all the relevant Anchore images: We will assume the latest Anchore Enterprise version is v5.15, so we will be pulling down these images (make sure to pull current version as needed)
docker pull docker.io/anchore/enterprise:v5.15.0
docker pull docker.io/library/postgres:13
docker pull docker.io/library/redis:7
docker pull docker.io/anchore/enterprise-ui:v5.15.0
  1. Save Images as Tar Files Once the images are pulled, save them as a tarball so that they can be transferred to the air-gapped system. Run the following command:
docker save -o anchore_images.tar \
    docker.io/anchore/enterprise:v5.15.0 \
    docker.io/library/postgres:13 \
    docker.io/library/redis:7 \
    docker.io/anchore/enterprise-ui:v5.15.0

This command will create a tar file (approx. 2.2GB in size) containing all the pulled images.

  1. Transfer Images to the Air-Gapped Environment Now, transfer the anchore_images.tar file (via a memory stick or other means) to the air-gapped system.

  2. Load the Images onto the Air-Gapped System On the air-gapped system, load the images from the tarball using the following command:

docker load -i anchore_images.tar

You can verify that the images have been loaded by running:

docker images

Deploy Anchore on the Air-Gapped System

Once the images are available on the offline system, you can proceed with the deployment using docker-compose.

  1. Download the Docker Compose File On a system with internet access, download the official Docker Compose file for Anchore:

curl https://docs.anchore.com/5.15/docs/deployment/docker_compose/docker-compose.yaml > docker-compose.yaml

Transfer this file to your offline system (using a memory stick or similar method).

  1. Set Up and Deploy On the air-gapped system, place the downloaded docker-compose.yaml file in your working directory, along with your license file. Make sure the docker-compose.yaml file references the images by name and tag exactly as they appear on your local system.

Now, you can deploy Anchore with:

docker compose up -d

Docker will automatically use the locally loaded images if they exist with the correct name and tag, as referenced in the docker-compose.yaml file.

Installing via Helm

Last modified March 12, 2025