Deploying MetalSoft in an air gapped environment

MetalSoft can be installed in an Airgapped environment with the below requirements.

Important

To be able to install and run MetalSoft in an air gapped environment, the following need to be considered. The customer must also have a running and functional Kubernetes cluster set up.

Repository requirements

You should have a repository (for example Artifactory) where you can replicate the following assets

For installation and upgrade of the Global Controller, the following should be replicated to the repository of your choice

For day to day operations

Internal Firewall Rules

You will still need the following internal firewall rules applied in your environment as below

Global Controller

Site Controller

Installation of the Global and Site Controller

Once the above has been set up, the MetalSoft software can be installed in your environment using the following links:

  • https://docs.metalsoft.io/en/latest/content/overview/installation/deploying_metalsoft_global_controller.html

  • https://docs.metalsoft.io/en/latest/content/overview/installation/deploying_metalsoft_site_controller.html#

Installation of the OVA VM’s in an air gaped environment

The MetalSoft OVA’s are designed to be deployed in an air gapped environment with no external firewall rules required. Please follow these instructions to install the MetalSoft OVA’s

Upgrading the OVA VM’s in an air gapped environment

If using the OVA for testing or for a proof of concept, we can supply upgrade packages for the MetalSoft images which you can copy to your environment manually using the following steps

Global Controller Upgrade with provided packages

Transfer the provided files onto the Global Controller VM, preferably into /root/k8s-images

Import the images using the following command for each tar file

ctr image import license.tar

Site Controller Upgrade with provided packages

Transfer the provided files onto the Site Controller VM and run the following from the folder you copied the tar to

cat ms-agent.tar|docker load

You can also download the images and tar/transfer them using the following instructions

Global Controller Upgrade with selected images

From a machine with internet access, run the following to pull the images which are to be upgraded (where REGISTRY:CREDENTIALS are the credentials provided by MetalSoft)

ctr images pull --platform linux/amd64 -u REGISTRY:CREDENTIALS registry.metalsoft.dev/gc/license:v7.0

Save the locally pulled image to a .tar file

ctr image export --platform linux/amd64 --skip-manifest-json /root/k8s-images/license.tar registry.metalsoft.dev/gc/license:develop

Transfer the files onto the Global Controller VM, preferably into /root/k8s-images

Import the images using the following command for each tar file

ctr image import license.tar

Site Controller Upgrade with selected images

From a machine with internet access and docker installed, run the following to pull the images which are to be upgraded (where REGISTRY:CREDENTIALS are the credentials provided by MetalSoft)

Log into the MetalSoft repository

docker login

Provide the registry username and password in the prompts as provided by MetalSoft

Save the locally pulled image to a .tar file

docker compose pull registry.metalsoft.dev/sc/ms-agent:v7.0

Save the locally pulled image to a .tar file

docker save -o ms-agent1.tar registry.metalsoft.dev/sc/ms-agent:v7.0

Transfer the files onto the Site Controller VM and run the following from the folder you copied the tar to

cat ms-agent.tar|docker load