Skip to content

Commit

Permalink
docs: added Documentation for Air-Gapped Installation (#5360)
Browse files Browse the repository at this point in the history
* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>
Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>
  • Loading branch information
3 people authored Aug 23, 2024
1 parent 16d01d6 commit d816dee
Show file tree
Hide file tree
Showing 3 changed files with 285 additions and 0 deletions.
39 changes: 39 additions & 0 deletions devtron-images.txt.source
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
quay.io/devtron/image-scanner:137872c2-141-23848
quay.io/devtron/inception:473deaa4-185-21582
quay.io/devtron/hyperion:291c4c75-280-23860
public.ecr.aws/docker/library/redis:7.0.5-alpine
quay.io/argoproj/argocd:v2.5.2
quay.io/argoproj/workflow-controller:v3.4.3
quay.io/devtron/authenticator:e414faff-393-13273
quay.io/devtron/bats:v1.4.1
quay.io/devtron/busybox:1.31.1
quay.io/devtron/chart-sync:5a1d0301-150-23845
quay.io/devtron/curl:7.73.0
quay.io/devtron/dashboard:5f95d187-690-23841
quay.io/devtron/devtron-utils:dup-chart-repo-v1.1.0
quay.io/devtron/devtron:291c4c75-434-23853
quay.io/devtron/ci-runner:48aca9f4-138-23844
quay.io/devtron/dex:v2.30.2
quay.io/devtron/git-sensor:86e13283-200-23847
quay.io/devtron/grafana:7.3.1
quay.io/devtron/k8s-sidecar:1.1.0
quay.io/devtron/k8s-utils:tutum-curl
quay.io/devtron/kubectl:latest
quay.io/devtron/kubelink:0dee6306-564-23843
quay.io/devtron/kubewatch:850b40d5-419-23840
quay.io/devtron/lens:56211042-333-23839
quay.io/devtron/migrator:v4.16.2
quay.io/devtron/nats-box
quay.io/devtron/nats-server-config-reloader:0.6.2
quay.io/devtron/nats:2.9.3-alpine
quay.io/devtron/notifier:9639b1ab-372-23850
quay.io/devtron/postgres:11.9
quay.io/devtron/postgres_exporter:v0.10.1
quay.io/devtron/prometheus-nats-exporter:0.9.0
quay.io/devtron/minio:RELEASE.2021-02-14T04-01-33Z
quay.io/devtron/clair:4.3.6
quay.io/devtron/postgres:11.9.0-debian-10-r26
quay.io/devtron/postgres_exporter:v0.4.7
quay.io/devtron/minio-mc:RELEASE.2021-02-14T04-28-06Z
quay.io/devtron/minideb:latest

1 change: 1 addition & 0 deletions docs/SUMMARY.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
* [Install Devtron with CI/CD and GitOps (Argo CD)](setup/install/install-devtron-with-cicd-with-gitops.md)
* [Install Devtron without Integrations](setup/install/install-devtron.md)
* [Install Devtron on Minikube, Microk8s, K3s, Kind, Cloud VMs](setup/install/Install-devtron-on-Minikube-Microk8s-K3s-Kind.md)
* [Install Devtron on Airgapped Environment](setup/install/install-devtron-in-airgapped-environment.md)
* [Demo on Popular Cloud Providers](setup/install/demo-tutorials.md)
* [Backup for Disaster Recovery](setup/install/devtron-backup.md)
* [Uninstall Devtron](setup/install/uninstall-devtron.md)
Expand Down
245 changes: 245 additions & 0 deletions docs/setup/install/install-devtron-in-airgapped-environment.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,245 @@
# Devtron Installation in an Airgapped Environment

## Introduction

In certain scenarios, you may need to deploy Devtron to a Kubernetes cluster that isn’t connected to the internet. Such air-gapped environments are used for various reasons, particularly in industries with strict regulatory requirements like healthcare, banking, and finance. This is because air-gapped environments aren't exposed to the public internet; therefore, they create a controlled and secure space for handling sensitive data and operations.

### Prerequisites

1. Install `podman` or `docker` on the VM from where you're executing the installation commands.
2. Clone the Devtron Helm chart:

```bash
git clone https://github.com/devtron-labs/devtron.git
cd devtron
```

3. Set the values of `TARGET_REGISTRY`, `TARGET_REGISTRY_USERNAME`, and `TARGET_REGISTRY_TOKEN`. This registry should be accessible from the VM where you are running the cloning script and the K8s cluster where you’re installing Devtron.

