From 8b2f19d900b8a01b2560841a38e0f2b03516e5e4 Mon Sep 17 00:00:00 2001 From: Adelina Simion <43963729+addetz@users.noreply.github.com> Date: Fri, 13 Dec 2024 21:24:36 +0000 Subject: [PATCH 1/4] docs: add kubernetes requirements to self-hosted, vertex and pcg DOC-1519 (#5056) * docs: add kubernetes requirements to self-hosted, vertex and pcg DOC-1519 * docs: add links to requirements in install guides --- .../_kubernetes_palette_versions.mdx | 22 + _partials/self-hosted/_setup-steps.mdx | 421 ++++++++++++++++++ .../clusters/pcg/deploy-pcg-k8s.md | 3 + docs/docs-content/clusters/pcg/pcg.md | 15 + .../airgap-install/install.md | 4 +- .../install-on-kubernetes/install.md | 4 +- .../environment-setup/env-setup-vm.md | 34 ++ .../vmware-vsphere-airgap-instructions.md | 3 +- .../install-on-vmware/install.md | 10 +- .../install-palette/install-palette.md | 8 + .../upgrade/upgrade-k8s/airgap.md | 4 + .../upgrade/upgrade-k8s/non-airgap.md | 4 + .../upgrade/upgrade-vmware/airgap.md | 4 + .../upgrade/upgrade-vmware/non-airgap.md | 3 + .../airgap-install/install.md | 4 +- .../install-on-kubernetes/install.md | 4 +- .../environment-setup/env-setup-vm-vertex.md | 34 ++ .../vmware-vsphere-airgap-instructions.md | 5 +- .../install-on-vmware/install.md | 10 +- .../install-palette-vertex.md | 8 + 20 files changed, 585 insertions(+), 19 deletions(-) create mode 100644 _partials/self-hosted/_kubernetes_palette_versions.mdx create mode 100644 _partials/self-hosted/_setup-steps.mdx create mode 100644 docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md create mode 100644 docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md diff --git a/_partials/self-hosted/_kubernetes_palette_versions.mdx b/_partials/self-hosted/_kubernetes_palette_versions.mdx new file mode 100644 index 0000000000..5c7794b1f6 --- /dev/null +++ b/_partials/self-hosted/_kubernetes_palette_versions.mdx @@ -0,0 +1,22 @@ +--- +partial_category: self-hosted +partial_name: kubernetes-palette-versions +--- + +| **Palette Version** | **Kubernetes Version** | **OVA Download URL** | **FIPS OVA Download URL** | +| ------------------- | ---------------------- | --------------------------------------------------------------------------- | ------------------------------------------------------------------------------ | +| 4.5.11 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | +| 4.5.10 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | +| 4.5.8 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | +| 4.5.5 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | +| 4.5.4 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | +| 4.5.3 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | +| 4.4.20 | 1.28.13 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12813-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-12813-fips.ova` | +| 4.4.18 | 1.28.13 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12813-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-12813-fips.ova` | +| 4.4.14 | 1.28.12 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12812-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-12812-fips.ova` | +| 4.4.11 | 1.28.11 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1289-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1289-fips.ova` | +| 4.4.6 | 1.28.9 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1289-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1289-fips.ova` | +| 4.3.6 | 1.27.11 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-12711-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-12711-fips.ova` | +| 4.2.13 | 1.26.10 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-12610-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-12610-fips.ova` | +| 4.2.7 | 1.26.10 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-12610-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-12610-fips.ova` | +| 4.1.12 | 1.26.8 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1268-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1268-fips.ova` | \ No newline at end of file diff --git a/_partials/self-hosted/_setup-steps.mdx b/_partials/self-hosted/_setup-steps.mdx new file mode 100644 index 0000000000..5387c5a3d9 --- /dev/null +++ b/_partials/self-hosted/_setup-steps.mdx @@ -0,0 +1,421 @@ +--- +partial_category: self-hosted +partial_name: setup-steps +--- + +## Prerequisites + +- An RHEL airgap VM deployed in your VMware vSphere. The VM must be registered with + [Red Hat](https://access.redhat.com/solutions/253273) and have ports `80` and `443` available. This guide uses RHEL + version `9.4` as an example. + +- The RHEL VM must have a Fully Qualified Domain Name (FQDN) that is DNS resolvable and must be accessible via SSH. + +- The RHEL VM must have Podman installed. + +- An HTTP file server installed within the RHEL VM to host the {props.edition} files. The file server must serve files from the + `/var/www/html` directory and have SSL support enabled. Below is a list of common file servers. This