From 672c86ee8d1b49347bf53b6ce41418b2520449a5 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Thu, 12 Sep 2024 14:01:03 -0400 Subject: [PATCH 01/17] docs: add initial draft of the guide --- .../airgap-install/env-setup-vm.md | 289 ++++++++++++++++++ .../vmware-vsphere-airgap-instructions.md | 9 +- 2 files changed, 294 insertions(+), 4 deletions(-) create mode 100644 docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md new file mode 100644 index 0000000000..3e42764831 --- /dev/null +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md @@ -0,0 +1,289 @@ +--- +sidebar_label: "Environment Setup with RHEL" +title: "Environment Setup with an Existing RHEL VM" +description: "Learn how to prepare your airgap environment for Palette installation using an existing RHEL VM" +icon: "" +hide_table_of_contents: false +sidebar_position: 30 +tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere", "rhel"] +keywords: ["self-hosted", "enterprise"] +--- + +This guide helps you prepare your airgap environment for Palette installation using an existing Red Hat Enterprise Linux +(RHEL) VM available in your VMware vSphere environment. + +You will learn how to use an appliance binary that includes all the tools required by Palette to set up the registry +that is required for the installation. + +:::info + +This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, refer to the +[Install Palette](./install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for +Palette is available in the [Checklist](./checklist.md) page. + +::: + +## Prerequisites + +- An RHEL airgap VM with connectivity to your VMware vSphere environemnt and ports `80` and `443` available. This guide + uses RHEL version `8.8` as an example. + +- The RHEL VM must have a fully qualified domain name (FQDN) and must be accessible via SSH. + +- A valid [RHEL subscription](https://www.redhat.com/en/store/linux-platforms). + +- An HTTP file server to host the Palette files. The file server must be accessible from the target environment where + Palette will be installed. Below is a list of common file servers. This guide uses Apache as an example. + + - [Apache HTTP Server](https://httpd.apache.org/) + + - [Nginx](https://www.nginx.com/) + + - [Caddy](https://caddyserver.com/) + + :::warning + + Take the necessary steps to secure your file server and ensure it can automatically recover from failure. The file + server is a critical component of the airgap installation and must be available post-install for Palette to function + properly. + + ::: + +- Review the required vSphere [permissions](../../install-on-vmware/vmware-system-requirements.md) and ensure you have + created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains + when provisioning workloads that require persistent storage. Refer to + [Zone Tagging](../../install-on-vmware/vmware-system-requirements.md#zone-tagging) for information. + +- The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files + in a system with internet access and then transfer them to your airgap environment. Contact your Palette support + representative to obtain the latest version of each artifact. + - RHEL airgap appliance binary. This guide uses version `4.4.2` of the binary as an example. + - Palette installation binary. This guide uses version `4.4.14` of the binary as an example. + - An OVA with the operating system and Kubernetes distribution required for the Palette nodes. + +## Prepare for Airgap Installation + +1. Log in to your vCenter environment. + +2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account + you plan to use when deploying the Palette installation. + +3. Right-click on your cluster or resource group and select **Deploy OVF Template**. + +4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes + distribution OVA required for the installation. + + ```url + https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-1282-0.ova + ``` + + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1282-0`. This + naming convention is required for the installation process to identify the OVA. Refer to the + [Additional Packs](../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS OVAs. + + You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the + [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) + guide for more information about deploying an OVA in vCenter. + + :::warning + + If you encounter an error message during the OVA deployment stating unable to retrieve manifest or certificate, refer + to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for guidance on how to + resolve the issue. + + ::: + +5. Open a terminal window and SSH into the RHEL airgap VM as a root user with the command below. Replace + `/path/to/private_key` with the path to the private SSH key, `docs` with the username, and `palette.example.com` with + the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +6. Switch to the `root` user account to complete the remaining steps. + + ```shell + sudo --login + ``` + +7. Set the VM timezone to UTC. + + ```shell + timedatectl set-timezone UTC + ``` + +8. Register the RHEL VM with Red Hat. Replace `` and `` with your RHEL subscription + credentials. + + ```shell + subscription-manager register --username --password + ``` + +9. Ensure ports `80` and `443` are not in use by your file server, as the OCI registry will use these ports. Open the + `/etc/httpd/conf.d/ssl.conf` file and change the port from `443` to `8443`. + +10. Next, open the `/etc/httpd/conf/httpd.conf` file and change the port from `80` to `8080`. + +11. Restart the HTTP server to apply the configuration changes. + + ```shell + systemctl restart httpd.service + ``` + +12. Allow TCP traffic on ports `80`, `8080`, `443`, and `8443`, then reload the firewall. + + ```shell + firewall-cmd --permanent --add-port=80/tcp + firewall-cmd --permanent --add-port=8080/tcp + firewall-cmd --permanent --add-port=443/tcp + firewall-cmd --permanent --add-port=8443/tcp + firewall-cmd --reload + ``` + +13. Set the `AIRGAP_BUILD` variable as `true`. This is required for the execution of the RHEL airgap appliance binary. + + ```shell + export AIRGAP_BUILD=true + ``` + +14. Execute the RHEL airgap appliance binary. + + ```shell + ./airgap-appliance-v4.4.2-rhel-podman.bin + ``` + + ```text hideClipboard + insert output + ``` + +15. Initialize the airgap configuration process by issuing the following command. Replace `` with the FQDN + of the RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. + + ```shell + /bin/airgap-setup.sh + ``` + + The script output will look similar to the example below. It contains credentials and values you will need when + completing the installation with the Palette CLI. If you need to review this information in the future, invoke the + script again. + + ```text hideClipboard + insert output + ``` + +16. Update the **SCAR CA** certificate filepath in the **httpd** service. You can skip this step if you plan to use the + local SCAR during the Palette installation process. + + Open the `/etc/httpd/conf.d/ssl.conf` fil, locate the SSLCertificateFile and SSLCertificateKeyFile lines, and update + them with the path to the certificates generated in step **15** of this guide. + + ```text + SSLCertificateFile - /opt/spectro/ssl/server.crt + SSLCertificateKeyFile - /opt/spectro/ssl/server.key + ``` + + Next, restart the HTTP server for the changes to tafe effect. + + ```shell + systemctl restart httpd.service + ``` + +17. Execute the Palette installation binary. This will push the required images to the registry. + + ```shell + chmod +x airgap-4-4-14.bin && ./airgap-4-4-14.bin + ``` + +18. Grant the Apache user and group access to the `/var/www/html` folder. + + ```shell + chown -R apache.apache /var/www/html + ``` + +## Validate + +Use the following steps to validate that you've successfully completed the airgap setup process. + +1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to + the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +2. Switch to the `root` user account. + + ```shell + sudo --login + ``` + +3. Issue the following command to validate that you've successfully completed the airgap setup process. Replace the + hostname or IP address with the hostname or IP address of the RHEL airgap VM. + + ```shell + bin/airgap-setup.sh palette.example.com + ``` + +4. Verify you have the values and credentials in the output. + + ```shell hideClipboard + Setting up SSL Certs + Setting up Harbor + + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: ******** + Password: ******** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: ******** + Password: ******** + + Image OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: ******** + Password: ******** + ``` + +## Next Steps + +You are now ready to deploy the airgap Palette installation with the Palette CLI. As a root user, when you are ready to +proceed with the install, issue the Palette CLI command below to start the installation. The Palette CLI is already +installed in the RHEL airgap VM and ready to use. + + ```shell + palette ec install + ``` + +Complete all the Palette CLI steps outlined in the [Install Palette](./install.md) guide from the RHEL VM. + +:::info + +The table below maps the airgap script output values to their respective Palette CLI prompts and example values. The +example values are for reference only. + +| Output Value | Palette CLI Prompt | Example Value | +| ------------------------------------- | ------------------------------------ | ------------------------------------------------------ | +| **Spectro Cloud Repository Location** | **SCAR Location** | `https://palette.example.com:8443` or `10.10.1.1:8443` | +| **CA certificate filepath** | **SCAR CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **OCI Registry** | **Registry Type** | `OCI` | +| **Pack OCI Registry** | **Registry Endpoint** | `https://palette.example.com` or `10.10.1.1` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **Image OCI Registry** | **Registry Endpoint** | `https://palette.example.com` or `10.10.1.1` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | + +When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the +server certificate filepath from the script output. + +::: diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index 5b3df7d45a..93b49d0ef4 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -1,7 +1,7 @@ --- -sidebar_label: "Environment Setup" -title: "Environment Setup" -description: "Learn how to install Palette in an air gap environment." +sidebar_label: "Environment Setup with OVA" +title: "Environment Setup with OVA" +description: "Learn how to install Palette in an airgap environment." icon: "" hide_table_of_contents: false sidebar_position: 20 @@ -9,7 +9,8 @@ tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere"] keywords: ["self-hosted", "enterprise"] --- -This guide helps you to prepare your airgap environment for Palette installation. +This guide helps you to prepare your airgap environment for Palette installation using an OVA to deploy and initialize +an airgap support VM. :::info From b62e7ea196a12c397e6b6ad70e1c73b23467264d Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Thu, 12 Sep 2024 14:16:11 -0400 Subject: [PATCH 02/17] docs: add file server details --- .../install-on-vmware/airgap-install/env-setup-vm.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md index 3e42764831..530ad9e50e 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md @@ -33,7 +33,8 @@ Palette is available in the [Checklist](./checklist.md) page. - A valid [RHEL subscription](https://www.redhat.com/en/store/linux-platforms). - An HTTP file server to host the Palette files. The file server must be accessible from the target environment where - Palette will be installed. Below is a list of common file servers. This guide uses Apache as an example. + Palette will be installed and should serve files from the `/var/www/html` directory. Below is a list of common file + servers. This guide uses Apache as an example. - [Apache HTTP Server](https://httpd.apache.org/) From a14252f94bbff3bdc46a8821eb007bef4164e917 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Fri, 13 Sep 2024 23:44:17 -0400 Subject: [PATCH 03/17] docs: review steps, grammar --- .../airgap-install/env-setup-vm.md | 316 +++++++++++------- 1 file changed, 200 insertions(+), 116 deletions(-) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md index 530ad9e50e..4b0aa9de78 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md @@ -9,32 +9,32 @@ tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere", "rhel"] keywords: ["self-hosted", "enterprise"] --- -This guide helps you prepare your airgap environment for Palette installation using an existing Red Hat Enterprise Linux -(RHEL) VM available in your VMware vSphere environment. +This guide helps you prepare your VMware vSphere airgap environment for Palette installation using an existing Red Hat +Enterprise Linux (RHEL) VM. -You will learn how to use an appliance binary that includes all the tools required by Palette to set up the registry -that is required for the installation. +You will learn how to execute an appliance binary in your VM that installs the necessary tools to deploy an OCI registry +for hosting Palette images and also assists in starting the Palette installation. :::info This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, refer to the -[Install Palette](./install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for -Palette is available in the [Checklist](./checklist.md) page. +[Install Palette](./install.md) guide. ::: ## Prerequisites -- An RHEL airgap VM with connectivity to your VMware vSphere environemnt and ports `80` and `443` available. This guide - uses RHEL version `8.8` as an example. +- An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with + [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL + version `8.8` as an example. -- The RHEL VM must have a fully qualified domain name (FQDN) and must be accessible via SSH. +- The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. -- A valid [RHEL subscription](https://www.redhat.com/en/store/linux-platforms). +- The RHEL VM must have Podman installed. -- An HTTP file server to host the Palette files. The file server must be accessible from the target environment where - Palette will be installed and should serve files from the `/var/www/html` directory. Below is a list of common file - servers. This guide uses Apache as an example. +- An HTTP file server installed within the RHEL VM to host the Palette files. The file server must serve files from the + `/var/www/html` directory and have SSL