Air gap installation¶

Overview¶

An air gap network is a secure network environment that is isolated from the Internet. If you plan to install Privacera software in an air gap (no Internet access) network, then you have to download the Privacera docker images and host them in your docker registry. You also have to host the Privacera Manager tarball in an object store accessible to the compute host in air gap network. A script, pm-airgap-installation.sh, is provided to facilitate this process.

Prerequisites¶

1. You need a Linux host that has access to the Internet where you will run the pm-air-gap-installation.sh script.
2. Your local docker registry where you will host the Privacera docker images. We need the URL of the registry and the credentials to push the images to the registry.
3. Access to the compute host in air gap (no Internet access) network from where you plan to run Privacera Manager. This host should have access to the local docker registry where the Privacera docker images are hosted.

Installation Information¶

You will need the following information from Privacera Sales Representative:

Download script¶

Create temporary bash variables to be used during this installation. Obtain the following from your Privacera sales representative:

1
2

PRIV_MGR_IMAGE=<PLEASE_CHANGE>
PRIV_MGR_PACKAGE=<PLEASE_CHANGE>

After setting the above variables, run the following code in your shell to initialize these variables. Copy the output to a text file to be used in the next section.

1
2
3
4
5
6
7
8
9

PRIVACERA_HUB_HOSTNAME=$(echo $PRIV_MGR_IMAGE | awk -F'/' '{print $1}')
PRIV_MGR_IMAGE_TAG=$(echo $PRIV_MGR_IMAGE | awk -F':' '{print $2}')
PRIV_MGR_BASE_URL=${PRIV_MGR_PACKAGE%/privacera-manager.tar.gz}

echo && \
echo "PRIVACERA_HUB_HOSTNAME=${PRIVACERA_HUB_HOSTNAME}" && \
echo "PRIV_MGR_IMAGE_TAG=${PRIV_MGR_IMAGE_TAG}" && \
echo "PRIV_MGR_BASE_URL=${PRIV_MGR_BASE_URL}" && \
echo

Run the following wget command from the home folder of your Linux host to download the script.

1
2
3

cd ~
wget ${PRIV_MGR_BASE_URL}/pm-airgap-installation.sh
chmod +x pm-airgap-installation.sh

Download packages and images of Privacera Manager¶

Run the following commands,

1
2

cd ~
./pm-airgap-installation.sh

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

Enter Privacera Base Download URL:
<PRIV_MGR_BASE_URL>

Download Privacera Core Components ? Y/N

Download Internal Mariadb Database Image  ? Y/N

Download Privacera Access Manager Component Images  ? Y/N

Download Privacera Discovery Component Images  ? Y/N

Download Encryption & Masking Component Images  ? Y/N

Download Statistics & Monitoring Component Images  ? Y/N

Download Privacera Diagnostics Component Images  ? Y/N

Push images to internal repository¶

Run the script again with push action to upload the images to your private Repository and copy (.tar) packages to your Privacera Manager host.

1
2
3
4
5
6
7
8

cd ~
./pm-airgap-installation.sh push

Enter Privacera Docker Hub URL:
Enter Privacera Image Tag:
Enter Docker login URL:
Enter Docker user:
Enter Docker password:

Copy package to Privacera Manager host¶

Run the script again with the sync action to copy the Privacera Manager package to your Privacera Manager host.

1
2
3
4
5
6

cd ~
./pm-airgap-installation.sh sync
Do you want to copy packages to PM Host [y/n]:
Can Current User <logged-in-user> can SSH(Passwordless), to PM Host [y/n]?:
Enter Hostname of PM HOST:
Enter Username of PM HOST:

You can also manually copy the package from ~/privacera/downloads/privacera-manager.tar.gz to the ~/privacera/downloads directory on the Privacera Manager host.

Air gap Installation Information¶

Now you should be ready with this set of properties which are hostname of your airgap Docker registry and the credentials to pull from it.

Comments