guide uses Apache + as an example. + + - [Apache HTTP Server](https://httpd.apache.org/) + + - [Nginx](https://www.nginx.com/) + + - [Caddy](https://caddyserver.com/) + + :::warning + + Take the necessary steps to secure your file server and ensure it can automatically recover from failure. The file + server is a critical component of the airgap installation and must be available post-install for {props.edition} to function + properly. + + ::: + +- Review the required vSphere and ensure you have + created the proper custom roles and zone tags. Zone tagging enables dynamic storage allocation across fault domains + when provisioning workloads that require persistent storage. Refer to for information. + +- The following artifacts must be available in the root home directory of the RHEL airgap VM. You can download the files + in a system with internet access and then transfer them to your airgap environment. Contact your {props.edition} support + representative to obtain the latest version of each artifact. + - RHEL airgap appliance binary. + - {props.edition} airgap installation binary. + +## Prepare for Airgap Installation + +1. Log in to your vCenter environment. + +2. Create a vSphere template folder named `spectro-templates`. Ensure you can access this folder with the user account + you plan to use when deploying the {props.edition} installation. + +3. Right-click on your cluster or resource group and select **Deploy OVF Template**. + +4. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes + distribution OVA required for the {props.edition} nodes creation. Refer to the + section to learn if the version of + {props.edition} you are installing requires a new OS and Kubernetes OVA. + + {props.requirementsURL} + + + + + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1294-0.ova + ``` + + + + + ```url + https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1294-fips.ova + ``` + + + + + Place the OVA in the **spectro-templates** folder. Append the `r_` prefix, and remove the `.ova` suffix when + assigning its name and target location. For example, the final output should look like `r_u-2204-0-k-1294-0`. This + naming convention is required for the installation process to identify the OVA. Refer to the + page for a list of additional OS and + Kubernetes OVAs. + + You can terminate the deployment after the OVA is available in the `spectro-templates` folder. Refer to the + [Deploy an OVF or OVA Template](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-AFEDC48B-C96F-4088-9C1F-4F0A30E965DE.html) + guide for more information about deploying an OVA in vCenter. + + :::warning + + If you encounter an error message during the OVA deployment stating that vCenter is unable to retrieve a manifest or + certificate, refer to this [known issue](https://kb.vmware.com/s/article/79986) from VMware's knowledge base for + guidance on how to resolve the issue. + + ::: + +5. Open a terminal window and SSH into the RHEL airgap VM as a root user with the command below. Replace + `/path/to/private_key` with the path to your private SSH key, `docs` with the username, and `palette.example.com` + with the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +6. Switch to the `root` user account to complete the remaining steps. + + ```shell + sudo --login + ``` + +7. Set the VM timezone to Coordinated Universal Time (UTC). + + ```shell + timedatectl set-timezone UTC + ``` + +8. Ensure that ports `80` and `443` are not in use by your file server, as these ports will be used by the Harbor + registry that will be installed later. + + Open the `/etc/httpd/conf.d/ssl.conf` file and make the following changes: + + - Replace the line `Listen 443 https` with `Listen 8443 https`. + - Replace the line `` with ``. + + Save and exit the file. + +9. Next, open the `/etc/httpd/conf/httpd.conf` file and replace the line `Listen 80` with `Listen 8080`. Save and exit + the file. + +10. Restart the Apache HTTP server to apply the configuration changes. + + ```shell + systemctl restart httpd.service + ``` + +11. Allow TCP traffic on ports `80`, `8080`, `443`, and `8443`, then reload the firewall. + + ```shell + firewall-cmd --permanent --add-port=80/tcp + firewall-cmd --permanent --add-port=8080/tcp + firewall-cmd --permanent --add-port=443/tcp + firewall-cmd --permanent --add-port=8443/tcp + firewall-cmd --reload + ``` + + The output displays a success message. + + ```text hideClipboard + success + ``` + +12. Set the `AIRGAP_BUILD` variable as `true`. This is required for the RHEL airgap appliance binary. + + ```shell + export AIRGAP_BUILD=true + ``` + +13. Start the RHEL airgap appliance binary, which installs the tools and configures the manifests that are required to + set up the Harbor registry and push images. Replace `` with the version of the binary received from the support team. + + ```shell + chmod +x ./airgap-appliance--rhel-podman.bin && ./airgap-appliance--rhel-podman.bin + ``` + + Consider the following example for reference. + + ```shell + chmod +x ./airgap-appliance-v4.4.2-rhel-podman.bin && ./airgap-appliance-v4.4.2-rhel-podman.bin + ``` + + ```text hideClipboard + Verifying archive integrity... 