Deploying MetalSoft in an air gapped environment
MetalSoft can be installed in an air gapped environment with the below requirements.
Repository requirements
Section titled “Repository requirements”You should have a repository (for example Jfrog Artifactory) where you can replicate the following assets
For installation and upgrade of the Global Controller, the following should be replicated to the repository of your choice
- Pulling MetalSoft images at installation/upgrade time
- Pulling standard images at installation/upgrade time
For day to day operations
-
Pulling OS Template files, the relevant templates must be replicated from this github repository
-
Download and host your own ISO files on an http repository to be consumed by the OS templates
-
Updating the Site Controller (from this list registry.metalsoft.dev and repo.metalsoft.io)
Firewall Rules
Section titled “Firewall Rules”Refer to Network Flows and Firewall Requirements for more details on configuring firewall rules.
Installation of the Global and Site Controller
Section titled “Installation of the Global and Site Controller”Once the above has been set up, the MetalSoft software can be installed in your environment using the following links:
Installation of the OVA VM’s in an air gaped environment
Section titled “Installation of the OVA VM’s in an air gaped environment”The MetalSoft OVA’s are designed to be deployed in an air gapped environment with no external firewall rules required. Please follow these instructions to install the MetalSoft OVA’s
Upgrading the OVA VM’s in an air gapped environment
Section titled “Upgrading the OVA VM’s in an air gapped environment”If using the OVA for testing or for a proof of concept, we can supply upgrade packages for the MetalSoft images which you can copy to your environment manually using the following steps
Global Controller Upgrade with provided packages
Section titled “Global Controller Upgrade with provided packages”Transfer the provided files onto the Global Controller VM, preferably into /root/k8s-images
Import the images using the following command for each tar file
ctr image import license.tar
Site Controller Upgrade with provided packages
Section titled “Site Controller Upgrade with provided packages”Transfer the provided files onto the Site Controller VM and run the following from the folder you copied the tar to
cat ms-agent.tar|docker load
You can also download the images and tar/transfer them using the following instructions
Global Controller Upgrade with selected images
Section titled “Global Controller Upgrade with selected images”From a machine with internet access, run the following to pull the images which are to be upgraded (where REGISTRY:CREDENTIALS are the credentials provided by MetalSoft)
ctr images pull --platform linux/amd64 -u REGISTRY:CREDENTIALS registry.metalsoft.dev/gc/license:v7.0
Save the locally pulled image to a .tar file
ctr image export --platform linux/amd64 --skip-manifest-json /root/k8s-images/license.tar registry.metalsoft.dev/gc/license:develop
Transfer the files onto the Global Controller VM, preferably into /root/k8s-images
Import the images using the following command for each tar file
ctr image import license.tar
Site Controller Upgrade with selected images
Section titled “Site Controller Upgrade with selected images”From a machine with internet access and docker installed, run the following to pull the images which are to be upgraded (where REGISTRY:CREDENTIALS are the credentials provided by MetalSoft)
Log into the MetalSoft repository
docker login
Provide the registry username and password in the prompts as provided by MetalSoft
Save the locally pulled image to a .tar file
docker compose pull registry.metalsoft.dev/sc/ms-agent:v7.0
Save the locally pulled image to a .tar file
docker save -o ms-agent1.tar registry.metalsoft.dev/sc/ms-agent:v7.0
Transfer the files onto the Site Controller VM and run the following from the folder you copied the tar to
cat ms-agent.tar|docker load