Skip to content

KOP Airgap - Installation

The overall installation process abstracts and dramatically simplifies the deployment of a relatively complex technology stack into just a few steps.


Please ensure that you have properly configured and tested the required resources (nodes, storage, networking, security etc) as per the requirements.

Step 1: Download Installer

  • Download the latest version of the installer using the download link provided by the support team.
  • Verify the package using either the md5 or sha256 checksum provided by the support team.
  • From your home directory, untar the package using the command below
tar -xf rafay-controller-x.x.x.tar.gz
  • Copy the controller's installer "radm" utility CLI tool to the system path directory
sudo mv ./radm /usr/bin/

Step 2: Edit Config File

In this step, you will customize and personalize the configuration YAML file for your air-gapped controller.

  • Copy the "config.yaml" file
cp -rp config.yaml-tmpl config.yaml
vi config.yaml
  • Customize the "config.yaml" file
Item Description Name for the controller
spec.networking.interface Interface for controller traffic (optional)
spec.deployment.ha True if controller is more than 1 node setup.
spec.repo..path. Path of the tar location. Generates and uses self signed certs for incoming controller traffic if set to true base64 encoding of the certificate (required if generate-self-signed-cert set to false) base64 encoding of the private key (required if generate-self-signed-cert set to false) Display logo for white labeling and branding (optional) Wild card DNS domain to use for the controller Toggle to host internal DNS server if DNS is not available in env
spec.override-config.localprovisioner.basePath Path where persistent volumes are created
spec.override-config.core-registry-path path where registry images are stored
spec.override-config.etcd-path path where etcd data is saved True, if external LB is used for SSL offloading Toggle if using IAM role for controller instance* AWS credentials

Step 3: Provision Infrastructure

In this step, you will deploy the baseline infrastructure services layer (Kubernetes, Docker, Storage, etc).

Start provisioning the controller infrastructure using the command shown below. The "radm" CLI utility accepts the config.yaml file as input and automatically provisions the required infrastructure.

sudo radm init --config config.yaml

It may take up to ~5 minutes for this step to complete. Once it is done, copy the kubeconfig file to home directory to access the API server using KubeCTL CLI.

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) -R $HOME/.kube

Verify that you are able to perform kubectl operations to the cluster by issuing the following command

$ kubectl get nodes
NAME                                STATUS   ROLES    AGE   VERSION
airgap-nonha-controller             Ready    master   17m   v1.18.6

Step 4: Install Software Dependencies

In this step, you will install the software dependencies that are required by the controller. The "radm" CLI utility accepts the config.yaml as input and automatically installs all the required software dependencies.

sudo radm dependency --config config.yaml

It may take up to ~15 minutes for this step to complete.

Verify all pods are in running state before proceeding to the next step

$ kubectl get pod -A |grep -v Running

Step 5: Install the Controller

In the previous steps, you provisioned the required infrastructure and installed software dependencies. In this step, you will install the controller software.

Run the following command. This will install and bring up all the required micro-services for the controller application. Note that this command can take ~10 minutes to finish.

sudo radm application --config config.yaml

Once the installation process is completed, wait for all pods to be in "Running" state. This may take another ~5-10 minutes

$ kubectl get pod -A |grep -v Running

After this point you have the operational air-gapped controller

Step 6: Access Controller Console

Try accessing the air-gapped controller's console URL on the configured domain: "https://console.<your_dns_domain>". You should see a page similar to the illustrative example shown below.

Air Gap Controller UI

Signup for an organization (tenant) in the air gapped controller

Air Gap Controller Org Signup

Now you should be able to login to your organization on the air-gapped controller with the email and password above

Step 7: Upload Cluster Dependencies

The air-gapped controller is specifically designed to be operated in environments where there is "no connectivity to the Internet". As the result, administrators are required to upload critical software dependencies, packages, binaries and docker images to the registry on the air-gapped controller. This will ensure that the managed downstream clusters only have to reach out to the air-gapped controller for required softwares and docker images during provisioning and update.

Run the following command to upload all the pre-packaged software dependencies, binaries and docker images to the registry on the air-gapped controller. It may take ~15-20 minutes for the upload to complete

sudo radm cluster --config config.yaml

After this step is completed successfully, you can start deploying your first Kubernetes cluster in your organization through the air-gapped controller.