100% MD5 checksums are OK. All good. + Uncompressing Airgap Appliance Setup - 4.4.2 100% + Setting up directories and certs + warning: /opt/spectro/pwgen-2.08-3.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 2f86d6a1: NOKEY + Verifying... ################################# [100%] + Preparing... ################################# [100%] + Updating / installing... + 1:pwgen-2.08-3.el8 ################################# [100%] + Skipping setting up Nginx and Podman for airgap + Installing Podman + Setting up Harbor + Setting up oras and jq + Setting up Manifests + Cleaning up setup files + Reboot the system for selinux changes to take effect + ``` + +14. Reboot your RHEL VM to apply the changes. + + ```shell + reboot + ``` + + + Your SSH connection will be terminated. + +15. Start a new SSH session and switch to `sudo` mode before proceeding. + + ```shell + sudo --login + ``` + +16. Issue the following command to configure the Harbor registry. Replace `palette.example.com` with the FQDN of the + RHEL airgap VM. The script will generate a self-signed certificate for the value you provide. + + ```shell + /bin/airgap-setup.sh palette.example.com + ``` + + The script output should look similar to the example below. It contains the credentials and values you will need when + completing the installation with the Palette CLI. If you need to review this information in the future, invoke the + script again. + + ```text hideClipboard + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + ``` + +17. Update the SSL certificate file and key in the **httpd** service. + + :::warning + + You can skip this step if you do not plan to use the local Spectro Cloud Artifact Repository (SCAR) during the + [{props.edition} installation](#next-steps) process. + + ::: + + Open the `/etc/httpd/conf.d/ssl.conf` file and add the path to the certificate and key generated in step **15** of + this guide: + + - Replace the line `SSLCertificateFile /etc/pki/tls/certs/localhost.crt` with + `SSLCertificateFile /opt/spectro/ssl/server.crt`. + - Replace the line `SSLCertificateKeyFile /etc/pki/tls/private/localhost.key` with + `SSLCertificateKeyFile /opt/spectro/ssl/server.key`. + + Save and exit the file. Next, restart the HTTP server to apply the changes. + + ```shell + systemctl restart httpd.service + ``` + +18. Start the {props.edition} installation binary, which uploads release-specific {props.edition} images and packs to the Harbor registry. Replace `` with the version of the binary received from the support team. + + ```shell + chmod +x airgap-.bin && ./airgap-.bin + ``` + + Consider the following example for reference. + + ```shell + chmod +x airgap-4-4-14.bin && ./airgap-4-4-14.bin + ``` + + This step may take some time to complete. A `Setup Completed` message confirms it is finished. + + ```text hideClipboard {8} + Verifying archive integrity... 100% MD5 checksums are OK. All good. + Uncompressing Airgap Setup - Version 4.4.14 100% + Setting up CLI + Setting up Manifests + Setting up Packs + ... + + Setup Completed + ``` + +19. Grant the Apache user and group the necessary permissions to serve the files in the `/var/www/html` directory. + + ```shell + chown -R apache.apache /var/www/html + ``` + + Restart the HTTP server to apply the changes. + + ```shell + systemctl restart httpd.service + ``` + +20. Review the page and identify any additional packs you want + to add to your registry. You can also add additional packs after the installation is complete. + +You have now completed the preparation steps for an airgap installation. Check out the [Validate](#validate) section to +ensure the airgap setup process is completed successfully. After you validate the airgap setup process, +review the [Next Steps](#next-steps). + +:::warning + +Do not power off the RHEL VM. The RHEL VM is required for {props.edition} to function properly and must +remain available at all times. If for some reason the VM is powered off, power the VM back on and restart +the required services. + +Switch to `sudo` mode and restart the file server. + +```shell +sudo --login +systemctl restart httpd +``` + +Next, navigate to the **/opt/spectro/harbor** directory and issue the following command to restart the registry. + +```shell +docker compose up --detach +``` + +::: + +## Validate + +1. SSH into the RHEL airgap VM as a root user with the command below. Replace `/path/to/private_key` with the path to + the private SSH key, `docs` with the username, and `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + ssh -i /path/to/private_key docs@palette.example.com + ``` + +2. Switch to the `root` user account. + + ```shell + sudo --login + ``` + +3. Issue the following command to validate that you have successfully completed the airgap setup process. Replace + `palette.example.com` with the FQDN of the RHEL