support enabled. Below is a list of common file servers. This guide uses Apache + as an example. - [Apache HTTP Server](https://httpd.apache.org/) @@ -60,80 +60,82 @@ Palette is available in the [Checklist](./checklist.md) page. representative to obtain the latest version of each artifact. - RHEL airgap appliance binary. This guide uses version `4.4.2` of the binary as an example. - Palette installation binary. This guide uses version `4.4.14` of the binary as an example. - - An OVA with the operating system and Kubernetes distribution required for the Palette nodes. ## Prepare for Airgap Installation -1. Log in to your vCenter environment. +1. Log in to your vCenter environment. -2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account - you plan to use when deploying the Palette installation. +2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account + you plan to use when deploying the Palette installation. -3. Right-click on your cluster or resource group and select **Deploy OVF Template**. +3. Right-click on your cluster or resource group and select **Deploy OVF Template**. -4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes - distribution OVA required for the installation. +4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes + distribution OVA required for the Palette nodes creation. Contact your Palette support representative to learn if + the version of Palette you are using requires a new OS and Kubernetes OVA. - ```url - https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-1282-0.ova - ``` + ```url + https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-1282-0.ova + ``` - Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when - assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1282-0`. This - naming convention is required for the installation process to identify the OVA. Refer to the - [Additional Packs](../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS OVAs. + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1282-0`. This + naming convention is required for the installation process to identify the OVA. Refer to the + [Additional Packs](../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS and + Kubernetes OVAs. - You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the - [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) - guide for more information about deploying an OVA in vCenter. + You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the + [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) + guide for more information about deploying an OVA in vCenter. - :::warning + :::warning - If you encounter an error message during the OVA deployment stating unable to retrieve manifest or certificate, refer - to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for guidance on how to - resolve the issue. + If you encounter an error message during the OVA deployment stating that vCenter is unable to retrieve a manifest or + certificate, refer to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for + guidance on how to resolve the issue. - ::: + ::: -5. Open a terminal window and SSH into the RHEL airgap VM as a root user with the command below. Replace - `/path/to/private_key` with the path to the private SSH key, `docs` with the username, and `palette.example.com` with - the FQDN of the RHEL airgap VM. +5. Open a terminal window and SSH into the RHEL airgap VM as a root user with the command below. Replace + `/path/to/private_key` with the path to your private SSH key, `docs` with the username, and `palette.example.com` + with the FQDN of the RHEL airgap VM. - ```shell - ssh -i /path/to/private_key docs@palette.example.com - ``` + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` -6. Switch to the `root` user account to complete the remaining steps. +6. Switch to the `root` user account to complete the remaining steps. - ```shell - sudo --login - ``` + ```shell + sudo --login + ``` -7. Set the VM timezone to UTC. +7. Set the VM timezone to Coordinated Universal Time (UTC). - ```shell - timedatectl set-timezone UTC - ``` + ```shell + timedatectl set-timezone UTC + ``` -8. Register the RHEL VM with Red Hat. Replace `` and `` with your RHEL subscription - credentials. +8. Ensure that ports `80` and `443` are not in use by your file server, as these ports will be used by the Harbor + registry that will be installed later. - ```shell - subscription-manager register --username --password - ``` + Open the `/etc/httpd/conf.d/ssl.conf` file and make the following changes: -9. Ensure ports `80` and `443` are not in use by your file server, as the OCI registry will use these ports. Open the - `/etc/httpd/conf.d/ssl.conf` file and change the port from `443` to `8443`. + - Replace the line `Listen 443 https` with `Listen 8443 https`. + - Replace the line `` with ``. -10. Next, open the `/etc/httpd/conf/httpd.conf` file and change the port from `80` to `8080`. + Save and exit the file. -11. Restart the HTTP server to apply the configuration changes. +9. Next, open the `/etc/httpd/conf/httpd.conf` file and replace the line `Listen 80` with `Listen 8080`. Save and exit + the file. + +10. Restart the Apache HTTP server to apply the configuration changes. ```shell systemctl restart httpd.service ``` -12. Allow TCP traffic on ports `80`, `8080`, `443`, and `8443`, then reload the firewall. +11. Allow TCP traffic on ports `80`, `8080`, `443`, and `8443`, then reload the firewall. ```shell firewall-cmd --permanent --add-port=80/tcp @@ -143,61 +145,140 @@ Palette is available in the [Checklist](./checklist.md) page. firewall-cmd --reload ``` -13. Set the `AIRGAP_BUILD` variable as `true`. This is required for the execution of the RHEL airgap appliance binary. + The output displays a success message. + + ```text hideClipboard + success + ``` + +12. Set the `AIRGAP_BUILD` variable as `true`. This is required to execute the RHEL airgap appliance binary. ```shell export AIRGAP_BUILD=true ``` -14. Execute the RHEL airgap appliance binary. +13. Execute the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to + set up the Harbor registry and push images. ```shell - ./airgap-appliance-v4.4.2-rhel-podman.bin + chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && ./airgap-appliance-v4.4.2-rhel-podman.bin ``` ```text hideClipboard - insert output + Verifying archive integrity... 100% MD5 checksums are OK. All good. + Uncompressing Airgap Appliance Setup - 4.4.2 100% + Setting up directories and certs + warning: /opt/spectro/pwgen-2.08-3.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 2f86d6a1: NOKEY + Verifying... ################################# [100%] + Preparing... ################################# [100%] + Updating / installing... + 1:pwgen-2.08-3.el8 ################################# [100%] + Skipping setting up Nginx and Podman for airgap + Installing Podman + Setting up Harbor + Setting up oras and jq + Setting up Manifests + Cleaning up setup files + Reboot the system for selinux changes to take effect + ``` + +14. Reboot your RHEL VM to apply the changes. + + ```shell + reboot ``` -15. Initialize the airgap configuration process by issuing the following command. Replace `` with the FQDN - of the RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. + + Your SSH connection will be terminated. Start a new SSH session and switch to `sudo` mode before proceeding. Use + the same commands from steps *5* and *6* of this guide. + +15. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the + RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. ```shell - /bin/airgap-setup.sh + chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && /bin/airgap-setup.sh palette.example.com ``` - The script output will look similar to the example below. It contains credentials and values you will need when + The script output will look similar to the example below. It contains the credentials and values you will need when completing the installation with the Palette CLI. If you need to review this information in the future, invoke the script again. ```text hideClipboard - insert output + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** ``` -16. Update the **SCAR CA** certificate filepath in the **httpd** service. You can skip this step if you plan to use the - local SCAR during the Palette installation process. +16. (REVIEW) Update the SSL certificate file and key in the **httpd** service. - Open the `/etc/httpd/conf.d/ssl.conf` fil, locate the SSLCertificateFile and SSLCertificateKeyFile lines, and update - them with the path to the certificates generated in step **15** of this guide. + :::warning - ```text - SSLCertificateFile - /opt/spectro/ssl/server.crt - SSLCertificateKeyFile - /opt/spectro/ssl/server.key - ``` + You can skip this step if you plan to use the local Spectro Cloud Repository Location (SCAR) during the + [Palette installation](#next-steps) process. + + ::: + + Open the `/etc/httpd/conf.d/ssl.conf` file and add the path to the certificate and key generated in step **15** of + this guide: - Next, restart the HTTP server for the changes to tafe effect. + - Replace the line `SSLCertificateFile /etc/pki/tls/certs/localhost.crt` with + `SSLCertificateFile /opt/spectro/ssl/server.crt`. + - Replace the line `SSLCertificateKeyFile /etc/pki/tls/private/localhost.key` with + `SSLCertificateKeyFile /opt/spectro/ssl/server.key`. + + Save and exit the file. Next, restart the HTTP server to apply the changes. ```shell systemctl restart httpd.service ``` -17. Execute the Palette installation binary. This will push the required images to the registry. +17. Execute the Palette installation binary, which pushes Palette images and packs to the Harbor registry. ```shell chmod +x airgap-4-4-14.bin && ./airgap-4-4-14.bin ``` -18. Grant the Apache user and group access to the `/var/www/html` folder. + This step may take some time to complete. A `Setup Completed` message confirms it is finished. + + ```text hideClipboard {8} + Verifying archive integrity... 100% MD5 checksums are OK. All good. + Uncompressing Airgap Setup - Version 4.4.14 100% + Setting up CLI + Setting up Manifests + Setting up Packs + ... + + Setup Completed + ``` + +18. (REVIEW) Grant the Apache user and group access to the `/var/www/html` folder. ```shell chown -R apache.apache /var/www/html @@ -205,8 +286,6 @@ Palette is available in the [Checklist](./checklist.md) page. ## Validate -Use the following steps to validate that you've successfully completed the airgap setup process. - 1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. @@ -220,48 +299,53 @@ Use the following steps to validate that you've successfully completed the airga sudo --login ``` -3. Issue the following command to validate that you've successfully completed the airgap setup process. Replace the - hostname or IP address with the hostname or IP address of the RHEL airgap VM. +3. Issue the following command to validate that you have successfully completed the airgap setup process. Replace + `palette.example.com` with the FQDN of the RHEL airgap VM. ```shell bin/airgap-setup.sh palette.example.com ``` -4. Verify you have the values and credentials in the output. - - ```shell hideClipboard - Setting up SSL Certs - Setting up Harbor - - - Details: - ------- - Spectro Cloud Repository - Location: https://palette.example.com:8443 - UserName: ******** - Password: ******** - CA certificate filepath: /opt/spectro/ssl/server.crt - - Pack OCI Registry - Endpoint: https://palette.example.com - Base Content Path: spectro-packs - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: ******** - Password: ******** - - Image OCI Registry - Endpoint: https://palette.example.com - Base Content Path: spectro-images - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: ******** - Password: ******** - ``` + The output must include the registry location and credentials, which must be accessible from within your + environment. + + ```shell hideClipboard + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + ``` ## Next Steps -You are now ready to deploy the airgap Palette installation with the Palette CLI. As a root user, when you are ready to -proceed with the install, issue the Palette CLI command below to start the installation. The Palette CLI is already -installed in the RHEL airgap VM and ready to use. +You are now ready to deploy the airgap Palette installation with the Palette CLI. As a root user, issue the Palette CLI +command below to start the installation. ```shell palette ec install @@ -285,6 +369,6 @@ example values are for reference only. | **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the -server certificate filepath from the script output. +server certificate file path from the script output. ::: From 172eba2502b59badb34b72544feb5430c3213571 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Sat, 14 Sep 2024 00:35:22 -0400 Subject: [PATCH 04/17] docs: add partials --- _partials/self-hosted/_setup-next-steps.mdx | 33 ++ _partials/self-hosted/_setup-prereqs.mdx | 40 ++ _partials/self-hosted/_setup-steps.mdx | 225 ++++++++++++ _partials/self-hosted/_setup-validate.mdx | 60 +++ .../airgap-install/env-setup-vm.md | 343 +----------------- .../vmware-vsphere-airgap-instructions.md | 6 +- .../airgap-install/env-setup-vm-vertex.md | 39 ++ .../airgap-install/install.md | 2 +- .../vmware-vsphere-airgap-instructions.md | 15 +- 9 files changed, 413 insertions(+), 350 deletions(-) create mode 100644 _partials/self-hosted/_setup-next-steps.mdx create mode 100644 _partials/self-hosted/_setup-prereqs.mdx create mode 100644 _partials/self-hosted/_setup-steps.mdx create mode 100644 _partials/self-hosted/_setup-validate.mdx create mode 100644 docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/env-setup-vm-vertex.md diff --git a/_partials/self-hosted/_setup-next-steps.mdx b/_partials/self-hosted/_setup-next-steps.mdx new file mode 100644 index 0000000000..ff654e6578 --- /dev/null +++ b/_partials/self-hosted/_setup-next-steps.mdx @@ -0,0 +1,33 @@ +--- +partial_category: self-hosted +partial_name: setup-next-steps +--- + +You are now ready to deploy {props.edition} in an airgapped environment with the Palette CLI. As a root user, issue the Palette CLI +command below to start the installation. + + ```shell + palette ec install + ``` + +Complete all the Palette CLI steps outlined in the guide from the RHEL VM. + +:::info + +The table below maps the airgap script output values to their respective Palette CLI prompts and example values. The +example values are for reference only. + +| Output Value | Palette CLI Prompt | Example Value | +| ------------------------------------- | ------------------------------------ | ------------------------------------------------------ | +| **Spectro Cloud Repository Location** | **SCAR Location** | `https://palette.example.com:8443` | +| **CA certificate filepath** | **SCAR CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **OCI Registry** | **Registry Type** | `OCI` | +| **Pack OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **Image OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | + +When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the +server certificate file path from the script output. + +::: \ No newline at end of file diff --git a/_partials/self-hosted/_setup-prereqs.mdx b/_partials/self-hosted/_setup-prereqs.mdx new file mode 100644 index 0000000000..342554a198 --- /dev/null +++ b/_partials/self-hosted/_setup-prereqs.mdx @@ -0,0 +1,40 @@ +--- +partial_category: self-hosted +partial_name: setup-prereqs +--- + +- An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with + [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL + version `8.8` as an example. + +- The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. + +- The RHEL VM must have Podman installed. + +- An HTTP file server installed within the RHEL VM to host the {props.edition} files. The file server must serve files from the + `/var/www/html` directory and have SSL support enabled. Below is a list of common file servers. This guide uses Apache + as an example. + + - [Apache HTTP Server](https://httpd.apache.org/) + + - [Nginx](https://www.nginx.com/) + + - [Caddy](https://caddyserver.com/) + + :::warning + + Take the necessary steps to secure your file server and ensure it can automatically recover from failure. The file + server is a critical component of the airgap installation and must be available post-install for {props.edition} to function + properly. + + ::: + +- Review the required vSphere and ensure you have + created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains + when provisioning workloads that require persistent storage. Refer to for information. + +- The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files + in a system with internet access and then transfer them to your airgap environment. Contact your {props.edition} support + representative to obtain the latest version of each artifact. + - RHEL airgap appliance binary. This guide uses version `4.4.2` of the binary as an example. + - {props.edition} installation binary. This guide uses version `4.4.14` of the binary as an example. \ No newline at end of file diff --git a/_partials/self-hosted/_setup-steps.mdx b/_partials/self-hosted/_setup-steps.mdx new file mode 100644 index 0000000000..4f6af61d38 --- /dev/null +++ b/_partials/self-hosted/_setup-steps.mdx @@ -0,0 +1,225 @@ +--- +partial_category: self-hosted +partial_name: setup-steps +--- + +1. Log in to your vCenter environment. + +2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account + you plan to use when deploying the {props.edition} installation. + +3. Right-click on your cluster or resource group and select **Deploy OVF Template**. + +4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes + distribution OVA required for the {props.edition} nodes creation. Contact your {props.edition} support representative to learn if + the version of {props.edition} you are using requires a new OS and Kubernetes OVA. + + ```url + https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-1282-0.ova + ``` + + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1282-0`. This + naming convention is required for the installation process to identify the OVA. Refer to the + page for a list of additional OS and + Kubernetes OVAs. + + You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the + [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) + guide for more information about deploying an OVA in vCenter. + + :::warning + + If you encounter an error message during the OVA deployment stating that vCenter is unable to retrieve a manifest or + certificate, refer to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for + guidance on how to resolve the issue. + + ::: + +5. Open a terminal window and SSH into the RHEL airgap VM as a root user with the command below. Replace + `/path/to/private_key` with the path to your private SSH key, `docs` with the username, and `palette.example.com` + with the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +6. Switch to the `root` user account to complete the remaining steps. + + ```shell + sudo --login + ``` + +7. Set the VM timezone to Coordinated Universal Time (UTC). + + ```shell + timedatectl set-timezone UTC + ``` + +8. Ensure that ports `80` and `443` are not in use by your file server, as these ports will be used by the Harbor + registry that will be installed later. + + Open the `/etc/httpd/conf.d/ssl.conf` file and make the following changes: + + - Replace the line `Listen 443 https` with `Listen 8443 https`. + - Replace the line `` with ``. + + Save and exit the file. + +9. Next, open the `/etc/httpd/conf/httpd.conf` file and replace the line `Listen 80` with `Listen 8080`. Save and exit + the file. + +10. Restart the Apache HTTP server to apply the configuration changes. + + ```shell + systemctl restart httpd.service + ``` + +11. Allow TCP traffic on ports `80`, `8080`, `443`, and `8443`, then reload the firewall. + + ```shell + firewall-cmd --permanent --add-port=80/tcp + firewall-cmd --permanent --add-port=8080/tcp + firewall-cmd --permanent --add-port=443/tcp + firewall-cmd --permanent --add-port=8443/tcp + firewall-cmd --reload + ``` + + The output displays a success message. + + ```text hideClipboard + success + ``` + +12. Set the `AIRGAP_BUILD` variable as `true`. This is required to execute the RHEL airgap appliance binary. + + ```shell + export AIRGAP_BUILD=true + ``` + +13. Execute the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to + set up the Harbor registry and push images. + + ```shell + chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && ./airgap-appliance-v4.4.2-rhel-podman.bin + ``` + + ```text hideClipboard + Verifying archive integrity... 100% MD5 checksums are OK. All good. + Uncompressing Airgap Appliance Setup - 4.4.2 100% + Setting up directories and certs + warning: /opt/spectro/pwgen-2.08-3.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 2f86d6a1: NOKEY + Verifying... ################################# [100%] + Preparing... ################################# [100%] + Updating / installing... + 1:pwgen-2.08-3.el8 ################################# [100%] + Skipping setting up Nginx and Podman for airgap + Installing Podman + Setting up Harbor + Setting up oras and jq + Setting up Manifests + Cleaning up setup files + Reboot the system for selinux changes to take effect + ``` + +14. Reboot your RHEL VM to apply the changes. + + ```shell + reboot + ``` + + + Your SSH connection will be terminated. Start a new SSH session and switch to `sudo` mode before proceeding. Use + the same commands from steps *5* and *6* of this guide. + +15. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the + RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. + + ```shell + chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && /bin/airgap-setup.sh palette.example.com + ``` + + The script output will look similar to the example below. It contains the credentials and values you will need when + completing the installation with the Palette CLI. If you need to review this information in the future, invoke the + script again. + + ```text hideClipboard + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + ``` + +16. (REVIEW) Update the SSL certificate file and key in the **httpd** service. + + :::warning + + You can skip this step if you plan to use the local Spectro Cloud Repository Location (SCAR) during the + [{props.edition} installation](#next-steps) process. + + ::: + + Open the `/etc/httpd/conf.d/ssl.conf` file and add the path to the certificate and key generated in step **15** of + this guide: + + - Replace the line `SSLCertificateFile /etc/pki/tls/certs/localhost.crt` with + `SSLCertificateFile /opt/spectro/ssl/server.crt`. + - Replace the line `SSLCertificateKeyFile /etc/pki/tls/private/localhost.key` with + `SSLCertificateKeyFile /opt/spectro/ssl/server.key`. + + Save and exit the file. Next, restart the HTTP server to apply the changes. + + ```shell + systemctl restart httpd.service + ``` + +17. Execute the {props.edition} installation binary, which pushes {props.edition} images and packs to the Harbor registry. + + ```shell + chmod +x airgap-4-4-14.bin && ./airgap-4-4-14.bin + ``` + + This step may take some time to complete. A `Setup Completed` message confirms it is finished. + + ```text hideClipboard {8} + Verifying archive integrity... 100% MD5 checksums are OK. All good. + Uncompressing Airgap Setup - Version 4.4.14 100% + Setting up CLI + Setting up Manifests + Setting up Packs + ... + + Setup Completed + ``` + +18. (REVIEW) Grant the Apache user and group access to the `/var/www/html` folder. + + ```shell + chown -R apache.apache /var/www/html + ``` \ No newline at end of file diff --git a/_partials/self-hosted/_setup-validate.mdx b/_partials/self-hosted/_setup-validate.mdx new file mode 100644 index 0000000000..367333fff1 --- /dev/null +++ b/_partials/self-hosted/_setup-validate.mdx @@ -0,0 +1,60 @@ +--- +partial_category: self-hosted +partial_name: setup-validate +--- + +1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to + the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +2. Switch to the `root` user account. + + ```shell + sudo --login + ``` + +3. Issue the following command to validate that you have successfully completed the airgap setup process. Replace + `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + bin/airgap-setup.sh palette.example.com + ``` + + The output must include the registry location and credentials, which must be accessible from within your + environment. + + ```shell hideClipboard + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + ``` \ No newline at end of file diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md index 4b0aa9de78..ef4e35c7e5 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md @@ -24,351 +24,16 @@ This guide is for preparing your airgap environment only. For instructions on in ## Prerequisites -- An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with - [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL - version `8.8` as an example. - -- The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. - -- The RHEL VM must have Podman installed. - -- An HTTP file server installed within the RHEL VM to host the Palette files. The file server must serve files from the - `/var/www/html` directory and have SSL support enabled. Below is a list of common file servers. This guide uses Apache - as an example. - - - [Apache HTTP Server](https://httpd.apache.org/) - - - [Nginx](https://www.nginx.com/) - - - [Caddy](https://caddyserver.com/) - - :::warning - - Take the necessary steps to secure your file server and ensure it can automatically recover from failure. The file - server is a critical component of the airgap installation and must be available post-install for Palette to function - properly. - - ::: - -- Review the required vSphere [permissions](../../install-on-vmware/vmware-system-requirements.md) and ensure you have - created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains - when provisioning workloads that require persistent storage. Refer to - [Zone Tagging](../../install-on-vmware/vmware-system-requirements.md#zone-tagging) for information. - -- The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files - in a system with internet access and then transfer them to your airgap environment. Contact your Palette support - representative to obtain the latest version of each artifact. - - RHEL airgap appliance binary. This guide uses version `4.4.2` of the binary as an example. - - Palette installation binary. This guide uses version `4.4.14` of the binary as an example. + ## Prepare for Airgap Installation -1. Log in to your vCenter environment. - -2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account - you plan to use when deploying the Palette installation. - -3. Right-click on your cluster or resource group and select **Deploy OVF Template**. - -4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes - distribution OVA required for the Palette nodes creation. Contact your Palette support representative to learn if - the version of Palette you are using requires a new OS and Kubernetes OVA. - - ```url - https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-1282-0.ova - ``` - - Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when - assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1282-0`. This - naming convention is required for the installation process to identify the OVA. Refer to the - [Additional Packs](../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS and - Kubernetes OVAs. - - You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the - [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) - guide for more information about deploying an OVA in vCenter. - - :::warning - - If you encounter an error message during the OVA deployment stating that vCenter is unable to retrieve a manifest or - certificate, refer to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for - guidance on how to resolve the issue. - - ::: - -5. Open a terminal window and SSH into the RHEL airgap VM as a root user with the command below. Replace - `/path/to/private_key` with the path to your private SSH key, `docs` with the username, and `palette.example.com` - with the FQDN of the RHEL airgap VM. - - ```shell - ssh -i /path/to/private_key docs@palette.example.com - ``` - -6. Switch to the `root` user account to complete the remaining steps. - - ```shell - sudo --login - ``` - -7. Set the VM timezone to Coordinated Universal Time (UTC). - - ```shell - timedatectl set-timezone UTC - ``` - -8. Ensure that ports `80` and `443` are not in use by your file server, as these ports will be used by the Harbor - registry that will be installed later. - - Open the `/etc/httpd/conf.d/ssl.conf` file and make the following changes: - - - Replace the line `Listen 443 https` with `Listen 8443 https`. - - Replace the line `` with ``. - - Save and exit the file. - -9. Next, open the `/etc/httpd/conf/httpd.conf` file and replace the line `Listen 80` with `Listen 8080`. Save and exit - the file. - -10. Restart the Apache HTTP server to apply the configuration changes. - - ```shell - systemctl restart httpd.service - ``` - -11. Allow TCP traffic on ports `80`, `8080`, `443`, and `8443`, then reload the firewall. - - ```shell - firewall-cmd --permanent --add-port=80/tcp - firewall-cmd --permanent --add-port=8080/tcp - firewall-cmd --permanent --add-port=443/tcp - firewall-cmd --permanent --add-port=8443/tcp - firewall-cmd --reload - ``` - - The output displays a success message. - - ```text hideClipboard - success - ``` - -12. Set the `AIRGAP_BUILD` variable as `true`. This is required to execute the RHEL airgap appliance binary. - - ```shell - export AIRGAP_BUILD=true - ``` - -13. Execute the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to - set up the Harbor registry and push images. - - ```shell - chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && ./airgap-appliance-v4.4.2-rhel-podman.bin - ``` - - ```text hideClipboard - Verifying archive integrity... 