Pre-provisioned Air-gapped FIPS: Install Kommander

Prerequisites

• Ensure you have reviewed all Prerequisites for Install .

• Ensure you have a default StorageClass.

• Ensure you have loaded all necessary images for your configuration. See Load the Images into Your Registry.

• Note down the name of the cluster, where you want to install Kommander. If you do not know it, use kubectl get clusters -A to display it.

 Create your Kommander Installer Configuration File

1. Set the environment variable for your cluster:

   CODE

   export CLUSTER_NAME=<your-management-cluster-name>

2. Copy the kubeconfig file of your Management cluster to your local directory:

   CODE

   dkp get kubeconfig -c ${CLUSTER_NAME} >> ${CLUSTER_NAME}.conf

3. Create a configuration file for the deployment:

   CODE

   dkp install kommander --init --airgapped > kommander.yaml

4. Edit the installer file to include configuration overrides for the rook-ceph-cluster. DKP’s default configuration ships Ceph with PVC based storage which requires your CSI provider to support PVC with type volumeMode: Block. As this is not possible with the default local static provisioner, you can install Ceph in host storage mode.

   You can choose whether Ceph’s object storage daemon (osd) pods should consume all or just some of the devices on your nodes. Include one of the following Overrides:

   1. To automatically assign all raw storage devices on all nodes to the Ceph cluster:

      CODE

      rook-ceph-cluster:
          enabled: true
          values: |
            cephClusterSpec:
              storage:
                storageClassDeviceSets: []
                useAllDevices: true
                useAllNodes: true
                deviceFilter: "<<value>>"

   2. To assign specific storage devices on all nodes to the Ceph cluster:

      CODE

      rook-ceph-cluster:
          enabled: true
          values: |
            cephClusterSpec:
              storage:
                storageClassDeviceSets: []
                useAllNodes: true
                useAllDevices: false
                deviceFilter: "^sdb."

      Note: If you want to assign specific devices to specific nodes using the deviceFilter option, refer to Specific Nodes and Devices. For general information on the deviceFilter value, refer to Storage Selection Settings.

5. If required: Customize your kommander.yaml.
   See Kommander Additional Install Configurations for customization options. Some of them include:
   Custom Domains and Certificates, HTTP proxy, External Load Balancer, GPU utilization, etc.

Enable DKP Catalog Applications and Install Kommander

If you have an Enterprise license and would like to use the DKP Catalog Applications function, follow these steps:

1. In the same kommander.yaml of the previous section, add these values for dkp-catalog-applications:

   CODE

   apiVersion: config.kommander.mesosphere.io/v1alpha1
   kind: Installation
   catalog:
     repositories:
       - name: dkp-catalog-applications
         labels:
           kommander.d2iq.io/project-default-catalog-repository: "true"
           kommander.d2iq.io/workspace-default-catalog-repository: "true"
           kommander.d2iq.io/gitapps-gitrepository-type: "dkp"
         gitRepositorySpec:
           url: https://github.com/mesosphere/dkp-catalog-applications
           ref:
             tag: v2.5.0

   If you only want to enable catalog applications to an existing configuration, add these values to an existing installer configuration file to maintain your Management cluster’s settings.

2. Use the customized kommander.yaml to install DKP:

   CODE

   dkp install kommander --installer-config kommander.yaml --kubeconfig=${CLUSTER_NAME}.conf \
   --kommander-applications-repository ./application-repositories/kommander-applications-v2.5.0.tar.gz \
   --charts-bundle ./application-charts/dkp-kommander-charts-bundle-v2.5.0.tar.gz \
   --charts-bundle ./application-charts/dkp-catalog-applications-charts-bundle-v2.5.0.tar.gz

If your environment uses HTTP/HTTPS proxies, you must include the flags --http-proxy, --https-proxy, and --no-proxy and their related values in this command for it to be successful. More information is available in Configuring an HTTP/HTTPS Proxy.

Tips and recommendations

• The --kubeconfig=${CLUSTER_NAME}.conf flag ensures that you install Kommander on the correct cluster. For alternatives, see Provide Context for Commands with a kubeconfig File

• Applications can take longer to deploy, and time out the installation. Add the --wait-timeout <time to wait> flag and specify a period of time (for example, 1h) to allocate more time to the deployment of applications.

• If the Kommander installation fails, or you wish to reconfigure applications, rerun the install command to retry.

Next Step:

Pre-provisioned Air-gapped FIPS: Verify Install and Log in to UI