image-location
image-location <URL> [vrf <VRF-NAME>][allow-unsigned]
no image-location <URL> [<VRF-NAME>][allow-unsigned]
Description
Configures the image location for a container. Modifying image location prompts an image upgrade.
The no form of this command removes the configured location of a container.
- If the user sets a location value which does not follow the standard URL format, the following error message is returned: Failure to configure image location: Invalid URL
- If the user tries to use a VRF value that doesn't exist on the switch, the following error message is returned: Failure to configure image location: Invalid VRF
-
If the image of the container exceeds 500mb the container won´t be deployed.
By default, only container images with a valid HPE signature are allowed. To bypass this signature check and allow unsigned container images, include the allow-unsigned parameter when you define the image location. The allow-unsigned parameter cannot be used if you have issued the secure-mode enhanced command to set the switch to enhanced secure mode.
|
Parameter |
Description |
|---|---|
|
image-location |
Configures the URL of the container application. |
|
URL |
Specifies the URL of the container application. URL supports HTTP protocol. The image-location URL can either be IPv4 or IPv6 address. The IPv6 address must be provided within square brackets. |
|
vrf <VRF-NAME> |
(Optional) Specifies the VRF of the image URL. |
|
allow-unsigned |
(Optional) Allow download and deployment of an unsigned container image. |
Examples
Configures the image location for the IPv4 setting:
switch(config)# image-location http://10.0.0.1/container.img vrf mgmt
Appends the port to the address if the image server is running on a port other than HTTP for an IPv4 setting:
switch(config)# image-location http://10.0.0.1:9050/container.img vrf mgmt
Configures image location for IPv6 setting by wrapping IP address between square brackets:
switch(config)# image-location http://[2001::2]/container.img vrf mgmt
Specifies port number by appending it with the IPv6 address:
switch(config)# image-location http://[2001::2]:9050/container.img vrf mgmt
When you include the allow-unsigned parameter on a switch in standard secure mode, the following message will be displayed to inform this can be a potential security issue.
switch(config)# image-location http://10.0.0.1/container.img vrf mgmt allow-unsigned
Allowing unsigned container images poses a potential security risk that can impact both the current device and the entire network. By allowing installation of unsigned applications you are acknowledging and accepting these risks. HPE shall not be responsible for the consequences of your actions and disclaims any and all liability. Continue (y/n)? y
When you attempt to include the allow-unsigned parameter on a switch in enhanced ecure mode, the following message will appear to indicate that this parameter is not supported.
switch(config)# image-location http://10.0.0.1/container.img vrf mgmt allow-unsigned
Unsigned images are not permitted in the current secure mode, using the allow-unsigned parameter will have no effect.
|
Release |
Modification |
|---|---|
|
10.14 |
The allow-unsigned parameter is introduced. |
|
10.12 |
Command introduced. |
Command Information
|
Platforms |
Command context |
Authority |
|---|---|---|
|
8100 8320 8325 8360 8400 9300 9300S 10000 |
config-container-<CONTAINER-NAME> |
Administrators or local user group members with execution rights for this command. |
