Install MSR offline

Prior to installing MSR offline, you must first download the necessary prerequisites, Helm charts, and images from the Internet. Then, having obtained the necessary components, copy the images to and install MSR on each of the offline hosts.

Obtain and prepare the Helm charts and images

  1. Using an Internet-connected computer, download the required Helm charts and images:

    helm repo add postgres-operator https://opensource.zalando.com/postgres-operator/charts/postgres-operator/
    helm repo add jetstack https://charts.jetstack.io
    helm repo add msrofficial https://registry.mirantis.com/charts/msr/msr
    helm repo update
    helm pull postgres-operator/postgres-operator
    helm pull jetstack/cert-manager --version 1.3.1
    helm pull msrofficial/msr --version 1.0.0
    
  2. Prepare the images for transfer to the offline hosts:

    1. Unpack the downloaded Helm charts into separate folders:

      tar zxvf msr-1.0.0.tgz
      tar zxvf postgres-operator-1.7.1.tgz
      tar zxvf cert-manager-v1.3.1.tgz
      
    2. Navigate to the MSR chart folder and pull the Docker image from the repository indicated in the Helm chart:

      helm template . --api-versions=acid.zalan.do/v1 --api-versions=cert-manager.io/v1 \
      | yq e "..|.image? | select(.)" - \
      | grep -wv "\-\-\-" | sort -u | xargs -L1 docker pull
      
    3. Navigate to each of the remaining chart folders and pull the docker images from the repositories indicated in the Helm charts:

      helm template . \
      | yq e "..|.image? | select(.)" - \
      | grep -wv "\-\-\-" | sort -u | xargs -L1 docker pull
      
    4. Verify that you have the correct images:

      docker image ls
      

      Example output:

      REPOSITORY                                            TAG                         IMAGE ID       CREATED        SIZE
      registry.mirantis.com/msr/msr-api                     3.0.0                       a4096a1cc5c2   4 days ago     120MB
      registry.mirantis.com/msr/msr-registry                3.0.0                       5e53260dcde3   4 days ago     93.8MB
      registry.mirantis.com/msr/msr-notary-signer           3.0.0                       fca00b0aa397   4 days ago     21.4MB
      registry.mirantis.com/msr/msr-notary-server           3.0.0                       63fe49c1851f   4 days ago     22.8MB
      registry.mirantis.com/msr/msr-jobrunner               3.0.0                       4032be413b90   4 days ago     846MB
      registry.mirantis.com/msr/msr-garant                  3.0.0                       bf9e55f9747e   4 days ago     69.2MB
      registry.mirantis.com/msr/enzi                        1.0.0                       ac40c7e22019   3 weeks ago    42.3MB
      registry.opensource.zalan.do/acid/postgres-operator   v1.7.1                      ac638555fcca   4 weeks ago    70.4MB
      mirantis/rethinkdb                                    2.3.6-mirantis-35-7d29e61   6f8a13337229   5 weeks ago    47.2MB
      quay.io/jetstack/cert-manager-cainjector              v1.3.1                      2c00002e852f   5 weeks ago    42MB
      quay.io/jetstack/cert-manager-ctl                     v1.3.1                      56a3ed6fbb22   5 weeks ago    56MB
      quay.io/jetstack/cert-manager-controller              v1.3.1                      5b55f1fe3269   5 weeks ago    64.1MB
      quay.io/jetstack/cert-manager-webhook                 v1.3.1                      a1ff68047f96   5 weeks ago    46.6MB
      
    5. Save each image locally, as in the following example:

      docker save registry.mirantis.com/msr/msr-api -o registry.mirantis.com:msr:msr-api.image
      
    6. Package all of the images:

      tar -cvzf msr.tgz *.image
      
  3. Transfer the MSR package to each offline host:

    1. Copy the MSR package to the offline host:

      scp msr.tgz <user>@<host>
      scp cert-manager-v1.6.1.tgz <user>@<host>
      scp msr-1.0.0-rc1.tgz <user>@<host>
      scp postgres-operator-1.7.1.tgz <user>@<host>
      
    2. Use SSH to log in to the host on which you transferred the package.

    3. Load the MSR images from the TAR archive:

      docker load -i msr.tgz
      
    4. Set up a docker registry in the destination environment and then tag and push the docker images into this registry.

    5. Update the image references in the Helm charts and Kubernetes YAML files such that they point to the local docker registry.

Install MSR

On each host machine:

  1. Unpack all downloaded Helm charts into one folder, such as /home/charts.

  2. Navigate to /home/charts.

  3. Install prerequisites:

    helm install postgres-operator postgres-operator \
    --set configKubernetes.spilo_runasuser=101 \
    --set configKubernetes.spilo_runasgroup=103 \
    --set configKubernetes.spilo_fsgroup=103
    helm install cert-manager cert-manager \
    --set installCRDs=true
    
  4. Install MSR:

    helm install msr msr
    
  5. Verify the success of your MSR installation:

    • Log in to the MSR web UI, or

    • Confirm that all msr-* pods are in a running state

  6. Optional. Disable outgoing connections in the MSR web UI Admin Settings. MSR makes outgoing connections for the following tasks:

    • Analytics reporting

    • New version notifications

    • Online license verification

    • Vulnerability scanning database updates