airgap VM. + + ```shell + bin/airgap-setup.sh palette.example.com + ``` + + The output must include the registry location and credentials, which must be accessible from within your + environment. + + ```shell hideClipboard + Setting up SSL Certs + /opt/spectro/functions.sh: line 118: /etc/nginx/.htpasswd: No such file or directory + chmod: cannot access '/etc/nginx/.htpasswd': No such file or directory + mkdir: cannot create directory ‘/etc/nginx/ssl’: No such file or directory + cp: target '/etc/nginx/ssl' is not a directory + Setting up Harbor + setenforce is /usr/sbin/setenforce + Setup Completed + + Details: + ------- + Spectro Cloud Repository + Location: https://palette.example.com:8443 + UserName: spectro + Password: ************** + CA certificate filepath: /opt/spectro/ssl/server.crt + + Pack OCI Registry + Endpoint: https://palette.example.com + Base Content Path: spectro-packs + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + + Image OCI Registry + Endpoint: https://palette.example.comv + Base Content Path: spectro-images + CA certificate Filepath: /opt/spectro/ssl/server.crt + Username: admin + Password: ************** + ``` + +## Next Steps + +You are now ready to deploy {props.edition} in an airgapped environment with the Palette CLI. As a root user, issue the Palette CLI +command below to start the installation. + + ```shell + palette ec install + ``` + +Complete all the Palette CLI steps outlined in the guide from the RHEL VM. + +:::info + +The following table maps the airgap script output values to their respective Palette CLI prompts and example values. The +example values are for reference only. + +| Output Value | Palette CLI Prompt | Example Value | +| ------------------------------------- | ------------------------------------ | ------------------------------------------------------ | +| **Spectro Cloud Repository Location** | **SCAR Location** | `https://palette.example.com:8443` | +| **CA certificate filepath** | **SCAR CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **OCI Registry** | **Registry Type** | `OCI` | +| **Pack OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | +| **Image OCI Registry** | **Registry Endpoint** | `https://palette.example.com` | +| **CA certificate Filepath** | **Registry CA certificate filepath** | `/opt/spectro/ssl/server.crt` | + +When prompted for **Allow Insecure Connection (Bypass x509 Verification)?**, enter `n` to continue and specify the +server certificate file path from the script output. + +::: \ No newline at end of file diff --git a/docs/docs-content/clusters/pcg/deploy-pcg-k8s.md b/docs/docs-content/clusters/pcg/deploy-pcg-k8s.md index 58ed3264b1..4d419c8e06 100644 --- a/docs/docs-content/clusters/pcg/deploy-pcg-k8s.md +++ b/docs/docs-content/clusters/pcg/deploy-pcg-k8s.md @@ -71,6 +71,9 @@ development and testing environments. to the [PCG Sizing](#pcg-sizing) section for more information. - A Container Network Interface plugin installed. - A Container Storage Interface plugin installed. + - The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your PCG version. Refer to + the [Kubernetes Requirements](./pcg.md#kubernetes-requirements) section to find the version required for your + Palette installation - PCG IP address requirements: diff --git a/docs/docs-content/clusters/pcg/pcg.md b/docs/docs-content/clusters/pcg/pcg.md index fa38b78ce7..0c67387d30 100644 --- a/docs/docs-content/clusters/pcg/pcg.md +++ b/docs/docs-content/clusters/pcg/pcg.md @@ -31,6 +31,21 @@ existing Kubernetes cluster. Refer to the table below to learn more about the su | VMware vSphere | ✅ | The PCG is deployed into a VMware vSphere environment. | [Deploy to VMware vSphere](./deploy-pcg/vmware.md) | | Other | ❌ | The PCG cluster is deployed into an existing Kubernetes cluster that is not managed by Palette. | [Deploy a PCG to an Existing Kubernetes Cluster](./deploy-pcg-k8s.md) | +## Kubernetes Requirements + +The following table presents the Kubernetes version corresponding to each Palette version. It provides the download URLs +for the Operating System and Kubernetes distribution OVA required for the PCG install. Ensure that you use FIPS OVA URL +if you require a compliant installation. + +:::warning + +The versions included in the following table apply for PCG installs on VMware vSphere and MAAS. The Kubernetes version +for OpenStack is 1.24.10 on all the Palette versions included below. + +::: + + + ## Resources - [Architecture](./architecture.md) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/airgap-install/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/airgap-install/install.md index fe0f397a0f..2fce2f8fc5 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/airgap-install/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/airgap-install/install.md @@ -34,7 +34,9 @@ Complete the [Environment Setup](./kubernetes-airgap-instructions.md) steps befo - Ensure `unzip` or a similar extraction utility is installed on your system. -- The