Prerequisites

The following key components must be in place before you can install MSR on Kubernetes using the online method:

  • cert-manager

  • Postgres Operator

  • RethinkDB Operator

  • MSR Operator

The MSR Operator, RethinkDB Operator, and MSR must all run in the same namespace. With the MSR Operator, however, you can install cert-manager and the Postgres Operator in a different namespace from the one where the MSR resource is running.

Tip

To mitigate the risk of security breaches and exploits, Mirantis strongly recommends upgrading any third-party components that are already installed to the latest supported version before proceeding with installation.

To ensure that all of the key prerequisites are present:

  1. Install cert-manager:

    Important

    The cert-manager version you install must be 1.7.2 or later.

    helm upgrade --install cert-manager cert-manager \
     --repo https://charts.jetstack.io \
     --version 1.12.3 \
     --set installCRDs=true

  2. Install Postgres Operator:

    Important

    The Postgres Operator version you install must be 1.10.0 or later, as all versions up through 1.8.2 use the PodDisruptionBudget policy/v1beta1 Kubernetes API, which is no longer served as of Kubernetes 1.25. This being the case, various MSR features may not function properly if a Postgres Operator prior to 1.10.0 is installed alongside MSR on Kubernetes 1.25 or later.

    helm upgrade --install postgres-operator postgres-operator \
     --repo https://opensource.zalando.com/postgres-operator/charts/postgres-operator/ \
     --version 1.12.2 \
     --set configKubernetes.spilo_runasuser=101 \
     --set configKubernetes.spilo_runasgroup=103 \
     --set configKubernetes.spilo_fsgroup=103

    Note

    By default, MSR uses the persistent volume claims detailed in Volumes.

    If you have a pre-existing PersistentVolume that contains image blob data that you intend to use with a new instance of MSR, you can add the following to the MSR custom resource manifest to provide the new instance with the name of the associated PersistentVolumeClaim:

    spec:
  registry:
    storage:
      backend: 'persistentVolume'
      persistentVolume:
        existingClaim: '<pre-existing-msr-pvc>'

    This setting indicates the <release-name> PVC referred to in Volumes.

  3. Install RethinkDB Operator:

    helm upgrade --install rethinkdb-operator oci://registry.mirantis.com/rethinkdb/helm/rethinkdb-operator \
    --version 1.0.3

    Important

    The RethinkDB Operator version you install must be 1.0.2 or later. Earlier versions may cause issues with the RethinkDB database if the related pods are evicted from their original nodes.

  4. Install MSR Operator:

    helm upgrade --install msr-operator oci://registry.mirantis.com/msr/helm/msr-operator \
    --version 1.0.4

See also