Install Immuta in an Air-Gapped Environment Audience : System Administrators
Content Summary : This page outlines how to install Immuta in an air-gapped environment.
Introduction
Process for Saving and Loading Docker Images
The process outlined for saving and loading the Docker images will be different for everyone. With the exception of the list of Docker images that all users need to copy to their container registry, all code blocks provided are merely examples.
This high-level overview makes these assumptions:
a container registry is accessible from inside the air-gapped environment
Docker and Helm are already installed
Copy Docker Images to Container Registry
All users should copy these Docker images to their container registry.
Copy registry.immuta.com/immuta/immuta-service:2024.1.13
registry.immuta.com/immuta/immuta-db:2024.1.13
registry.immuta.com/immuta/immuta-fingerprint:2024.1.13
registry.immuta.com/immuta/immuta-deploy-tools:$IMMUTA_DEPLOY_TOOLS_VERSION
registry.immuta.com/memcached:$MEMCACHED_TAG
registry.immuta.com/ingress-nginx-controller:$INGRESS_NGINX_TAG See the Helm Chart Options page for the values: IMMUTA_DEPLOY_TOOLS_VERSION, MEMCACHED_TAG, and INGRESS_NGINX_TAG.
Sample Processes
Networked Machine (Outside Air Gap)
Docker Registry Authentication
Contact your Immuta support professional for your Immuta Docker Registry credentials.
Authenticate with Immuta's Docker registry.
Copy docker login https://registry.immuta.com -u < usernam e > -p < passwor d > Pull the images.
Copy docker pull registry.immuta.com/immuta/immuta-service:2024.1.13
docker pull registry.immuta.com/immuta/immuta-db:2024.1.13
docker pull registry.immuta.com/immuta/immuta-fingerprint:2024.1.13
docker pull registry.immuta.com/immuta/immuta-deploy-tools: $IMMUTA_DEPLOY_TOOLS_VERSION
docker pull registry.immuta.com/memcached: $MEMCACHED_TAG
docker pull registry.immuta.com/ingress-nginx-controller: $INGRESS_NGINX_TAG Save the images.
Copy docker save registry.immuta.com/immuta/immuta-service:2024.1.13 /
| gzip > immuta-service-2024.1.13
docker save registry.immuta.com/immuta/immuta-db:2024.1.13 /
| gzip > immuta-db-2024.1.13
docker save registry.immuta.com/immuta/immuta-fingerprint:2024.1.13 /
| gzip > immuta-fingerprint-2024.1.13
docker save registry.immuta.com/immuta/immuta-deploy-tools: $IMMUTA_DEPLOY_TOOLS_VERSION | /
gzip > immuta-deploy-tools- $IMMUTA_DEPLOY_TOOLS_VERSION .tar.gz
docker save registry.immuta.com/memcached: $MEMCACHED_TAG | gzip > memcached- $MEMCACHED_TAG .tar.gz
docker save registry.immuta.com/ingress-nginx-controller: $INGRESS_NGINX_TAG | /
gzip > ingress-nginx-controller- $INGRESS_NGINX_TAG .tar.gz The .tar.gz files will now be in your working directory.
Add Immuta's Chart repository to Helm.
Copy helm repo add --username < usernam e > --password-stdin immuta https://archives.immuta.com/charts Download the Helm Chart.
Copy helm pull immuta/immuta The .tgz files will now be in your working directory.
Move the Helm Chart and Docker images onto a machine connected to the air-gapped network.
Offline Machine (Inside Air Gap)
Copy these Docker images to your container registry. Note: You may need to reload the environment variables.
Copy registry.immuta.com/immuta/immuta-service:2024.1.13
registry.immuta.com/immuta/immuta-db:2024.1.13
registry.immuta.com/immuta/immuta-fingerprint:2024.1.13
registry.immuta.com/immuta/immuta-deploy-tools:$IMMUTA_DEPLOY_TOOLS_VERSION
registry.immuta.com/memcached:$MEMCACHED_TAG
registry.immuta.com/ingress-nginx-controller:$INGRESS_NGINX_TAG Validate that the images are present.
Tag the images.
Copy docker image tag $IMMUTA_REGISTRY /immuta/immuta-service:2024.1.13 /
$CUSTOMER_REGISTRY /immuta/immuta-service:2024.1.13
docker image tag $IMMUTA_REGISTRY /immuta/immuta-db:2024.1.13 /
$CUSTOMER_REGISTRY /immuta/immuta-db:2024.1.13
docker image tag $IMMUTA_REGISTRY /immuta/immuta-fingerprint:2024.1.13 /
$CUSTOMER_REGISTRY /immuta/immuta-fingerprint:2024.1.13
docker image tag $IMMUTA_REGISTRY/immuta/immuta-deploy-tools:$IMMUTA_DEPLOY_TOOLS_VERSION $CUSTOMER_REGISTRY/immuta/immuta-deploy-tools:$IMMUTA_DEPLOY_TOOLS_VERSION
docker image tag $IMMUTA_REGISTRY /memcached: $MEMCACHED_TAG $CUSTOMER_REGISTRY /immuta/memcached: $MEMCACHED_TAG
docker image tag $IMMUTA_REGISTRY/ingress-nginx-controller:$INGRESS_NGINX_TAG $CUSTOMER_REGISTRY/immuta/ingress-nginx-controller:$INGRESS_NGINX_TAG Push the images to your registry.
Copy docker image push $CUSTOMER_REGISTRY /immuta/immuta-service:2024.1.13
docker image push $CUSTOMER_REGISTRY /immuta/immuta-db:2024.1.13
docker image push $CUSTOMER_REGISTRY /immuta/immuta-fingerprint:2024.1.13
docker image push $CUSTOMER_REGISTRY /immuta/immuta-deploy-tools: $IMMUTA_DEPLOY_TOOLS_VERSION
docker image push $CUSTOMER_REGISTRY /immuta/memcached: $MEMCACHED_TAG
docker image push $CUSTOMER_REGISTRY /immuta/ingress-nginx-controller: $INGRESS_NGINX_TAG Create the Helm values file (i.e., myValues.yaml) and point it to your registry (i.e., web.imageRepository). Be sure to replace $CUSTOMER_REGISTRY with the actual URL, including any additional prefixes before immuta, with the URL for the actual registry.
Copy global :
imageRegistry : $CUSTOMER_REGISTRY
cache :
memcached :
image :
repository : immuta/memcached
nginxIngress :
controller :
image :
repository : immuta/ingress-nginx-controller Deploy the Helm Chart.
Copy helm install < YOUR RELEASE NAM E > immuta- $IMMUTA_HELM_CHART_VERSION .tgz --values myValues.yaml