Kubernetes cluster must be set up on a supported version of Kubernetes, which includes versions v1.25 to v1.27. +- The Kubernetes cluster must be set up on a supported version of Kubernetes. Refer to the + [Kubernetes Requirements](../../install-palette.md#kubernetes-requirements) section to find the version required for + your Palette installation. - Ensure the Kubernetes cluster does not have Cert Manager installed. Palette requires a unique Cert Manager configuration to be installed as part of the installation process. If Cert Manager is already installed, you must diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/install.md index 6379e814dd..0364d73b58 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-kubernetes/install.md @@ -23,7 +23,9 @@ You can use the Palette Helm Chart to install Palette in a multi-node Kubernetes - Ensure `unzip` or a similar extraction utility is installed on your system. -- The Kubernetes cluster must be set up on a supported version of Kubernetes, which includes versions v1.25 to v1.27. +- The Kubernetes cluster must be set up on a supported version of Kubernetes. Refer to the + [Kubernetes Requirements](../install-palette.md#kubernetes-requirements) section to find the version required for your + Palette installation. - Ensure the Kubernetes cluster does not have Cert Manager installed. Palette requires a unique Cert Manager configuration to be installed as part of the installation process. If Cert Manager is already installed, you must diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md new file mode 100644 index 0000000000..4583907ca2 --- /dev/null +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/environment-setup/env-setup-vm.md @@ -0,0 +1,34 @@ +--- +sidebar_label: "Environment Setup with RHEL" +title: "Environment Setup with an Existing RHEL VM" +description: "Learn how to prepare your airgap environment for Palette installation using an existing RHEL VM" +icon: "" +hide_table_of_contents: false +sidebar_position: 30 +tags: ["self-hosted", "enterprise", "airgap", "vmware", "vsphere", "rhel"] +keywords: ["self-hosted", "enterprise"] +--- + +This guide helps you prepare your VMware vSphere airgap environment for Palette installation using an existing Red Hat +Enterprise Linux (RHEL) VM. + +You will learn how to execute an appliance binary in your VM that installs the necessary tools to deploy an OCI registry +for hosting Palette images and assists in starting the Palette installation. + +:::info + +This guide is for preparing your airgap environment only. For instructions on installing Palette on VMware, refer to the +[Install Palette](../install.md) guide. + +::: + +## Limitations + +- Currently, `9.4` is the only supported RHEL version. + + diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index cfa87cd581..b5880430a5 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -364,7 +364,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 23. Right-click on your cluster or resource group and select **Deploy OVF Template**. 24. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes - distribution OVA required for the installation. Contact your support representative to learn if the version of + distribution OVA required for the installation. Refer to the + [Kubernetes Requirements](../../../install-palette.md#kubernetes-requirements) section to learn if the version of Palette you are installing requires a new OS and Kubernetes OVA. Consider the following example for reference. diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md index f95c92d111..6a548c478c 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md @@ -98,12 +98,10 @@ Use the following steps to install Palette. 2. Create a vSphere VM and Template folder with the name `spectro-templates`. Ensure this folder is accessible by the user account you will use to deploy the Palette installation. -3. Use the URL below to import the Operating System and Kubernetes distribution OVA required for the install. Place the - OVA in the `spectro-templates` folder. - - ```url - https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12813-0.ova - ``` +3. Find the OVA download URL corresponding to your Palette version in the + [Kubernetes Requirements](../install-palette.md#kubernetes-requirements) section. Use the identified URL to import + the Operating System and Kubernetes distribution OVA required for the install. Place the OVA in the + `spectro-templates` folder. 