Air Gap installation guide

Before you get started

To use Kublr in an AirGap environment, download BASH scripts from https://repo.kublr.com

And archives with Helm packages, Kublr agent and Docker images:

Important notice!

All provided scripts are checked for use with the Sonatype OSS Nexus. If you are using a different repository, you may need to modify the provided scripts.

System Requirements for Cluster Nodes

  1. x86 64-bit hardware
  2. Hardware recommendation Hardware recommendation
  3. Minimal supported OS on nodes: RedHat Enterprise Linux 7.2+ or Ubuntu 16.04 LTS
  4. Root access to each node
  5. Existing RAW repository for upload Helm and Kublr agent archives and Docker registry, available from each node
  6. Nodes are connected in your network, and the Kublr-in-a-Box configured IP is accessible from these nodes (ping)
  7. From your nodes, firewall rules should allow traffic to Kublr-in-a-Box on port 9080
  8. Kublr-in-a-Box should be correctly configured to be accessible in your local network. Note: It is critical that you provide the correct IP address during the virtual machine startup. If you skipped this step, please re-run provisioning and configure your firewall rules to allow traffic to your computer.

Persistence data storage for Kublr KCP on hosts

Component Name Node Type Default Storage Path Owner UID Minimum Disk Size
ETCD master /mnt/master-pd 0 4G
Elasticsearch data node node /var/lib/kublr/elasticserach/data 1000 128G
Elasticsearch master node node /var/lib/kublr/elasticserach/master 1000 4G
Grafana node /var/lib/kublr/grafana  0 1G
MongoDB node /var/lib/kublr/mongodb 1001 8G
MySQL DB node /var/lib/kublr/mysql 999 8G
Prometheus node /var/lib/kublr/prometheus 0 25G
RabbitMQ node /var/lib/kublr/rabbitmq 999 3G

Repository Requirements

  1. RAW repository (e.g. Sonatype OSS Nexus) for store go binary and Helm packages. At least 50Mb free space required.
  2. Docker repository (e.g. Sonatype OSS Nexus or Docker Registry) for Docker image management. At least 6.5Gb free space required.

Repository Preparation

Use the downloaded files on external media or download SHELL scripts and run them as-is. All necessary archives will be downloaded automatically (Internet access is required)

  1. Upload archives with Kublr agent and Helm packages

    $ bash kublr-load-agent.sh https://192.168.3.8/repository/raw/
    Upload kublr-1.10.1-ga2-linux.tar.gz to local repo:
    ######################################################################## 100.0%
    $ bash kublr-load-helm.sh https://192.168.3.8/repository/raw/
    Processing kublr-helm-1.10.1-ga2.tar.gz:
    ######################################################################## 100.0%
    cleaning...
  2. Push all needed Docker images into your Docker registry

    $ docker login --username admin --password admin123 192.168.3.8:5000
    $ bash kublr-load-images.sh 192.168.3.8:5000

In these examples, 192.168.3.8 is the IP address of local RAW and docker repository. You will need to change this to your IP or DNS name.

Running Kublr-in-a-Box in AirGap mode

Specify the addresses of repositories to store artifacts, as well as the address of the Docker repository when you run Kublr-in-a-Box. To run in AirGap mode, specify ISOLATED_ENV=true and KUBLR_HOST=HOST_IP:HOST_PORT for the on-premise installation.

export ISOLATED_ENV=true
export KUBLR_LICENSE='******-****-****-****-****'
export KUBLR_HOST=192.168.3.7:9080
export DOCKER_REGISTRY=192.168.3.8:5000
export HELM_REPOSITORY=https://192.168.3.8/repository/raw
export KUBLR_AGENT_REPOSITORY=https://192.168.3.8/repository/raw

docker run -p 9080:9080 -d --restart=unless-stopped --name kublr \
       -e DOCKER_REGISTRY=${DOCKER_REGISTRY} \
       -e HELM_REPOSITORY=${HELM_REPOSITORY} \
       -e KUBLR_AGENT_REPOSITORY=${KUBLR_AGENT_REPOSITORY} \
       -e ISOLATED_ENV=${ISOLATED_ENV} \
       -e KUBLR_HOST=${KUBLR_HOST} \
       -e KUBLR_LICENSE=${KUBLR_LICENSE} \
       ${DOCKER_REGISTRY}/kublr/kublr:${KUBLR_VERSION}

Re-Provisioning Kublr-in-a-Box

To install clusters on premise, when you have already started Kublr-in-a-Box without option KUBLR_HOST, or your IP address has been changed (for example to switch networks), please use following command to correct KUBLR_HOST to access your computer from the network. Typically, it is your computer’s IP address, but it may be different if you use NAT:

docker exec -i kublr /bin/bash -c 'echo "KUBLR_HOST=HOST_IP:HOST_PORT" > /ip.external'; docker restart kublr

This will reconfigure Kublr to use a proper DNS/IP address for the installation scripts used on your nodes.

Creating AirGap On-Premise cluster in Kublr

For more details see On-Premise Installation

  1. Open KCP UI on http://KUBLR-IN-A-BOX-IP:9080/cluster
  2. Click create cluster. Check the “Bare Metal” icon in the Provider section
  3. Create KCP Cluster with configure “Cluster specification” use “Customize Cluster Specification” and change parameters: DOCKER-IP and DOCKER-PORT

    metadata:
      name: cluster-name
    spec:
      kublrAgentConfig:
        kublr:
          docker:
            config:
              insecure-registries:
                - <DOCKER-IP>:<DOCKER-PORT>
    ...

Air gap


Questions? Suggestions? Need help? Contact us.