100% MD5 checksums are OK. All good. - Uncompressing Airgap Appliance Setup - 4.4.2 100% - Setting up directories and certs - warning: /opt/spectro/pwgen-2.08-3.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 2f86d6a1: NOKEY - Verifying... ################################# [100%] - Preparing... ################################# [100%] - Updating / installing... - 1:pwgen-2.08-3.el8 ################################# [100%] - Skipping setting up Nginx and Podman for airgap - Installing Podman - Setting up Harbor - Setting up oras and jq - Setting up Manifests - Cleaning up setup files - Reboot the system for selinux changes to take effect - ``` - -14. Reboot your RHEL VM to apply the changes. - - ```shell - reboot - ``` - - - Your SSH connection will be terminated. Start a new SSH session and switch to `sudo` mode before proceeding. Use - the same commands from steps *5* and *6* of this guide. - -15. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the - RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. - - ```shell - chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && /bin/airgap-setup.sh palette.example.com - ``` - - The script output will look similar to the example below. It contains the credentials and values you will need when - completing the installation with the Palette CLI. If you need to review this information in the future, invoke the - script again. - - ```text hideClipboard - Setting up SSL Certs - /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory - chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory - mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory - cp: target '/etc/nginx/ssl' is not a directory - Setting up Harbor - setenforce is /usr/sbin/setenforce - Setup Completed - - Details: - ------- - Spectro Cloud Repository - Location: https://palette.example.com:8443 - UserName: spectro - Password: ************** - CA certificate filepath: /opt/spectro/ssl/server.crt - - Pack OCI Registry - Endpoint: https://palette.example.com - Base Content Path: spectro-packs - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: admin - Password: ************** - - Image OCI Registry - Endpoint: https://palette.example.comv - Base Content Path: spectro-images - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: admin - Password: ************** - ``` - -16. (REVIEW) Update the SSL certificate file and key in the **httpd** service. - - :::warning - - You can skip this step if you plan to use the local Spectro Cloud Repository Location (SCAR) during the - [Palette installation](#next-steps) process. - - ::: - - Open the `/etc/httpd/conf.d/ssl.conf` file and add the path to the certificate and key generated in step **15** of - this guide: - - - Replace the line `SSLCertificateFile /etc/pki/tls/certs/localhost.crt` with - `SSLCertificateFile /opt/spectro/ssl/server.crt`. - - Replace the line `SSLCertificateKeyFile /etc/pki/tls/private/localhost.key` with - `SSLCertificateKeyFile /opt/spectro/ssl/server.key`. - - Save and exit the file. Next, restart the HTTP server to apply the changes. - - ```shell - systemctl restart httpd.service - ``` - -17. Execute the Palette installation binary, which pushes Palette images and packs to the Harbor registry. - - ```shell - chmod +x airgap-4-4-14.bin && ./airgap-4-4-14.bin - ``` - - This step may take some time to complete. A `Setup Completed` message confirms it is finished. - - ```text hideClipboard {8} - Verifying archive integrity... 100% MD5 checksums are OK. All good. - Uncompressing Airgap Setup - Version 4.4.14 100% - Setting up CLI - Setting up Manifests - Setting up Packs - ... - - Setup Completed - ``` - -18. (REVIEW) Grant the Apache user and group access to the `/var/www/html` folder. - - ```shell - chown -R apache.apache /var/www/html - ``` + ## Validate -1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to - the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. - - ```shell - ssh -i /path/to/private_key docs@palette.example.com - ``` - -2. Switch to the `root` user account. - - ```shell - sudo --login - ``` - -3. Issue the following command to validate that you have successfully completed the airgap setup process. Replace - `palette.example.com` with the FQDN of the RHEL airgap VM. - - ```shell - bin/airgap-setup.sh palette.example.com - ``` - - The output must include the registry location and credentials, which must be accessible from within your - environment. - - ```shell hideClipboard - Setting up SSL Certs - /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory - chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory - mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory - cp: target '/etc/nginx/ssl' is not a directory - Setting up Harbor - setenforce is /usr/sbin/setenforce - Setup Completed - - Details: - ------- - Spectro Cloud Repository - Location: https://palette.example.com:8443 - UserName: spectro - Password: ************** - CA certificate filepath: /opt/spectro/ssl/server.crt - - Pack OCI Registry - Endpoint: https://palette.example.com - Base Content Path: spectro-packs - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: admin - Password: ************** - - Image OCI Registry - Endpoint: https://palette.example.comv - Base Content Path: spectro-images - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: admin - Password: ************** - ``` + ## Next Steps -You are now ready to deploy the airgap Palette installation with the Palette CLI. As a root user, issue the Palette CLI -command below to start the installation. - - ```shell - palette ec install - ``` - -Complete all the Palette CLI steps outlined in the [Install Palette](./install.md) guide from the RHEL VM. - -:::info - -The table below maps the airgap script output values to their respective Palette CLI prompts and example values. The -example values are for reference only. - -| Output Value | Palette CLI Prompt | Example Value | -| ------------------------------------- | ------------------------------------ | ------------------------------------------------------ | -| **Spectro Cloud Repository Location** | **SCAR Location** | `https://palette.example.com:8443` or `10.10.1.1:8443` | -| **CA certificate filepath** | **SCAR CA certificate filepath** | `/opt/spectro/ssl/server.crt` | -| **OCI Registry** | **Registry Type** | `OCI` | -| **Pack OCI Registry** | **Registry Endpoint** | `https://palette.example.com` or `10.10.1.1` | -| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | -| **Image OCI Registry** | **Registry Endpoint** | `https://palette.example.com` or `10.10.1.1` | -| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | - -When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the -server certificate file path from the script output. - -::: + diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index 93b49d0ef4..d377a6df8f 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -14,9 +14,9 @@ an airgap support VM. :::info -This guide is for preparing your airgap environment only. For instructions on installing Palette on -[VMware](./install.md). A checklist of the steps you will complete to prepare your airgap environment for Palette is -available in the [Checklist](./checklist.md) page. +This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, check the +[Install](./install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for Palette +is available in the [Checklist](./checklist.md) page. ::: diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/env-setup-vm-vertex.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/env-setup-vm-vertex.md new file mode 100644 index 0000000000..89b0a3d65e --- /dev/null +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/env-setup-vm-vertex.md @@ -0,0 +1,39 @@ +--- +sidebar_label: "Environment Setup with RHEL" +title: "Environment Setup with an Existing RHEL VM" +description: "Learn how to prepare your airgap environment for VerteX installation using an existing RHEL VM" +icon: "" +hide_table_of_contents: false +sidebar_position: 35 +tags: ["self-hosted", "vertex", "airgap", "vmware", "vsphere", "rhel"] +keywords: ["self-hosted", "vertex"] +--- + +This guide helps you prepare your VMware vSphere airgap environment for VerteX installation using an existing Red Hat +Enterprise Linux (RHEL) VM. + +You will learn how to execute an appliance binary in your VM that installs the necessary tools to deploy an OCI registry +for hosting VerteX images and also assists in starting the VerteX installation. + +:::info + +This guide is for preparing your airgap environment only. For instructions on installing VerteX on VMware, refer to the +[Install VerteX](./install.md) guide. + +::: + +## Prerequisites + + + +## Prepare for Airgap Installation + + + +## Validate + + + +## Next Steps + + diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md index f4eafe741f..1b4a35b907 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md @@ -3,7 +3,7 @@ sidebar_label: "Install VerteX" title: "Install VerteX" description: "Learn how to install VerteX in an airgap VMware environment." icon: "" -sidebar_position: 30 +sidebar_position: 40 hide_table_of_contents: false tags: ["vertex", "enterprise", "airgap", "vmware", "vsphere"] keywords: ["self-hosted", "vertex"] diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index d7cf536481..4500be7f26 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -1,7 +1,7 @@ --- -sidebar_label: "Environment Setup" -title: "Environment Setup" -description: "Learn how to install VerteX in an air gap environment." +sidebar_label: "Environment Setup with OVA" +title: "Environment Setup with OVA" +description: "Learn how to install VerteX in an airgap environment." icon: "" hide_table_of_contents: false sidebar_position: 20 @@ -9,13 +9,14 @@ tags: ["vertex", "enterprise", "airgap", "vmware", "vsphere"] keywords: ["self-hosted", "vertex"] --- -This guide helps you to prepare your airgap environment for Palette VerteX installation. +This guide helps you to prepare your airgap environment for VerteX installation using an OVA to deploy and initialize an +airgap support VM. :::info -This guide is for preparing your airgap environment only. For instructions on installing Palette on -[VMware](./install.md). A checklist of the steps you will complete to prepare your airgap environment for Palette is -available in the [Checklist](./checklist.md) page. +This guide is for preparing your airgap environment only. For instructions on installing VerteX on VMware, check the +[Install](./install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for VerteX +is available in the [Checklist](./checklist.md) page. ::: From f901b52aeaadfb4dce9f7abf6318063164b1f889 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 10:07:17 -0400 Subject: [PATCH 05/17] docs: restructure folders --- .../airgap-install/airgap-install.md | 4 +-- .../{ => environment-setup}/env-setup-vm.md | 2 +- .../environment-setup/environment-setup.md | 26 +++++++++++++++++++ .../vmware-vsphere-airgap-instructions.md | 22 ++++++++-------- .../airgap-install/install.md | 3 ++- 5 files changed, 42 insertions(+), 15 deletions(-) rename docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/{ => environment-setup}/env-setup-vm.md (97%) create mode 100644 docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md rename docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/{ => environment-setup}/vmware-vsphere-airgap-instructions.md (94%) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/airgap-install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/airgap-install.md index 8bdeb67848..a43219847c 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/airgap-install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/airgap-install.md @@ -54,11 +54,11 @@ Configure your Palette environment ## Get Started To get started with an airgap Palette installation, begin by reviewing the -[Environment Setup](./vmware-vsphere-airgap-instructions.md) guide. +[Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) guide. ## Resources -- [Environment Setup](./vmware-vsphere-airgap-instructions.md) +- [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) - [Airgap Install Checklist](./checklist.md) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md similarity index 97% rename from docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md rename to docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md index ef4e35c7e5..3922509a06 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/env-setup-vm.