4. Append an `r_` prefix to the OVA name and remove the `.ova` suffix after the import. For example, the final output should look like `r_u-2204-0-k-12813-0`. This naming convention is required for the install process to identify the diff --git a/docs/docs-content/enterprise-version/install-palette/install-palette.md b/docs/docs-content/enterprise-version/install-palette/install-palette.md index 9eb7de1032..10d3a49a7c 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-palette.md +++ b/docs/docs-content/enterprise-version/install-palette/install-palette.md @@ -62,6 +62,14 @@ active nodes and pods at any given time. | Medium (Recommended) | Up to 3000 Nodes each with 30 Pods (90,000 Pods) | | Large | Up to 5000 Nodes each with 30 Pods (150,000 Pods) | +## Kubernetes Requirements + +The following table presents the Kubernetes version corresponding to each Palette version. It provides the download URLs +for the Operating System and Kubernetes distribution OVA required for the install. Ensure that you use FIPS OVA URL if +you require a compliant installation. + + + ## Proxy Requirements diff --git a/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/airgap.md b/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/airgap.md index 82aaa58353..7efa6cbe45 100644 --- a/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/airgap.md +++ b/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/airgap.md @@ -45,6 +45,10 @@ Palette upgrade. - Access to the latest Palette Helm Chart. Refer to [Access Palette](/enterprise-version/#access-palette) for more details. +- The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your upgraded version. Refer to + the [Kubernetes Requirements](../../install-palette/install-palette.md#kubernetes-requirements) section to find the + version required for your Palette installation. + ## Upgrade 1. Log in to the Linux environment from which you can access your self-hosted airgap Palette instance. diff --git a/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/non-airgap.md b/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/non-airgap.md index 7df02a932e..0948a2605f 100644 --- a/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/non-airgap.md +++ b/docs/docs-content/enterprise-version/upgrade/upgrade-k8s/non-airgap.md @@ -36,6 +36,10 @@ Palette upgrade. - Access to the latest Palette Helm Chart. Refer to [Access Palette](/enterprise-version/#access-palette) for more details. +- The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your upgraded version. Refer to + the [Kubernetes Requirements](../../install-palette/install-palette.md#kubernetes-requirements) section to find the + version required for your Palette installation. + ## Upgrade :::info diff --git a/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/airgap.md b/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/airgap.md index e24f23eada..84090087f0 100644 --- a/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/airgap.md +++ b/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/airgap.md @@ -38,6 +38,10 @@ Palette upgrade. - A diff or text comparison tool of your choice. +- The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your upgraded version. Refer to + the [Kubernetes Requirements](../../install-palette/install-palette.md#kubernetes-requirements) section to find the + version required for your Palette installation. + ## Upgrade :::info diff --git a/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/non-airgap.md b/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/non-airgap.md index 3f7c70e2a2..141bfd044b 100644 --- a/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/non-airgap.md +++ b/docs/docs-content/enterprise-version/upgrade/upgrade-vmware/non-airgap.md @@ -28,6 +28,9 @@ Palette upgrade. - Access to the Palette system console. - A diff or text comparison tool of your choice. +- The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your upgraded version. Refer to + the [Kubernetes Requirements](../../install-palette/install-palette.md#kubernetes-requirements) section to find the + version required for your Palette installation. ## Upgrade diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/airgap-install/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/airgap-install/install.md index 2367bbbc91..a0a56906aa 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/airgap-install/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/airgap-install/install.md @@ -34,7 +34,9 @@ Complete the [Environment Setup](./kubernetes-airgap-instructions.md) steps befo - Ensure `unzip` or a similar extraction utility is installed on your system. -- The Kubernetes cluster must be set up on a supported version of Kubernetes, which includes versions v1.25 to v1.27. +- The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your upgraded version. Refer to + the [Kubernetes Requirements](../../install-palette-vertex.md#kubernetes-requirements) section to find the version + required for your Palette installation. - Ensure the Kubernetes cluster does not have Cert Manager installed. VerteX requires a unique Cert Manager configuration to be installed as part of the installation process. If Cert Manager is already installed, you must diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md index 25b57d3e44..c3aac32825 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md @@ -28,7 +28,9 @@ has the necessary network connectivity for VerteX to operate successfully. - Ensure `unzip` or a similar extraction utility is installed on your