Pre-provisioned Air-gapped FIPS: Install Kommander
Prerequisites
Ensure you have reviewed all Prerequisites for Install.
Ensure you have a default StorageClass.
Ensure you have loaded all necessary images for your configuration. See Load the Images into Your Registry: Air-gapped Environments.
Note down the name of the cluster, where you want to install Kommander. If you do not know it, use
kubectl get clusters -A
to display it.
Create your Kommander Installer Configuration File
Set the environment variable for your cluster:
CODEexport CLUSTER_NAME=<your-management-cluster-name>
Copy the
kubeconfig
file of your Management cluster to your local directory:CODEdkp get kubeconfig -c ${CLUSTER_NAME} >> ${CLUSTER_NAME}.conf
Create a configuration file for the deployment:
CODEdkp install kommander --init --airgapped > kommander.yaml
Edit the installer file to include configuration overrides for the
rook-ceph-cluster
. DKP’s default configuration ships Ceph with PVC based storage which requires your CSI provider to support PVC with typevolumeMode: Block
. As this is not possible with the default local static provisioner, you can install Ceph in host storage mode.You can choose whether Ceph’s object storage daemon (osd) pods should consume all or just some of the devices on your nodes. Include one of the following Overrides:
To automatically assign all raw storage devices on all nodes to the Ceph cluster:
CODErook-ceph-cluster: enabled: true values: | cephClusterSpec: storage: storageClassDeviceSets: [] useAllDevices: true useAllNodes: true deviceFilter: "<<value>>"
To assign specific storage devices on all nodes to the Ceph cluster:
CODErook-ceph-cluster: enabled: true values: | cephClusterSpec: storage: storageClassDeviceSets: [] useAllNodes: true useAllDevices: false deviceFilter: "^sdb."
Note: If you want to assign specific devices to specific nodes using the
deviceFilter
option, refer to Specific Nodes and Devices. For general information on thedeviceFilter
value, refer to Storage Selection Settings.
If required: Customize your
kommander.yaml
.
See Kommander Customizations for customization options. Some of them include:
Custom Domains and Certificates, HTTP proxy, External Load Balancer, GPU utilization, etc.
Enable DKP Catalog Applications and Install Kommander in an Air-gapped Environment
If you want to enable DKP Catalog applications after installing DKP, see Enable DKP Catalog Applications after Installing DKP.
In the same
kommander.yaml
of the previous section, add the following values to enable DKP Catalog Applications:CODEapiVersion: config.kommander.mesosphere.io/v1alpha1 kind: Installation ... catalog: repositories: - name: dkp-catalog-applications labels: kommander.d2iq.io/project-default-catalog-repository: "true" kommander.d2iq.io/workspace-default-catalog-repository: "true" kommander.d2iq.io/gitapps-gitrepository-type: "dkp" path: ./dkp-catalog-applications-v2.7.2.tar.gz
If you only want to enable catalog applications to an existing configuration, add these values to an existing installer configuration file to maintain your Management cluster’s settings.
Use the customized
kommander.yaml
to install DKP:CODEdkp install kommander --installer-config kommander.yaml --kubeconfig=${CLUSTER_NAME}.conf \ --kommander-applications-repository ./application-repositories/kommander-applications-v2.7.2.tar.gz \ --charts-bundle ./application-charts/dkp-kommander-charts-bundle-v2.7.2.tar.gz \ --charts-bundle ./application-charts/dkp-catalog-applications-charts-bundle-v2.7.2.tar.gz
Tips and recommendations
The
--kubeconfig=${CLUSTER_NAME}.conf
flag ensures that you install Kommander on the correct cluster. For alternatives, see Provide Context for Commands with a kubeconfig File.Applications can take longer to deploy, and time out the installation. Add the
--wait-timeout <time to wait>
flag and specify a period of time (for example,1h
) to allocate more time to the deployment of applications.If the Kommander installation fails, or you wish to reconfigure applications, rerun the
install
command to retry.
Next Step:
Pre-provisioned Air-gapped FIPS: Verify Install and Log in to UI