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md @@ -18,7 +18,7 @@ for hosting Palette images and also assists in starting the Palette installation :::info This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, refer to the -[Install Palette](./install.md) guide. +[Install Palette](../install.md) guide. ::: diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md new file mode 100644 index 0000000000..edef68cf24 --- /dev/null +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md @@ -0,0 +1,26 @@ +--- +sidebar_label: "Environment Setup" +title: "Environment Setup" +description: "Learn how to prepare your airgap environment for Palette installation." +icon: "" +hide_table_of_contents: false +sidebar_position: 20 +tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere"] +keywords: ["self-hosted", "enterprise"] +--- + +This section helps you prepare your VMware vSphere airgap environment for Palette installation. There are two ways to +prepare your environment: + +1. If you have a Red Hat Enterprise Linux (RHEL) VM deployed in your environment, follow the + [Environment Setup with an Existing RHEL VM](./env-setup-vm.md) guide to learn how to prepare this VM for Palette + installation. +2. If you do not have a VM, follow the [Environment Setup with OVA](./vmware-vsphere-airgap-instructions.md) guide. This + guide will show you how to use an OVA to deploy a airgap support VM in your VMware vSphere environment, which will + assist with the Palette installation. + +## Resources + +- [Environment Setup with OVA](./vmware-vsphere-airgap-instructions.md) + +- [Environment Setup with an Existing RHEL VM](./env-setup-vm.md) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md similarity index 94% rename from docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md rename to docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md index d377a6df8f..6c2a8c01ac 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md @@ -9,14 +9,14 @@ tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere"] keywords: ["self-hosted", "enterprise"] --- -This guide helps you to prepare your airgap environment for Palette installation using an OVA to deploy and initialize -an airgap support VM. +This guide helps you prepare your airgap environment for Palette installation using an OVA to deploy and initialize an +airgap support VM. :::info This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, check the -[Install](./install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for Palette -is available in the [Checklist](./checklist.md) page. +[Install](../install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for +Palette is available in the [Checklist](../checklist.md) page. ::: @@ -49,17 +49,17 @@ Palette. - Configure the Dynamic Host Configuration Protocol (DHCP) to access the airgap support VM via SSH. You can disable DHCP or modify the IP address after deploying the airgap support VM. -- Review the required vSphere [permissions](../../install-on-vmware/vmware-system-requirements.md) and ensure you've +- Review the required vSphere [permissions](../../../install-on-vmware/vmware-system-requirements.md) and ensure you've created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains when provisioning workloads that require persistent storage. Refer to - [Zone Tagging](../../install-on-vmware/vmware-system-requirements.md#zone-tagging) for information. + [Zone Tagging](../../../install-on-vmware/vmware-system-requirements.md#zone-tagging) for information. :::info Self-hosted Palette installations provide a system Private Cloud Gateway (PCG) out-of-the-box and typically do not require a separate, user-installed PCG. However, you can deploy additional PCG instances to support provisioning into remote data centers without a direct incoming connection to Palette. To learn how to install a PCG on VMware, check out -the [VMware](../../../../clusters/pcg/deploy-pcg/vmware.md) guide. +the [VMware](../../../../../clusters/pcg/deploy-pcg/vmware.md) guide. ::: @@ -90,7 +90,7 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when assigning its name and target location. For example, the final output should look like `r_u-2004-0-k-12610`. This naming convention is required for the installation process to identify the OVA. Refer to the - [Supplement Packs](../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS OVAs. + [Supplement Packs](../../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS OVAs. You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) @@ -350,8 +350,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 21. The output of the script contains credentials and values you will need when completing the installation with the Palette CLI. If you need to review this information in the future, invoke the script again. -22. Review the [Additional Packs](../../airgap/supplemental-packs.md) page and identify any additional packs you want to - add to your OCI registry. By default, the installation includes only the minimum required packs. You can also add +22. Review the [Additional Packs](../../../airgap/supplemental-packs.md) page and identify any additional packs you want + to add to your OCI registry. By default, the installation includes only the minimum required packs. You can also add additional packs after the installation is complete. You have now completed the preparation steps for an airgap installation. Check out the [Validate](#validate) section to @@ -429,7 +429,7 @@ installed in the airgap support VM and ready to use. palette ec install ``` -Complete all the Palette CLI steps outlined in the [Install Palette](./install.md) guide from the airgap support VM. +Complete all the Palette CLI steps outlined in the [Install Palette](../install.md) guide from the airgap support VM. :::info diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md index 317e69a902..40f5be488c 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md @@ -16,7 +16,8 @@ and assets. :::warning -Complete the [Environment Setup](./vmware-vsphere-airgap-instructions.md) steps before proceeding with the installation. +Complete the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) steps before proceeding with +the installation. ::: From 265e93a1745c3d8058e5eafcca4cad93e1db834a Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 11:07:07 -0400 Subject: [PATCH 06/17] docs: fix broken links --- .../airgap-build/rhel-capi-airgap.md | 2 +- .../airgap-build/rocky-capi-airgap.md | 2 +- .../byoos/capi-image-builder/config-reference.md | 8 ++++---- .../environment-setup/environment-setup.md | 10 +++++----- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/docs-content/byoos/capi-image-builder/build-image-vmware/airgap-build/rhel-capi-airgap.md b/docs/docs-content/byoos/capi-image-builder/build-image-vmware/airgap-build/rhel-capi-airgap.md index dbb8a0b5aa..2451924545 100644 --- a/docs/docs-content/byoos/capi-image-builder/build-image-vmware/airgap-build/rhel-capi-airgap.md +++ b/docs/docs-content/byoos/capi-image-builder/build-image-vmware/airgap-build/rhel-capi-airgap.md @@ -32,7 +32,7 @@ Enterprise Linux (RHEL) image with @@ -61,7 +61,7 @@ VerteX. Self-hosted VerteX installations provide a system Private Cloud Gateway (PCG) out-of-the-box and typically do not require a separate, user-installed PCG. However, you can deploy additional PCG instances to support provisioning into remote data centers without a direct incoming connection to VerteX. To learn how to install a PCG on VMware, check out -the [VMware](../../../../clusters/pcg/deploy-pcg/vmware.md) guide. +the [VMware](../../../../../clusters/pcg/deploy-pcg/vmware.md) guide. ::: @@ -94,7 +94,7 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-12711-0`. This naming convention is required for the installation process to identify the OVA. Refer to the - [Supplement Packs](../../airgap/supplemental-packs.md) page for a list of additional OS OVAs. + [Supplement Packs](../../../airgap/supplemental-packs.md) page for a list of additional OS OVAs. You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) @@ -354,8 +354,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 21. The output of the script contains credentials and values you will need when completing the installation with the Palette CLI. If you need to review this information in the future, invoke the script again. -22. Review the [Additional Packs](../../airgap/supplemental-packs.md) page and identify any additional packs you want to - add to your OCI registry. By default, the installation includes only the minimum required packs. You can also add +22. Review the [Additional Packs](../../../airgap/supplemental-packs.md) page and identify any additional packs you want + to add to your OCI registry. By default, the installation includes only the minimum required packs. You can also add additional packs after the installation is complete. You have now completed the preparation steps for an airgap installation. Check out the [Validate](#validate) section to @@ -433,7 +433,7 @@ installed in the airgap support VM and ready to use. palette ec install ``` -Complete all the Palette CLI steps outlined in the [Install VerteX](./install.md) guide from the airgap support VM. +Complete all the Palette CLI steps outlined in the [Install VerteX](../install.md) guide from the airgap support VM. :::info diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md index 1b4a35b907..0250315b3e 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md @@ -20,7 +20,8 @@ Palette VerteX will be deployed. If you are installing Palette VerteX in an airgap environment, ensure you complete all the airgap pre-install steps before proceeding with the installation. Refer to the -[VMware vSphere Airgap Instructions](./vmware-vsphere-airgap-instructions.md) guide for more information. +[VMware vSphere Airgap Instructions](./environment-setup/vmware-vsphere-airgap-instructions.md) guide for more +information. ::: @@ -176,10 +177,10 @@ Use the following steps to install Palette VerteX. :::info - If you are using the Palette CLI from inside an [airgap support VM](./vmware-vsphere-airgap-instructions.md), the - CLI will automatically detect the airgap environment and prompt you to **Use local, air-gapped Spectro Cloud - Artifact Repository (SCAR) configuration**. Type `y` to use the local resources and skip filling in the repository - URL and credentials. + If you are using the Palette CLI from inside an + [airgap support VM](./environment-setup/vmware-vsphere-airgap-instructions.md), the CLI will automatically detect + the airgap environment and prompt you to **Use local, air-gapped Spectro Cloud Artifact Repository (SCAR) + configuration**. Type `y` to use the local resources and skip filling in the repository URL and credentials. ::: @@ -205,9 +206,10 @@ Use the following steps to install Palette VerteX. | **Service IP Range** | Enter the IP address range that will be used to assign IP addresses to services in the EC cluster. The service IP addresses should be unique and not overlap with any machine IPs in the environment. | 14. Select the OCI registry type and provide the configuration values. Review the following table for more information. - If you are using the Palette CLI from inside an [airgap support VM](./vmware-vsphere-airgap-instructions.md), the - CLI will automatically detect the airgap environment and prompt you to **Use local, air-gapped Pack Registry?** Type - `y` to use the local resources and skip filling in the OCI registry URL and credentials. + If you are using the Palette CLI from inside an + [airgap support VM](./environment-setup/vmware-vsphere-airgap-instructions.md), the CLI will automatically detect + the airgap environment and prompt you to **Use local, air-gapped Pack Registry?** Type `y` to use the local + resources and skip filling in the OCI registry URL and credentials. :::warning @@ -236,10 +238,10 @@ Use the following steps to install Palette VerteX. | **Use Public Registry for Images** | Type `y` to use a public registry for images. Type `n` to a different registry for images. If you are using another registry for images, you will be prompted to enter the registry URL, base path, username, and password. Airgap users, select `n` so that you can specify the values for the OCI registry that contains all the required images. | When prompted to **Pull images from public registry**, type `n` and specify the OCI registry configuration values - for your image registry. If you are an [airgap support VM](./vmware-vsphere-airgap-instructions.md), the CLI will - automatically detect the airgap environment and prompt you to **Use local, air-gapped Image Registry?**. Type `y` to - use the local resources and skip filling in the OCI registry URL and credentials. Refer to the table above for more - information. + for your image registry. If you are an + [airgap support VM](./environment-setup/vmware-vsphere-airgap-instructions.md), the CLI will automatically detect + the airgap environment and prompt you to **Use local, air-gapped Image Registry?**. Type `y` to use the local + resources and skip filling in the OCI registry URL and credentials. Refer to the table above for more information. :::info @@ -459,7 +461,7 @@ teams. ## Resources -- [Environment Setup](./vmware-vsphere-airgap-instructions.md) +- [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) - [Create a Tenant](../../../system-management/tenant-management.md) From 657c458ebee7842477c5c29746483cbbcfbd6b4e Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 11:22:36 -0400 Subject: [PATCH 08/17] docs: add redirects --- redirects.js | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/redirects.js b/redirects.js index dcc6d8e1df..e06506018a 100644 --- a/redirects.js +++ b/redirects.js @@ -545,6 +545,14 @@ const redirects = [ from: "/automation/palette-cli/commands/validator/", to: "/automation/palette-cli/commands/ec/", }, + { + from: "/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions/", + to: "/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions/", + }, + { + from: "/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions/", + to: "/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions/", + }, { from: [ "/integrations/antrea-cni", From 17af6d345a2b07008d448329ff4c133467ca2bcf Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 11:39:27 -0400 Subject: [PATCH 09/17] docs: fix more broken links --- .../byoos/capi-image-builder/config-reference.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/docs-content/byoos/capi-image-builder/config-reference.md b/docs/docs-content/byoos/capi-image-builder/config-reference.md index 339e9cca2a..4a4b99d5de 100644 --- a/docs/docs-content/byoos/capi-image-builder/config-reference.md +++ b/docs/docs-content/byoos/capi-image-builder/config-reference.md @@ -110,10 +110,10 @@ create a separate configuration file for each. Fill out the parameters below if you are building the image in an air-gapped environment. Otherwise, you can skip this section. -| Parameter | Description | Required | -| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | -| `airgap` | Set to `true` if you are building the image in an air-gapped environment. | Yes | -| `airgap_ip` | The IP address or hostname of the airgap support VM that has the required dependencies. Refer to the [Self-Hosted Palette](../../enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md) and [Vertex](../../vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md) Environment Setup pages for instructions on how to deploy an airgap support VM. | Yes | +| Parameter | Description | Required | +| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | +| `airgap` | Set to `true` if you are building the image in an air-gapped environment. | Yes | +| `airgap_ip` | The IP address or hostname of the airgap support VM that has the required dependencies. Refer to the [Self-Hosted Palette](../../enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md) and [Vertex](../../vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md) Environment Setup pages for instructions on how to deploy an airgap support VM. | Yes | ## Example Configuration From 4bdcea4926ca4670cef5bcb3f2a1a524a0fd1f2f Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 15:14:28 -0400 Subject: [PATCH 10/17] docs: fix more broken links --- .../vertex/install-palette-vertex/install-on-vmware/install.