system. -- The Kubernetes cluster must be set up on a supported version of Kubernetes, which includes versions v1.25 to v1.27. +- The Kubernetes cluster must be set up on a version of Kubernetes that is compatible to your upgraded version. Refer to + the [Kubernetes Requirements](../install-palette-vertex.md#kubernetes-requirements) section to find the version + required for your Palette installation. - Ensure the Kubernetes cluster does not have Cert Manager installed. VerteX requires a unique Cert Manager configuration to be installed as part of the installation process. If Cert Manager is already installed, you must diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md new file mode 100644 index 0000000000..86cee85649 --- /dev/null +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/environment-setup/env-setup-vm-vertex.md @@ -0,0 +1,34 @@ +--- +sidebar_label: "Environment Setup with RHEL" +title: "Environment Setup with an Existing RHEL VM" +description: "Learn how to prepare your airgap environment for VerteX installation using an existing RHEL VM" +icon: "" +hide_table_of_contents: false +sidebar_position: 35 +tags: ["self-hosted", "vertex", "airgap", "vmware", "vsphere", "rhel"] +keywords: ["self-hosted", "vertex"] +--- + +This guide helps you prepare your VMware vSphere airgap environment for VerteX installation using an existing Red Hat +Enterprise Linux (RHEL) VM. + +You will learn how to execute an appliance binary in your VM that installs the necessary tools to deploy an OCI registry +for hosting VerteX images and assists in starting the VerteX installation. + +:::info + +This guide is for preparing your airgap environment only. For instructions on installing VerteX on VMware, refer to the +[Install VerteX](../install.md) guide. + +::: + +## Limitations + +- Currently, `9.4` is the only supported RHEL version. + + diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index ea0e7e271e..dc839bd919 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -370,8 +370,9 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 23. Next, right-click on your cluster or resource group and select **Deploy OVF Template**. 24. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes - distribution OVA required for the installation. Contact your support representative to learn if the version of - VerteX you are installing requires a new OS and Kubernetes OVA. + distribution OVA required for the installation. Refer to the + [Kubernetes Requirements](../../../install-palette-vertex.md#kubernetes-requirements) section to learn if the + version of Palette you are installing requires a new OS and Kubernetes OVA. Consider the following example for reference. diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md index c7d5e26591..ed0739782d 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/install.md @@ -101,15 +101,13 @@ Use the following steps to install Palette VerteX. 2. Create a vSphere VM and Template folder with the name `spectro-templates`. Ensure this folder is accessible by the user account you will use to deploy the VerteX installation. -3. Use the URL below to import the Operating System and Kubernetes distribution OVA required for the install. Place the - OVA in the `spectro-templates` folder. Refer to the +3. Find the OVA download URL corresponding to your Palette VerteX version in the + [Kubernetes Requirements](../install-palette-vertex.md#kubernetes-requirements) section. Use the identified URL to + import the Operating System and Kubernetes distribution OVA required for the install. Place the OVA in the + `spectro-templates` folder. Refer to the [Import Items to a Content Library](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vm-administration/GUID-B413FBAE-8FCB-4598-A3C2-8B6DDA772D5C.html?hWord=N4IghgNiBcIJYFsAOB7ATgFwAQYKbIjDwGcQBfIA) guide for information about importing an OVA in vCenter. - ```url - https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12813-0.ova - ``` - 4. Append an `r_` prefix to the OVA name and remove the `.ova` suffix after the import. For example, the final output should look like `r_u-2204-0-k-12813-0`. This naming convention is required for the install process to identify the OVA. Refer to the [Supplement Packs](../airgap/supplemental-packs.md#additional-ovas) page for a list of additional diff --git a/docs/docs-content/vertex/install-palette-vertex/install-palette-vertex.md b/docs/docs-content/vertex/install-palette-vertex/install-palette-vertex.md index e37319fc6e..6db2f0e457 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-palette-vertex.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-palette-vertex.md @@ -64,6 +64,14 @@ number of active nodes and pods at any given time.
