Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[airgap] PoC #937

Closed
Tracked by #894
fgiudici opened this issue Aug 1, 2023 · 2 comments
Closed
Tracked by #894

[airgap] PoC #937

fgiudici opened this issue Aug 1, 2023 · 2 comments
Assignees
@fgiudici
Labels
area/airgap

Comments

@fgiudici
Copy link
Member

fgiudici commented Aug 1, 2023

Create a test airgap environment and deploy elemental from there
@fgiudici fgiudici self-assigned this Aug 1, 2023
@fgiudici fgiudici moved this to 🗳️ To Do in Elemental Aug 1, 2023
@fgiudici fgiudici mentioned this issue Aug 1, 2023
Closed
11 tasks
@fgiudici fgiudici moved this from 🗳️ To Do to 🏃🏼‍♂️ In Progress in Elemental Aug 7, 2023
@fgiudici
Copy link
Member Author

fgiudici commented Aug 11, 2023
edited
Loading

A Rancher airgapped deployment requires a private registry in the isolated infrastructure.
The container images for the clusters itselves (K3s, RKE2, ...), for Rancher and required charts (certmanager) should be downloaded and loaded in the private registry. Rancher doc here.
Notes:

  • you need a tls secured registry: follow docs here
  • images are downloaded and tgzipped: this tasks takes a lot of time and disk space, ensure you have ~200GB of free disk space
  • the tar.gz archive with all the images should be loaded to the private registry: this takes some time too

When installing Rancher from helm (from a locally pulled tgz chart of course) the --set useBundledSystemChart=true will instruct Rancher to get the "apps" (the charts in the Rancher Marketplace) from a local cache from the rancher/rancher image (which is loaded in the private registry). So, all the charts in the Rancher Marketplace will be available in the airgapped Rancher.

The UI extensions instead ARE NOT managed in the airgap scenario (apart from the default installed ones).
UI extension airgap should be managed apart (and yes, also the Elemental UI extension will not be there by default).

Since Elemental charts are not in the Rancher Marketplace (yet) installation of Elemental in an airgap scenario requires extra steps:

  • the elemental charts (crds and operator ones) should be pulled and made available as a tgz. Easy and straightforward.
  • the elemental-operator chart must support registry templating (elemental-operator #496).
  • the required Elemental images should be loaded in the private registry:
    • the elemental-operator image
    • the seedimage-builder image
    • the Elemental Teal OS images to be used for ISO building and upgrades
  • a custom Elemental OS channel should be prepared targeting the Elemental Teal OS images in the private repo (likely we should provide a script to automate OS images loading on the private repo and channel generation)

@fgiudici
Copy link
Member Author

PoC ready: started from a Rancher airgap scenario, installed Elemental operator from rancher/elemental-operator#497 and created a MachineRegistration.
Enabling ISO building and OS updated will require #950 .

@github-project-automation github-project-automation bot moved this from 🏃🏼‍♂️ In Progress to ✅ Done in Elemental Aug 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fgiudici fgiudici

Labels
area/airgap
Projects
Elemental
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kkaempf @fgiudici