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md index d85deec871..81c3615647 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md @@ -418,7 +418,7 @@ teams. ## Resources -- [Airgap Instructions](./airgap-install/vmware-vsphere-airgap-instructions.md) +- [Airgap Instructions](./airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md) - [Create a Tenant](../../system-management/tenant-management.md) From e836947e57906e9e35b51f04d1dd493b6ab9226a Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 15:49:51 -0400 Subject: [PATCH 11/17] docs: fix existing redirects --- redirects.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/redirects.js b/redirects.js index e06506018a..a9797372d2 100644 --- a/redirects.js +++ b/redirects.js @@ -402,7 +402,7 @@ const redirects = [ }, { from: "/enterprise-version/install-palette/airgap/vmware-vsphere-airgap-instructions/", - to: "/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions/", + to: "/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions/", }, { from: "/vertex/install-palette-vertex/airgap/kubernetes-airgap-instructions/", @@ -410,7 +410,7 @@ const redirects = [ }, { from: "/vertex/install-palette-vertex/airgap/vmware-vsphere-airgap-instructions/", - to: "/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions/", + to: "/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions/", }, { from: "/vertex/install-palette-vertex/airgap/checklist/", From c01e4927ad4aa5adcd82f40f69ab06b8dedfbf06 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Mon, 16 Sep 2024 16:58:38 -0400 Subject: [PATCH 12/17] docs: fix last broken links --- .../enterprise-version/install-palette/airgap/airgap.md | 2 +- .../install-on-vmware/airgap-install/airgap-install.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/docs-content/enterprise-version/install-palette/airgap/airgap.md b/docs/docs-content/enterprise-version/install-palette/airgap/airgap.md index 3137b7d9ad..2c52945348 100644 --- a/docs/docs-content/enterprise-version/install-palette/airgap/airgap.md +++ b/docs/docs-content/enterprise-version/install-palette/airgap/airgap.md @@ -57,7 +57,7 @@ To get started with an airgap Palette installation, check out the respective pla - [Kubernetes Airgap Instructions](../install-on-kubernetes/airgap-install/kubernetes-airgap-instructions.md) -- [VMware vSphere Airgap Instructions](../install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md) +- [VMware vSphere Airgap Instructions](../install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md) Each platform guide provides detailed instructions on how to complete the pre-install steps. diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/airgap-install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/airgap-install.md index af36199b16..8425dbf140 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/airgap-install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/airgap-install.md @@ -54,11 +54,11 @@ Configure your Palette environment ## Get Started To get started with an airgap Palette installation, begin by reviewing the -[Environment Setup](./vmware-vsphere-airgap-instructions.md) guide. +[Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) guide. ## Resources -- [Environment Setup](./vmware-vsphere-airgap-instructions.md) +- [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) - [Airgap Install Checklist](./checklist.md) From db3bcadcb06d7389b7c1cfcd014fc5e01c4e9abe Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Wed, 16 Oct 2024 10:00:42 -0400 Subject: [PATCH 13/17] docs: fix broken links --- .../vmware-vsphere-airgap-instructions.md | 6 +++--- .../install-on-vmware/airgap-install/install.md | 8 ++++---- .../vmware-vsphere-airgap-instructions.md | 6 +++--- .../install-on-vmware/airgap-install/install.md | 15 ++++++++------- 4 files changed, 18 insertions(+), 17 deletions(-) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md index 74926b11fc..b4a3c9570c 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md @@ -16,7 +16,7 @@ airgap support VM. This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, check the [Install](../install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for -Palette is available on the [Checklist](./checklist.md) page. +Palette is available on the [Checklist](../checklist.md) page. ::: @@ -383,8 +383,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock Once the airgap binary completes its tasks, you will receive a **Setup Completed** success message. -23. Review the [Additional Packs](../../airgap/supplemental-packs.md) page and identify any additional packs you want to - add to your OCI registry. You can also add additional packs after the installation is complete. +23. Review the [Additional Packs](../../../airgap/supplemental-packs.md) page and identify any additional packs you want + to add to your OCI registry. You can also add additional packs after the installation is complete. You have now completed the preparation steps for an airgap installation. Check out the [Validate](#validate) section to ensure the airgap setup process is completed successfully. After you validate the airgap setup process completion, diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md index 1ea84a061a..f4d13b46fd 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md @@ -16,8 +16,8 @@ and assets. ## Prerequisites -- You have completed the [Environment Setup](./vmware-vsphere-airgap-instructions.md) steps and deployed the airgap - support VM. +- You have completed the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) steps and + deployed the airgap support VM. - Review the required VMware vSphere [permissions](../vmware-system-requirements.md). Ensure you have created the proper custom roles and zone tags. @@ -109,8 +109,8 @@ Use the following steps to install Palette. :::warning If you deployed the airgap support VM using a generic OVA, the Palette CLI may not be in the `usr/bin` path. Ensure - that you complete step **22** of the [Environment Setup](./vmware-vsphere-airgap-instructions.md) guide, which - installs the Palette airgap binary and moves the Palette CLI to the correct path. + that you complete step **22** of the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) + guide, which installs the Palette airgap binary and moves the Palette CLI to the correct path. ::: diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md index 8fba453823..a176c038c1 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md @@ -16,7 +16,7 @@ airgap support VM. This guide is for preparing your airgap environment only. For instructions on installing VerteX on VMware, check the [Install](../install.md) guide. A checklist of the steps you will complete to prepare your airgap environment for VerteX -is available on the [Checklist](./checklist.md) page. +is available on the [Checklist](../checklist.md) page. ::: @@ -388,8 +388,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock Once the Palette VerteX airgap binary completes its tasks, you will receive a **Setup Completed** success message. -23. Review the [Additional Packs](../../airgap/supplemental-packs.md) page and identify any additional packs you want to - add to your OCI registry. You can also add additional packs after the installation is complete. +23. Review the [Additional Packs](../../../airgap/supplemental-packs.md) page and identify any additional packs you want + to add to your OCI registry. You can also add additional packs after the installation is complete. You have now completed the preparation steps for an airgap installation. Check out the [Validate](#validate) section to ensure the airgap setup process is completed successfully. After you validate the airgap setup process completion, diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md index 290b4a9415..a72b5752b8 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md @@ -16,8 +16,8 @@ assets. ## Prerequisites -- You have completed the [Environment Setup](./vmware-vsphere-airgap-instructions.md) steps and deployed the airgap - support VM. +- You have completed the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) steps and + deployed the airgap support VM. - You can choose between two Operating Systems (OS) when installing Vertex. Review the requirements for each OS. @@ -131,8 +131,8 @@ Use the following steps to install Palette VerteX. :::warning If you deployed the airgap support VM using a generic OVA, the Palette CLI may not be in the `usr/bin` path. Ensure - that you complete step **22** of the [Environment Setup](./vmware-vsphere-airgap-instructions.md) guide, which - installs the VerteX airgap binary and moves the Palette CLI to the correct path. + that you complete step **22** of the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) + guide, which installs the VerteX airgap binary and moves the Palette CLI to the correct path. ::: @@ -191,9 +191,10 @@ Use the following steps to install Palette VerteX. | **Service IP Range** | Enter the IP address range that will be used to assign IP addresses to services in the EC cluster. The service IP addresses should be unique and not overlap with any machine IPs in the environment. | 11. Select the OCI registry type and provide the configuration values. Review the following table for more information. - If you are using the Palette CLI from inside an [airgap support VM](./vmware-vsphere-airgap-instructions.md), the - CLI will automatically detect the airgap environment and prompt you to **Use local, air-gapped Pack Registry?** Type - `y` to use the local resources and skip filling in the OCI registry URL and credentials. + If you are using the Palette CLI from inside an + [airgap support VM](./environment-setup/vmware-vsphere-airgap-instructions.md), the CLI will automatically detect + the airgap environment and prompt you to **Use local, air-gapped Pack Registry?** Type `y` to use the local + resources and skip filling in the OCI registry URL and credentials. :::warning From 7d03d88ad307df87d5fd743563f233338a40e9e4 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Wed, 16 Oct 2024 15:30:38 -0400 Subject: [PATCH 14/17] docs: update rhel version, add limitations, add last steps --- _partials/self-hosted/_setup-prereqs.mdx | 6 ++-- _partials/self-hosted/_setup-steps.mdx | 32 +++++++++++++++---- .../environment-setup/env-setup-vm.md | 6 +++- .../vmware-vsphere-airgap-instructions.md | 2 +- .../airgap-install/install.md | 4 +-- .../environment-setup/env-setup-vm-vertex.md | 6 +++- .../vmware-vsphere-airgap-instructions.md | 2 +- .../airgap-install/install.md | 4 +-- 8 files changed, 44 insertions(+), 18 deletions(-) diff --git a/_partials/self-hosted/_setup-prereqs.mdx b/_partials/self-hosted/_setup-prereqs.mdx index 342554a198..553dc38d25 100644 --- a/_partials/self-hosted/_setup-prereqs.mdx +++ b/_partials/self-hosted/_setup-prereqs.mdx @@ -5,7 +5,7 @@ partial_name: setup-prereqs - An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL - version `8.8` as an example. + version `9.4` as an example. - The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. @@ -36,5 +36,5 @@ partial_name: setup-prereqs - The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files in a system with internet access and then transfer them to your airgap environment. Contact your {props.edition} support representative to obtain the latest version of each artifact. - - RHEL airgap appliance binary. This guide uses version `4.4.2` of the binary as an example. - - {props.edition} installation binary. This guide uses version `4.4.14` of the binary as an example. \ No newline at end of file + - RHEL airgap appliance binary. + - {props.edition} installation binary. \ No newline at end of file diff --git a/_partials/self-hosted/_setup-steps.mdx b/_partials/self-hosted/_setup-steps.mdx index 4f6af61d38..2045c62090 100644 --- a/_partials/self-hosted/_setup-steps.mdx +++ b/_partials/self-hosted/_setup-steps.mdx @@ -100,6 +100,12 @@ partial_name: setup-steps 13. Execute the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to set up the Harbor registry and push images. + ```shell + chmod +x ./airgap-appliance--rhel-podman.bin && ./airgap-appliance--rhel-podman.bin + ``` + + Consider the following example for reference. + ```shell chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && ./airgap-appliance-v4.4.2-rhel-podman.bin ``` @@ -130,16 +136,16 @@ partial_name: setup-steps Your SSH connection will be terminated. Start a new SSH session and switch to `sudo` mode before proceeding. Use - the same commands from steps *5* and *6* of this guide. + the same commands from steps **5**, **6**, and **12** of this guide. 15. