Prerequisites

The following key components must be in place before you can install MSR on Kubernetes using the offline method:

  • cert-manager

  • Postgres Operator

  • RethinkDB Operator

  • MSR Operator

The MSR Operator, RethinkDB Operator, and MSR must all run in the same namespace. With the MSR Operator, however, you can install cert-manager and the Postgres Operator in a different namespace from the one where the MSR resource is running.

Tip

To mitigate the risk of security breaches and exploits, Mirantis strongly recommends upgrading any third-party components that are already installed to the latest supported version before proceeding with installation.

Install cert-manager

Important

You must be running cert-manager 1.7.2 or later.

  1. Run the helm install command:

    helm install cert-manager jetstack/cert-manager \
--version 1.12.3 \
--set installCRDs=true \
-f my_certmanager_values.yaml

  2. Verify that cert-manager is in the Running state:

    kubectl get pods

    If any of the cert-manager Pods are not in the Running state, run kubectl describe on each Pod:

    kubectl describe <cert-manager-pod-name>

    Note

    To troubleshoot the issues that present in the kubectl describe command output, refer to Troubleshooting in the official cert-manager documentation.

Install Postgres Operator

Important

The Postgres Operator version you install must be 1.10.0 or later, as all versions up through 1.8.2 use the PodDisruptionBudget policy/v1beta1 Kubernetes API, which is no longer served as of Kubernetes 1.25. This being the case, various MSR features may not function properly if a Postgres Operator prior to 1.10.0 is installed alongside MSR on Kubernetes 1.25 or later.

  1. Run the helm install command with spilo_* parameters:

    helm install postgres-operator postgres-operator/postgres-operator \
--version 1.12.2 \
--set configKubernetes.spilo_runasuser=101 \
--set configKubernetes.spilo_runasgroup=103 \
--set configKubernetes.spilo_fsgroup=103 \
-f my_postgres_values.yaml

  2. Verify that Postgres Operator is in the Running state:

    kubectl get pods

    To troubleshoot a failing Postgres Operator Pod, run the following command:

    kubectl describe <postgres-operator-pod-name>

    Review the Pod logs for more detailed results:

    kubectl logs <postgres-operator-pod-name>

Note

By default, MSR uses the persistent volume claims detailed in Volumes.

If you have a pre-existing PersistentVolume that contains image blob data that you intend to use with a new instance of MSR, you can add the following to the MSR custom resource manifest to provide the new instance with the name of the associated PersistentVolumeClaim:

spec:
  registry:
    storage:
      backend: 'persistentVolume'
      persistentVolume:
        existingClaim: '<pre-existing-msr-pvc>'

Be aware that this setting indicates the <release-name> PVC referred to in Volumes.

Install RethinkDB Operator

  1. Run the helm install command:

    helm install rethinkdb-operator oci://registry.mirantis.com/rethinkdb/helm/rethinkdb-operator \
  --version 1.0.3 \
  -f my_rethinkdb_values.yaml

  2. Verify that RethinkDB Operator is in the Running state:

    kubectl get pods

    The RethinkDB Operator Pod name begins with rethinkdb-operator-controller-manager.

    To troubleshoot a failing RethinkDB Operator Pod, run the following command:

    kubectl describe pod <rethinkdb-operator-pod-name>

    Review the Pod logs for more detailed results:

    kubectl logs <rethinkdb-operator-pod-name>

Install MSR Operator

  1. Download the msr-operator YAML file by clicking msr-operator.yaml.

  2. Update the msr-operator.yaml file to include references to the required images in the offline registry:

    1. Identify the kube-rbac-proxy image reference in the msr-operator.yaml file:

      cat msr-operator.yaml | grep 'kube-rbac-proxy:' -n

    2. Edit the line so to refer to the correct image:

      image: <registry-ip>/kubebuilder/kube-rbac-proxy:v.0.13.0

    3. Identify the msr-operator image reference in the msr-operator.yaml file:

      cat msr-operator.yaml | grep 'msr-operator:' -n

    4. Edit the line to refer to the correct image:

      image: <registry-ip>/msr/msr-operator:1.0.4

  3. Install the MSR Operator:

    kubectl apply --server-side=true -f msr-operator.yaml

  4. Verify that the MSR Operator Pod is in the Running state:

    kubectl get pods

    The MSR Operator Pod name begins with msr-operator-controller-manager.

    To troubleshoot a failing MSR Operator Pod, run the following command:

    kubectl describe pod <msr-operator-pod-name>

    Review the Pod logs for more detailed results:

    kubectl logs <msr-operator-pod-name>

Important

The Postgres Operator version you install must be 1.10.0 or later, as all versions up through 1.8.2 use the PodDisruptionBudget policy/v1beta1 Kubernetes API, which is no longer served as of Kubernetes 1.25. This being the case, various MSR features may not function properly if a Postgres Operator prior to 1.10.0 is installed alongside MSR on Kubernetes 1.25 or later.

See also