Versions Compared

Version Old Version 17 New Version Current
Changes made by

Artem Kalaitan

Space Sync for Confluence

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

For RHEL, K3s needs the following package to be installed: k3s-selinux (repo rancher-k3s-common-stable) and its dependencies container-selinux (repo rhel-8-appstream-rhui-rpms) and policycoreutils-python-utils (repo rhel-8-baseos-rhui-rpms). On systems without access to online repositories, the corresponding *.rpm package for each of the above dependencies should be copied to the server first and installed locally.

Other SUSE, CentOS, RedHat prerequisites: Prerequisites for k3s on RHEL/CentOS/Oracle Linux

Ubuntu prerequisites: Prerequisites for k3s on Ubuntu Linux

If your organisation has purchased Enterprise Rancher from SUSE, which includes K3s with support directly from SUSE, our solution is fully compatible with this setup. Our solution operates seamlessly on top of SUSE’s supported K3s environment, allowing you to leverage SUSE’s enterprise-grade support for K3s alongside our product functionality and support.

The steps below you guide you through the air-gap installation of K3s, a lightweight Kubernetes distribution created by Rancher Labs:

...

Info

Replace $VERSION with the version that is present in the bundle that has been downloaded.
To check all the charts that have been download downloaded run ls charts.

Replace IPADDRESS/DNS/FQDN with IP Adress or FQDN or DNS name for Keycloak in formats like below https://192.168.10.1 or https://gv.domain.local or https://gv.getvisibility.com
In case you want to enable kibana on airgap cluster add below setting to the Helm command
--set eck-operator.kibanaEnabled=true

  1. Install Getvisibility Essentials and set the daily UTC backup hour (0-23) for performing backups.

    Code Block
    helm upgrade --install gv-essentials charts/gv-essentials-$VERSION.tgz --wait \
--timeout=10m0s --kubeconfig /etc/rancher/k3s/k3s.yaml \
--set backup.hour=1 \
--set eck-operator.enabled=true \
--set updateclusterid.enabled=false \
--set keycloak.url=https://(IPADDRESS/|DNS/|FQDN)

  2. Install Monitoring CRD:

    Code Block
    helm upgrade --install rancher-monitoring-crd charts/rancher-monitoring-crd-$VERSION.tgz \
--wait \
--kubeconfig /etc/rancher/k3s/k3s.yaml \
--namespace=cattle-monitoring-system \
--create-namespace

  3. Install Monitoring:

    Code Block
    helm upgrade --install rancher-monitoring charts/rancher-monitoring-$VERSION.tgz \
--wait \
--kubeconfig /etc/rancher/k3s/k3s.yaml \
--namespace=cattle-monitoring-system \
--set k3sServer.enabled=true \
--set k3sControllerManager.enabled=true \
--set k3sScheduler.enabled=true \
--set k3sProxy.enabled=true \
--set prometheus.retention=5 \
Info

To expose Grafana via an ingress on the path /grafana (allowing access through https://IPADDRESS_or_DNSNAME/grafana), add the following flag to the monitoring installation command:

Code Block
--set global.grafana_ingress.enabled=true

  1. Check all pods are Running with the command: kubectl get pods -A

Install DSPM/Synergy (Endpoint Agent) Helm Chart

...

Code Block
helm upgrade --install gv-platform charts/gv-platform-$VERSION.tgz --wait \
--timeout=10m0s --kubeconfig /etc/rancher/k3s/k3s.yaml \
--set-string clusterLabels.environment=prod \
--set-string clusterLabels.cluster_reseller=$RESELLER \
--set-string clusterLabels.cluster_name=mycluster \
--set-string clusterLabels.product=$PRODUCT
Info

In case if you expirience experience 404 error for accessing to Keycloak or UI and use 1.26 (default) version of K3s ensure that treafik traefik patch is applied

Code Block
kubectl patch clusterrole traefik-kube-system -n kube-system --type='json' -p='[{"op": "add", "path": "/rules/-1/apiGroups/-", "value": "traefik.io"}]'
kubectl apply -f assets/traefik-patch.yaml
kubectl rollout restart deployment traefik -n kube-system

...

  1. Install Getvisibility Essentials and set the daily UTC backup hour (0-23) for performing backups.

    Code Block
    $ helm upgrade --install gv-essentials charts/gv-essentials-$VERSION.tgz --wait \
--timeout=10m0s --kubeconfig /etc/rancher/k3s/k3s.yaml \
--set global.high_available=true \
--set eck-operator.enabled=true  \
--set minio.replicas=4 \
--set minio.mode=distributed \
--set consul.server.replicas=3 \
--set updateclusterid.enabled=false \
--set backup.hour=1
--set eck-operator.enabled=true

  2. Install Monitoring CRD:

    Code Block
    $ helm upgrade --install rancher-monitoring-crd charts/rancher-monitoring-crd-$VERSION.tgz --wait \
--kubeconfig /etc/rancher/k3s/k3s.yaml \
--namespace=cattle-monitoring-system \
--create-namespace

  3. Install Monitoring:

    Code Block
    $ helm upgrade --install rancher-monitoring charts/rancher-monitoring-$VERSION.tgz --wait \
--kubeconfig /etc/rancher/k3s/k3s.yaml \
--set global.high_available=true \
--namespace=cattle-monitoring-system \
--set loki-stack.loki.replicas=2 \
--set prometheus.prometheusSpec.replicas=2
--set prometheus.retention=5
Info

To expose Grafana via an ingress on the path /grafana (allowing access through https://IPADDRESS_or_DNSNAME/grafana), add the following flag to the monitoring installation command:

...

Info

  1. Import Docker images only to the Master1 node

  2. In the case of HA deployment, Recreate and redeploy the imagecache.yaml file
    https://getvisibility.atlassian.net/wiki/spaces/KBTES/pages/227540993/Air+Gap+Installation#Install-Kube-fledged: Perform the 2nd Step

...

GetVisibility Essentials Helm Chart

To upgrade the GV Essential chart you must:

...