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. ```shell - chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && /bin/airgap-setup.sh palette.example.com + /bin/airgap-setup.sh palette.example.com ``` - The script output will look similar to the example below. It contains the credentials and values you will need when + The script output should look similar to the example below. It contains the credentials and values you will need when completing the installation with the Palette CLI. If you need to review this information in the future, invoke the script again. @@ -176,11 +182,11 @@ partial_name: setup-steps Password: ************** ``` -16. (REVIEW) Update the SSL certificate file and key in the **httpd** service. +16. Update the SSL certificate file and key in the **httpd** service. :::warning - You can skip this step if you plan to use the local Spectro Cloud Repository Location (SCAR) during the + You can skip this step if you do not plan to use the local Spectro Cloud Artifact Repository (SCAR) during the [{props.edition} installation](#next-steps) process. ::: @@ -199,7 +205,13 @@ partial_name: setup-steps systemctl restart httpd.service ``` -17. Execute the {props.edition} installation binary, which pushes {props.edition} images and packs to the Harbor registry. +17. Execute the {props.edition} installation binary, which uploads release-specific {props.edition} images and packs to the Harbor registry. + + ```shell + chmod +x airgap-.bin && ./airgap-.bin + ``` + + Consider the following example for reference. ```shell chmod +x airgap-4-4-14.bin && ./airgap-4-4-14.bin @@ -218,8 +230,14 @@ partial_name: setup-steps Setup Completed ``` -18. (REVIEW) Grant the Apache user and group access to the `/var/www/html` folder. +18. Grant the Apache user and group the necessary permissions to serve the files in the `/var/www/html` directory. ```shell chown -R apache.apache /var/www/html + ``` + + Restart the HTTP server to apply the changes. + + ```shell + systemctl restart httpd.service ``` \ No newline at end of file diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md index 3922509a06..c978b7dd55 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md @@ -13,7 +13,7 @@ This guide helps you prepare your VMware vSphere airgap environment for Palette Enterprise Linux (RHEL) VM. You will learn how to execute an appliance binary in your VM that installs the necessary tools to deploy an OCI registry -for hosting Palette images and also assists in starting the Palette installation. +for hosting Palette images and assists in starting the Palette installation. :::info @@ -22,6 +22,10 @@ This guide is for preparing your airgap environment only. For instructions on in ::: +## Limitations + +- Currently, `9.4` is the only supported RHEL version. + ## Prerequisites diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md index b4a3c9570c..7c1e459da8 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md @@ -354,7 +354,7 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 21. The output of the script contains credentials and values you will need when completing the installation with the Palette CLI. If you need to review this information in the future, invoke the script again. -22. If you have used a release-specific installation OVA, skip this step. Otherwise, if you have use a generic +22. If you have used a release-specific installation OVA, skip this step. Otherwise, if you have used a generic installation OVA, use the following command to execute the Palette airgap installation binary. ```shell diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md index f4d13b46fd..0eab54a002 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md @@ -16,8 +16,8 @@ and assets. ## Prerequisites -- You have completed the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) steps and - deployed the airgap support VM. +- You have completed the [Environment Setup](./environment-setup/environment-setup.md) steps and deployed the airgap + support VM. - Review the required VMware vSphere [permissions](../vmware-system-requirements.md). Ensure you have created the proper custom roles and zone tags. diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md index 0c28fa2593..2d3736b866 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md @@ -13,7 +13,7 @@ This guide helps you prepare your VMware vSphere airgap environment for VerteX i Enterprise Linux (RHEL) VM. You will learn how to execute an appliance binary in your VM that installs the necessary tools to deploy an OCI registry -for hosting VerteX images and also assists in starting the VerteX installation. +for hosting VerteX images and assists in starting the VerteX installation. :::info @@ -22,6 +22,10 @@ This guide is for preparing your airgap environment only. For instructions on in ::: +## Limitations + +- Currently, `9.4` is the only supported RHEL version. + ## Prerequisites diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md index a176c038c1..db3e660f2c 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md @@ -358,7 +358,7 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 21. The output of the script contains credentials and values you will need when completing the installation with the Palette CLI. If you need to review this information in the future, invoke the script again. -22. If you have used a release-specific installation OVA, skip this step. Otherwise, if you have use a generic +22. If you have used a release-specific installation OVA, skip this step. Otherwise, if you have used a generic installation OVA, use the following command to execute the Palette VerteX airgap installation binary. ```shell diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md index a72b5752b8..682934ab11 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md @@ -16,8 +16,8 @@ assets. ## Prerequisites -- You have completed the [Environment Setup](./environment-setup/vmware-vsphere-airgap-instructions.md) steps and - deployed the airgap support VM. +- You have completed the [Environment Setup](./environment-setup/environment-setup.md) steps and deployed the airgap + support VM. - You can choose between two Operating Systems (OS) when installing Vertex. Review the requirements for each OS. From 130f15198b02e43bcc57384929ae2e21bff18fbf Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Wed, 16 Oct 2024 15:44:22 -0400 Subject: [PATCH 15/17] docs: vale feedback --- _partials/self-hosted/_setup-steps.mdx | 6 +++--- .../airgap-install/environment-setup/environment-setup.md | 4 ++-- .../airgap-install/environment-setup/environment-setup.md | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/_partials/self-hosted/_setup-steps.mdx b/_partials/self-hosted/_setup-steps.mdx index 2045c62090..0360abd351 100644 --- a/_partials/self-hosted/_setup-steps.mdx +++ b/_partials/self-hosted/_setup-steps.mdx @@ -91,13 +91,13 @@ partial_name: setup-steps success ``` -12. Set the `AIRGAP_BUILD` variable as `true`. This is required to execute the RHEL airgap appliance binary. +12. Set the `AIRGAP_BUILD` variable as `true`. This is required for the RHEL airgap appliance binary. ```shell export AIRGAP_BUILD=true ``` -13. Execute the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to +13. Start the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to set up the Harbor registry and push images. ```shell @@ -205,7 +205,7 @@ partial_name: setup-steps systemctl restart httpd.service ``` -17. Execute the {props.edition} installation binary, which uploads release-specific {props.edition} images and packs to the Harbor registry. +17. Start the {props.edition} installation binary, which uploads release-specific {props.edition} images and packs to the Harbor registry. ```shell chmod +x airgap-.bin && ./airgap-.bin diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md index d172556c5d..52cc7bf117 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/environment-setup.md @@ -9,8 +9,8 @@ tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere"] keywords: ["self-hosted", "enterprise"] --- -This section helps you prepare your VMware vSphere airgap environment for Palette installation. There are two ways to -prepare your environment: +This section helps you prepare your VMware vSphere airgap environment for Palette installation. You can choose between +two methods to prepare your environment: 1. If you have a Red Hat Enterprise Linux (RHEL) VM deployed in your environment, follow the [Environment Setup with an Existing RHEL VM](./env-setup-vm.md) guide to learn how to prepare this VM for Palette diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/environment-setup.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/environment-setup.md index d9b7b6c1fa..2393dd35c2 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/environment-setup.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/environment-setup.md @@ -9,8 +9,8 @@ tags: ["self-hosted", "vertex", "airgap", "vmware", "vsphere"] keywords: ["self-hosted", "vertex"] --- -This section helps you prepare your VMware vSphere airgap environment for VerteX installation. There are two ways to -prepare your environment: +This section helps you prepare your VMware vSphere airgap environment for VerteX installation. You can choose between +two methods to prepare your environment: 1. If you have a Red Hat Enterprise Linux (RHEL) VM deployed in your environment, follow the [Environment Setup with an Existing RHEL VM](./env-setup-vm-vertex.md) guide to learn how to prepare this VM for From 6507f2e3671a075ee6e9f85ab61f5edf791f8247 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Thu, 17 Oct 2024 09:29:19 -0400 Subject: [PATCH 16/17] docs: delete other partials --- _partials/self-hosted/_setup-next-steps.mdx | 33 ----- _partials/self-hosted/_setup-prereqs.mdx | 40 ------ _partials/self-hosted/_setup-steps.mdx | 131 +++++++++++++++++- _partials/self-hosted/_setup-validate.mdx | 60 -------- .../environment-setup/env-setup-vm.md | 14 +- .../environment-setup/env-setup-vm-vertex.md | 14 +- 6 files changed, 132 insertions(+), 160 deletions(-) delete mode 100644 _partials/self-hosted/_setup-next-steps.mdx delete mode 100644 _partials/self-hosted/_setup-prereqs.mdx delete mode 100644 _partials/self-hosted/_setup-validate.mdx diff --git a/_partials/self-hosted/_setup-next-steps.mdx b/_partials/self-hosted/_setup-next-steps.mdx deleted file mode 100644 index ff654e6578..0000000000 --- a/_partials/self-hosted/_setup-next-steps.mdx +++ /dev/null @@ -1,33 +0,0 @@ ---- -partial_category: self-hosted -partial_name: setup-next-steps ---- - -You are now ready to deploy {props.edition} in an airgapped environment with the Palette CLI. As a root user, issue the Palette CLI -command below to start the installation. - - ```shell - palette ec install - ``` - -Complete all the Palette CLI steps outlined in the guide from the RHEL VM. - -:::info - -The table below maps the airgap script output values to their respective Palette CLI prompts and example values. The -example values are for reference only. - -| Output Value | Palette CLI Prompt | Example Value | -| ------------------------------------- | ------------------------------------ | ------------------------------------------------------ | -| **Spectro Cloud Repository Location** | **SCAR Location** | `https://palette.example.com:8443` | -| **CA certificate filepath** | **SCAR CA certificate filepath** | `/opt/spectro/ssl/server.crt` | -| **OCI Registry** | **Registry Type** | `OCI` | -| **Pack OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | -| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | -| **Image OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | -| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | - -When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the -server certificate file path from the script output. - -::: \ No newline at end of file diff --git a/_partials/self-hosted/_setup-prereqs.mdx b/_partials/self-hosted/_setup-prereqs.mdx deleted file mode 100644 index 553dc38d25..0000000000 --- a/_partials/self-hosted/_setup-prereqs.mdx +++ /dev/null @@ -1,40 +0,0 @@ ---- -partial_category: self-hosted -partial_name: setup-prereqs ---- - -- An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with - [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL - version `9.4` as an example. - -- The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. - -- The RHEL VM must have Podman installed. - -- An HTTP file server installed within the RHEL VM to host the {props.edition} files. The file server must serve files from the - `/var/www/html` directory and have SSL support enabled. Below is a list of common file servers. This guide uses Apache - as an example. - - - [Apache HTTP Server](https://httpd.apache.org/) - - - [Nginx](https://www.nginx.com/) - - - [Caddy](https://caddyserver.com/) - - :::warning - - Take the necessary steps to secure your file server and ensure it can automatically recover from failure. The file - server is a critical component of the airgap installation and must be available post-install for {props.edition} to function - properly. - - ::: - -- Review the required vSphere and ensure you have - created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains - when provisioning workloads that require persistent storage. Refer to for information. - -- The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files - in a system with internet access and then transfer them to your airgap environment. Contact your {props.edition} support - representative to obtain the latest version of each artifact. - - RHEL airgap appliance binary. - - {props.edition} installation binary. \ No newline at end of file diff --git a/_partials/self-hosted/_setup-steps.mdx b/_partials/self-hosted/_setup-steps.mdx index 0360abd351..5bbfed5e4c 100644 --- a/_partials/self-hosted/_setup-steps.mdx +++ b/_partials/self-hosted/_setup-steps.mdx @@ -3,6 +3,46 @@ partial_category: self-hosted partial_name: setup-steps --- +## Prerequisites + +- An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with + [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL + version `9.4` as an example. + +- The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. + +- The RHEL VM must have Podman installed. + +- An HTTP file server installed within the RHEL VM to host the {props.edition} files. The file server must serve files from the + `/var/www/html` directory and have SSL support enabled. Below is a list of common file servers. This guide uses Apache + as an example. + + - [Apache HTTP Server](https://httpd.apache.org/) + + - [Nginx](https://www.nginx.com/) + + - [Caddy](https://caddyserver.com/) + + :::warning + + Take the necessary steps to secure your file server and ensure it can automatically recover from failure. The file + server is a critical component of the airgap installation and must be available post-install for {props.edition} to function + properly. + + ::: + +- Review the required vSphere and ensure you have + created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains + when provisioning workloads that require persistent storage. Refer to for information. + +- The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files + in a system with internet access and then transfer them to your airgap environment. Contact your {props.edition} support + representative to obtain the latest version of each artifact. + - RHEL airgap appliance binary. + - {props.edition} installation binary. + +## Prepare for Airgap Installation + 1. Log in to your vCenter environment. 