+## Kubernetes Requirements + +The following table presents the Kubernetes version corresponding to each Palette version. It provides the download URLs +for the Operating System and Kubernetes distribution OVA required for the install. Ensure that you use FIPS OVA URL if +you require a compliant installation. + + + ## Proxy Requirements From a89f3fbff664356196e2afde3df22e5b3a912662 Mon Sep 17 00:00:00 2001 From: Lenny Chen Date: Fri, 13 Dec 2024 13:46:02 -0800 Subject: [PATCH 2/4] docs: add missing partial edit --- .../self-hosted/_kubernetes_palette_versions.mdx | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/_partials/self-hosted/_kubernetes_palette_versions.mdx b/_partials/self-hosted/_kubernetes_palette_versions.mdx index 5c7794b1f6..a31d157159 100644 --- a/_partials/self-hosted/_kubernetes_palette_versions.mdx +++ b/_partials/self-hosted/_kubernetes_palette_versions.mdx @@ -5,18 +5,6 @@ partial_name: kubernetes-palette-versions | **Palette Version** | **Kubernetes Version** | **OVA Download URL** | **FIPS OVA Download URL** | | ------------------- | ---------------------- | --------------------------------------------------------------------------- | ------------------------------------------------------------------------------ | -| 4.5.11 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | -| 4.5.10 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | -| 4.5.8 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | -| 4.5.5 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | -| 4.5.4 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | -| 4.5.3 | 1.29.9 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-1299-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-1299-fips.ova` | -| 4.4.20 | 1.28.13 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12813-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-12813-fips.ova` | -| 4.4.18 | 1.28.13 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12813-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-12813-fips.ova` | -| 4.4.14 | 1.28.12 | `https://vmwaregoldenimage.s3.amazonaws.com/u-2204-0-k-12812-0.ova` | `https://vmwaregoldenimage.s3.amazonaws.com/u-2004-0-k-12812-fips.ova` | -| 4.4.11 | 1.28.11 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1289-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1289-fips.ova` | -| 4.4.6 | 1.28.9 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1289-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1289-fips.ova` | -| 4.3.6 | 1.27.11 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-12711-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-12711-fips.ova` | | 4.2.13 | 1.26.10 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-12610-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-12610-fips.ova` | | 4.2.7 | 1.26.10 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-12610-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-12610-fips.ova` | | 4.1.12 | 1.26.8 | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2204-0-k-1268-0.ova` | `https://vmwaregoldenimage-console.s3.amazonaws.com/u-2004-0-k-1268-fips.ova` | \ No newline at end of file From 0510bbbb59bd1bce83d98d66a85ef85c4991261c Mon Sep 17 00:00:00 2001 From: Lenny Chen Date: Fri, 13 Dec 2024 13:57:32 -0800 Subject: [PATCH 3/4] docs: fix broken link --- .../airgap-install/vmware-vsphere-airgap-instructions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index dc839bd919..03b67627a7 100644 --- a/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -371,8 +371,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 24. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes distribution OVA required for the installation. Refer to the - [Kubernetes Requirements](../../../install-palette-vertex.md#kubernetes-requirements) section to learn if the - version of Palette you are installing requires a new OS and Kubernetes OVA. + [Kubernetes Requirements](../../../install-palette-vertex/install-palette-vertex.md#kubernetes-requirements) section + to learn if the version of Palette you are installing requires a new OS and Kubernetes OVA. Consider the following example for reference. From 27978cc683be939e3759725efc96422635129f7a Mon Sep 17 00:00:00 2001 From: Lenny Chen Date: Fri, 13 Dec 2024 14:33:15 -0800 Subject: [PATCH 4/4] docs: fix broken link --- .../airgap-install/vmware-vsphere-airgap-instructions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md index b5880430a5..75f7f4edad 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/airgap-install/vmware-vsphere-airgap-instructions.md @@ -365,8 +365,8 @@ The default container runtime for OVAs is [Podman](https://podman.io/), not Dock 24. In the **Deploy OVF Template** wizard, enter the following URL to import the Operating System (OS) and Kubernetes distribution OVA required for the installation. Refer to the - [Kubernetes Requirements](../../../install-palette.md#kubernetes-requirements) section to learn if the version of - Palette you are installing requires a new OS and Kubernetes OVA. + [Kubernetes Requirements](../../../install-palette/install-palette.md#kubernetes-requirements) section to learn if + the version of Palette you are installing requires a new OS and Kubernetes OVA. Consider the following example for reference.