{% hint style="warning" %}
### Note
If you are using Docker, the TARGET_REGISTRY should be in the format `docker.io/<USERNAME>`
{% endhint %}

---

## Docker Instructions

### Platform Selection

#### For Linux/amd64

```bash
export PLATFORM="linux/amd64"
```
#### For Linux/arm64

```bash
export PLATFORM="linux/arm64"
```



1. Set the environment variables

```bash
# Set the source registry URL
export SOURCE_REGISTRY="quay.io/devtron"
# Set the target registry URL, username, and token/password
export TARGET_REGISTRY=""
export TARGET_REGISTRY_USERNAME=""
export TARGET_REGISTRY_TOKEN=""
# Set the source and target image file names with default values if not already set
SOURCE_IMAGES_LIST="${SOURCE_IMAGES_LIST:=devtron-images.txt.source}"
TARGET_IMAGES_LIST="${TARGET_IMAGES_LIST:=devtron-images.txt.target}"
```

2. Log in to the target Docker registry

```bash
docker login -u $TARGET_REGISTRY_USERNAME -p $TARGET_REGISTRY_TOKEN $TARGET_REGISTRY
```

3. Clone the images

```bash
while IFS= read -r source_image; do
# Check if the source image belongs to the quay.io/devtron registry
if [[ "$source_image" == quay.io/devtron/* ]]; then
# Replace the source registry with the target registry in the image name
target_image="${source_image/quay.io\/devtron/$TARGET_REGISTRY}"
# Check if the source image belongs to the quay.io/argoproj registry
elif [[ "$source_image" == quay.io/argoproj/* ]]; then
# Replace the source registry with the target registry in the image name
target_image="${source_image/quay.io\/argoproj/$TARGET_REGISTRY}"
# Check if the source image belongs to the public.ecr.aws/docker/library registry
elif [[ "$source_image" == public.ecr.aws/docker/library/* ]]; then
# Replace the source registry with the target registry in the image name
target_image="${source_image/public.ecr.aws\/docker\/library/$TARGET_REGISTRY}"
fi
# Pull the image from the source registry
docker pull --platform $PLATFORM $source_image
# Tag the image with the new target registry name
docker tag $source_image $target_image
# Push the image to the target registry
docker push $target_image
# Output the updated image name
echo "Updated image: $target_image"
# Append the new image name to the target image file
echo "$target_image" >> "$TARGET_IMAGES_LIST"
done < "$SOURCE_IMAGES_LIST"
```
---

## Podman Instructions

### For Multi-arch

1. Set the environment variables

```bash
export SOURCE_REGISTRY="quay.io/devtron"
export SOURCE_REGISTRY_TOKEN=#Enter token provided by Devtron team
export TARGET_REGISTRY=#Enter target registry url
export TARGET_REGISTRY_USERNAME=#Enter target registry username
export TARGET_REGISTRY_TOKEN=#Enter target registry token/password
```

2. Log in to the target Podman registry

```bash
podman login -u $TARGET_REGISTRY_USERNAME -p $TARGET_REGISTRY_TOKEN $TARGET_REGISTRY
```

3. Clone the images

```bash
SOURCE_REGISTRY="quay.io/devtron"
TARGET_REGISTRY=${TARGET_REGISTRY}
SOURCE_IMAGES_FILE_NAME="${SOURCE_IMAGES_FILE_NAME:=devtron-images.txt.source}"
TARGET_IMAGES_FILE_NAME="${TARGET_IMAGES_FILE_NAME:=devtron-images.txt.target}"
cp $SOURCE_IMAGES_FILE_NAME $TARGET_IMAGES_FILE_NAME
while read source_image; do
if [[ "$source_image" == *"workflow-controller:"* || "$source_image" == *"argoexec:"* || "$source_image" == *"argocd:"* ]]
then
SOURCE_REGISTRY="quay.io/argoproj"
sed -i "s|${SOURCE_REGISTRY}|${TARGET_REGISTRY}|g" $TARGET_IMAGES_FILE_NAME
elif [[ "$source_image" == *"redis:"* ]]
then
SOURCE_REGISTRY="public.ecr.aws/docker/library"
sed -i "s|${SOURCE_REGISTRY}|${TARGET_REGISTRY}|g" $TARGET_IMAGES_FILE_NAME
else
SOURCE_REGISTRY="quay.io/devtron"
sed -i "s|${SOURCE_REGISTRY}|${TARGET_REGISTRY}|g" $TARGET_IMAGES_FILE_NAME
fi
done <$SOURCE_IMAGES_FILE_NAME
echo "Target Images file finalized"
while read -r -u 3 source_image && read -r -u 4 target_image ; do
echo "Pushing $source_image $target_image"
podman manifest create $source_image
podman manifest add $source_image $source_image --all
podman manifest push $source_image $target_image --all
done 3<"$SOURCE_IMAGES_FILE_NAME" 4<"$TARGET_IMAGES_FILE_NAME"
```