2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account @@ -240,4 +280,93 @@ partial_name: setup-steps ```shell systemctl restart httpd.service - ``` \ No newline at end of file + ``` + +## Validate + +1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to + the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +2. Switch to the `root` user account. + + ```shell + sudo --login + ``` + +3. Issue the following command to validate that you have successfully completed the airgap setup process. Replace + `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + bin/airgap-setup.sh palette.example.com + ``` + + The output must include the registry location and credentials, which must be accessible from within your + environment. + + ```shell hideClipboard + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + ``` + +## Next Steps + +You are now ready to deploy {props.edition} in an airgapped environment with the Palette CLI. As a root user, issue the Palette CLI +command below to start the installation. + + ```shell + palette ec install + ``` + +Complete all the Palette CLI steps outlined in the guide from the RHEL VM. + +:::info + +The table below maps the airgap script output values to their respective Palette CLI prompts and example values. The +example values are for reference only. + +| Output Value | Palette CLI Prompt | Example Value | +| ------------------------------------- | ------------------------------------ | ------------------------------------------------------ | +| **Spectro Cloud Repository Location** | **SCAR Location** | `https://palette.example.com:8443` | +| **CA certificate filepath** | **SCAR CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **OCI Registry** | **Registry Type** | `OCI` | +| **Pack OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **Image OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | + +When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the +server certificate file path from the script output. + +::: \ No newline at end of file diff --git a/_partials/self-hosted/_setup-validate.mdx b/_partials/self-hosted/_setup-validate.mdx deleted file mode 100644 index 367333fff1..0000000000 --- a/_partials/self-hosted/_setup-validate.mdx +++ /dev/null @@ -1,60 +0,0 @@ ---- -partial_category: self-hosted -partial_name: setup-validate ---- - -1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to - the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. - - ```shell - ssh -i /path/to/private_key docs@palette.example.com - ``` - -2. Switch to the `root` user account. - - ```shell - sudo --login - ``` - -3. Issue the following command to validate that you have successfully completed the airgap setup process. Replace - `palette.example.com` with the FQDN of the RHEL airgap VM. - - ```shell - bin/airgap-setup.sh palette.example.com - ``` - - The output must include the registry location and credentials, which must be accessible from within your - environment. - - ```shell hideClipboard - Setting up SSL Certs - /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory - chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory - mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory - cp: target '/etc/nginx/ssl' is not a directory - Setting up Harbor - setenforce is /usr/sbin/setenforce - Setup Completed - - Details: - ------- - Spectro Cloud Repository - Location: https://palette.example.com:8443 - UserName: spectro - Password: ************** - CA certificate filepath: /opt/spectro/ssl/server.crt - - Pack OCI Registry - Endpoint: https://palette.example.com - Base Content Path: spectro-packs - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: admin - Password: ************** - - Image OCI Registry - Endpoint: https://palette.example.comv - Base Content Path: spectro-images - CA certificate Filepath: /opt/spectro/ssl/server.crt - Username: admin - Password: ************** - ``` \ No newline at end of file diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md index c978b7dd55..2ddaaf85c9 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md @@ -26,18 +26,6 @@ This guide is for preparing your airgap environment only. For instructions on in - Currently, `9.4` is the only supported RHEL version. -## Prerequisites - - - -## Prepare for Airgap Installation +import SetupSteps from "../../../../../../../_partials/self-hosted/_setup-steps.mdx"; - -## Validate - - - -## Next Steps - - diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md index 2d3736b866..88b492bb61 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md @@ -26,18 +26,6 @@ This guide is for preparing your airgap environment only. For instructions on in - Currently, `9.4` is the only supported RHEL version. -## Prerequisites - - - -## Prepare for Airgap Installation +import SetupSteps from "../../../../../../../_partials/self-hosted/_setup-steps.mdx"; - -## Validate - - - -## Next Steps - - From 952d7d0b319f21340f075b097fe5d3551459a3bc Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Fri, 18 Oct 2024 17:05:12 -0400 Subject: [PATCH 17/17] docs: address review suggestions --- _partials/self-hosted/_setup-steps.mdx | 68 ++++++++++++++++--- .../vmware-vsphere-airgap-instructions.md | 46 ++++++++----- .../airgap-install/install.md | 2 +- .../vmware-vsphere-airgap-instructions.md | 24 +++++-- .../airgap-install/install.md | 2 +- 5 files changed, 108 insertions(+), 34 deletions(-) diff --git a/_partials/self-hosted/_setup-steps.mdx b/_partials/self-hosted/_setup-steps.mdx index 5bbfed5e4c..2de5320e35 100644 --- a/_partials/self-hosted/_setup-steps.mdx +++ b/_partials/self-hosted/_setup-steps.mdx @@ -39,7 +39,7 @@ partial_name: setup-steps in a system with internet access and then transfer them to your airgap environment. Contact your {props.edition} support representative to obtain the latest version of each artifact. - RHEL airgap appliance binary. - - {props.edition} installation binary. + - {props.edition} airgap installation binary. ## Prepare for Airgap Installation @@ -54,12 +54,25 @@ partial_name: setup-steps distribution OVA required for the {props.edition} nodes creation. Contact your {props.edition} support representative to learn if the version of {props.edition} you are using requires a new OS and Kubernetes OVA. + + + + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1294-0.ova + ``` + + + + ```url - https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-1282-0.ova + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1294-fips.ova ``` + + + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when - assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1282-0`. This + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1294-0`. This naming convention is required for the installation process to identify the OVA. Refer to the page for a list of additional OS and Kubernetes OVAs. @@ -138,7 +151,7 @@ partial_name: setup-steps ``` 13. Start the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to - set up the Harbor registry and push images. + set up the Harbor registry and push images. Replace `` with the version of the binary received from the support team. ```shell chmod +x ./airgap-appliance--rhel-podman.bin && ./airgap-appliance--rhel-podman.bin @@ -175,10 +188,15 @@ partial_name: setup-steps ``` - Your SSH connection will be terminated. Start a new SSH session and switch to `sudo` mode before proceeding. Use - the same commands from steps **5**, **6**, and **12** of this guide. + Your SSH connection will be terminated. + +15. Start a new SSH session and switch to `sudo` mode before proceeding. + + ```shell + sudo --login + ``` -15. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the +16. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. ```shell @@ -222,7 +240,7 @@ partial_name: setup-steps Password: ************** ``` -16. Update the SSL certificate file and key in the **httpd** service. +17. Update the SSL certificate file and key in the **httpd** service. :::warning @@ -245,7 +263,7 @@ partial_name: setup-steps systemctl restart httpd.service ``` -17. Start the {props.edition} installation binary, which uploads release-specific {props.edition} images and packs to the Harbor registry. +18. Start the {props.edition} installation binary, which uploads release-specific {props.edition} images and packs to the Harbor registry. Replace `` with the version of the binary received from the support team. ```shell chmod +x airgap-.bin && ./airgap-.bin @@ -270,7 +288,7 @@ partial_name: setup-steps Setup Completed ``` -18. Grant the Apache user and group the necessary permissions to serve the files in the `/var/www/html` directory. +19. Grant the Apache user and group the necessary permissions to serve the files in the `/var/www/html` directory. ```shell chown -R apache.apache /var/www/html @@ -282,6 +300,34 @@ partial_name: setup-steps systemctl restart httpd.service ``` +20. Review the page and identify any additional packs you want + to add to your registry. You can also add additional packs after the installation is complete. + +You have now completed the preparation steps for an airgap installation. Check out the [Validate](#validate) section to +ensure the airgap setup process is completed successfully. After you validate the airgap setup process, +review the [Next Steps](#next-steps). + +:::warning + +Do not power off the RHEL VM. The RHEL VM is required for {props.edition} to function properly and must +remain available at all times. If for some reason the VM is powered off, power the VM back on and restart +the required services. + +Switch to `sudo` mode and restart the file server. + +```shell +sudo --login +systemctl restart httpd +``` + +Next, navigate to the **/opt/spectro/harbor** directory and issue the following command to restart the registry. + +```shell +docker compose up --detach +``` + +::: + ## Validate 1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to @@ -353,7 +399,7 @@ Complete all the Palette CLI steps outlined in the + + + + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1294-0.ova + ``` + + + - Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when - assigning its name and target location. For example, the final output should look like `r_u-2004-0-k-12610`. This - naming convention is required for the installation process to identify the OVA. Refer to the - [Supplement Packs](../../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS OVAs. + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1294-fips.ova + ``` + + + - You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the - [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) - guide for more information about deploying an OVA in vCenter. + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1294-0`. This + naming convention is required for the installation process to identify the OVA. Refer to the + [Supplement Packs](../../../airgap/supplemental-packs.md#additional-ovas) page for a list of additional OS OVAs. - :::warning + You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the + [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) + guide for more information about deploying an OVA in vCenter. - If you encounter an error message during the OVA deployment stating unable to retrieve manifest or certificate, - refer to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for guidance on how - to resolve the issue. + :::warning - ::: + If you encounter an error message during the OVA deployment stating unable to retrieve manifest or certificate, + refer to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for guidance on how + to resolve the issue. + + ::: 5. Next, deploy the airgap installation OVA by using the **Deploy OVF Template** wizard again in vSphere. Insert the Palette install OVA URL in the **URL** field. The URL is provided to you by your Palette support representative. diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md index 0eab54a002..68625d67b3 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/install.md @@ -182,7 +182,7 @@ Use the following steps to install Palette. | **Use Public Registry for Images** | Type `y` to use a public registry for images. Type `n` to a different registry for images. If you are using another registry for images, you will be prompted to enter the registry URL, base path, username, and password. Airgap users, select `n` so that you can specify the values for the OCI registry that contains all the required images. | When prompted to **Pull images from public registry**, type `n` and specify the OCI registry configuration values for - your image registry. If you are an airgap support VM, the CLI will automatically detect the airgap environment and prompt you to **Use local, air-gapped Image Registry?** Type `y` to use the local resources and skip filling in the OCI registry URL and credentials. + your image registry. If you are on an airgap support VM, the CLI will automatically detect the airgap environment and prompt you to **Use local, air-gapped Image Registry?** Type `y` to use the local resources and skip filling in the OCI registry URL and credentials. Refer to the table above for more information. :::info diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md index db3e660f2c..cf4b96d941 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/vmware-vsphere-airgap-instructions.md @@ -89,14 +89,28 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes distribution OVA required for the installation. - Consider the following example for reference. + Consider the following example for reference. - ```url - https://vmwaregoldenimage-console.s3.us-east-2.amazonaws.com/u-2204-0-k-12711-0.ova - ``` + + + + + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1294-0.ova + ``` + + + + + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1294-fips.ova + ``` + + + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when - assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-12711-0`. This + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1294-0`. This naming convention is required for the installation process to identify the OVA. Refer to the [Supplement Packs](../../../airgap/supplemental-packs.md) page for a list of additional OS OVAs. diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md index 682934ab11..bf208248b5 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/install.md @@ -223,7 +223,7 @@ Use the following steps to install Palette VerteX. | **Use Public Registry for Images** | Type `y` to use a public registry for images. Type `n` to a different registry for images. If you are using another registry for images, you will be prompted to enter the registry URL, base path, username, and password. Airgap users, select `n` so that you can specify the values for the OCI registry that contains all the required images. | When prompted to **Pull images from public registry**, type `n` and specify the OCI registry configuration values - for your image registry. If you are an + for your image registry. If you are on an [airgap support VM](./environment-setup/vmware-vsphere-airgap-instructions.md), the CLI will automatically detect the airgap environment and prompt you to **Use local, air-gapped Image Registry?**. Type `y` to use the local resources and skip filling in the OCI registry URL and credentials. Refer to the table above for more information.