---

## Devtron Installation

Before starting, ensure you have created an image pull secret for your registry if authentication is required.

1. Create the namespace (if not already created)
```bash
kubectl create ns devtroncd
```

2. Create the Docker registry secret
```bash
kubectl create secret docker-registry devtron-imagepull \
--namespace devtroncd \
--docker-server=$TARGET_REGISTRY \
--docker-username=$TARGET_REGISTRY_USERNAME \
--docker-password=$TARGET_REGISTRY_TOKEN
```
If you are installing Devtron with the CI/CD module or using Argo CD, create the secret in the following namespaces else, you can skip this step-:
```bash
kubectl create secret docker-registry devtron-imagepull \
--namespace devtron-cd \
--docker-server=$TARGET_REGISTRY \
--docker-username=$TARGET_REGISTRY_USERNAME \
--docker-password=$TARGET_REGISTRY_TOKEN
kubectl create secret docker-registry devtron-imagepull \
--namespace devtron-ci \
--docker-server=$TARGET_REGISTRY \
--docker-username=$TARGET_REGISTRY_USERNAME \
--docker-password=$TARGET_REGISTRY_TOKEN
kubectl create secret docker-registry devtron-imagepull \
--namespace argo \
--docker-server=$TARGET_REGISTRY \
--docker-username=$TARGET_REGISTRY_USERNAME \
--docker-password=$TARGET_REGISTRY_TOKEN
```

3. Navigate to the Devtron Helm chart directory
```bash
cd charts/devtron
```


### Install Devtron without any Integration

Use the below command to install Devtron without any Integrations

1. Without `imagePullSecrets`:
```bash
helm install devtron . -n devtroncd --set global.containerRegistry="$TARGET_REGISTRY"
```

2. With `imagePullSecrets`:
```bash
helm install devtron . -n devtroncd --set global.containerRegistry="$TARGET_REGISTRY" --set global.imagePullSecrets[0].name=devtron-imagepull
```

### Installing Devtron with CI/CD Mode
Use the below command to install Devtron with only the CI/CD module

1. Without `imagePullSecrets`:
```bash
helm install devtron . -n devtroncd --set installer.modules={cicd} --set global.containerRegistry="$TARGET_REGISTRY"
```

2. With `imagePullSecrets`:
```bash
helm install devtron . -n devtroncd --set installer.modules={cicd} --set global.containerRegistry="$TARGET_REGISTRY" --set global.imagePullSecrets[0].name=devtron-imagepull
```

### Install Devtron with CICD Mode including Argocd

Use the below command to install Devtron with the CI/CD module and Argo CD

1. Without `imagePullSecrets`:
```bash
helm install devtron . --create-namespace -n devtroncd --set installer.modules={cicd} --set argo-cd.enabled=true --set global.containerRegistry="$TARGET_REGISTRY" --set argo-cd.global.image.repository="${TARGET_REGISTRY}/argocd" --set argo-cd.redis.image.repository="${TARGET_REGISTRY}/redis"
```

2. With `imagePullSecrets`:
```bash
helm install devtron . --create-namespace -n devtroncd --set installer.modules={cicd} --set argo-cd.enabled=true --set global.containerRegistry="$TARGET_REGISTRY" --set argo-cd.global.image.repository="${TARGET_REGISTRY}/argocd" --set argo-cd.redis.image.repository="${TARGET_REGISTRY}/redis" --set global.imagePullSecrets[0].name=devtron-imagepull
```

---

## Next Steps
After installation, refer [Devtron installation documentation](https://docs.devtron.ai/install/install-devtron-with-cicd-with-gitops#devtron-dashboard) for further steps, including obtaining the dashboard URL and the admin password.

0 comments on commit d816dee

Please sign in to comment.