Skip to content

Prerequisites for Air Gap Installation

Note

This section is applicable only if you are installing Privacera Manager in an air gap (no Internet access) network. This is not a typical setup. You also need to do the Self Managed Prerequisites before you can proceed with this section. Refer to the Prerequisites section.

Overview

An air gap network is a secure network environment that is isolated from the Internet. If you plan to install Privacera software in an air gap (no Internet access) network, then you have to download the Privacera docker images and host them in your docker registry. You also have to host the Privacera Manager tarball in an object store accessible to the compute host in air gap network. A script, pm-airgap-installation.sh, is provided to facilitate this process.

Prerequisites

  1. You need a Linux host that has access to the Internet where you will run the pm-air-gap-installation.sh script.
  2. Your local docker registry where you will host the Privacera docker images. We need the URL of the registry and the credentials to push the images to the registry.
  3. Access to the compute host in air gap (no Internet access) network from where you plan to run Privacera Manager. This host should have access to the local docker registry where the Privacera docker images are hosted.

Installation Information

You will need the following information from Privacera Sales Representative:

Information Required

PRIV_MGR_PACKAGE: The format will be https://<domain>/<filepath>/<file.tar.gz>

PRIV_MGR_IMAGE: The format will be <PRIVACERA_HUB_HOST>/privacera-manager:<PRIV_MGR_IMAGE_TAG>

PRIVACERA_HUB_USER: Privacera Docker hub registry username

PRIVACERA_HUB_PASSWORD: Privacera Docker hub registry password

Download script

Create temporary bash variables to be used during this installation. Obtain the following from your Privacera sales representative:

Bash
PRIV_MGR_IMAGE=<PLEASE_CHANGE>
PRIV_MGR_PACKAGE=<PLEASE_CHANGE>

After setting the above variables, run the following code in your shell to initialize these variables. Copy the output to a text file to be used in the next section.

Bash
1
2
3
4
5
6
7
8
9
PRIVACERA_HUB_HOSTNAME=$(echo $PRIV_MGR_IMAGE | awk -F'/' '{print $1}')
PRIV_MGR_IMAGE_TAG=$(echo $PRIV_MGR_IMAGE | awk -F':' '{print $2}')
PRIV_MGR_BASE_URL=${PRIV_MGR_PACKAGE%/privacera-manager.tar.gz}

echo && \
echo "PRIVACERA_HUB_HOSTNAME=${PRIVACERA_HUB_HOSTNAME}" && \
echo "PRIV_MGR_IMAGE_TAG=${PRIV_MGR_IMAGE_TAG}" && \
echo "PRIV_MGR_BASE_URL=${PRIV_MGR_BASE_URL}" && \
echo

Run the following wget command from the home folder of your Linux host to download the script.

Bash
1
2
3
cd ~
wget ${PRIV_MGR_BASE_URL}/pm-airgap-installation.sh
chmod +x pm-airgap-installation.sh

Download packages and images of Privacera Manager

Run the following commands,

Bash
cd ~
./pm-airgap-installation.sh
Bash
Enter Privacera Base Download URL:
<PRIV_MGR_BASE_URL>

Download Privacera Core Components ? Y/N

Download Internal Mariadb Database Image  ? Y/N

Download Privacera Access Manager Component Images  ? Y/N

Download Privacera Discovery Component Images  ? Y/N

Download Encryption & Masking Component Images  ? Y/N

Download Statistics & Monitoring Component Images  ? Y/N

Download Privacera Diagnostics Component Images  ? Y/N
The script lists the packages and images downloaded and saved in ~/privacera/downloads and ~/privacera/downloads/images locations respectively.

Push images to internal repository

Run the script again with push action to upload the images to your private Repository and copy (.tar) packages to your Privacera Manager host.

Bash
1
2
3
4
5
6
7
8
cd ~
./pm-airgap-installation.sh push

Enter Privacera Docker Hub URL:
Enter Privacera Image Tag:
Enter Docker login URL:
Enter Docker user:
Enter Docker password:
Once the images are pushed to the internal repository, it will clean up images in the ~/privacera/downloads/images directory and it will prompt to copy package to Privacera Manager host using rsync over ssh.

Copy package to Privacera Manager host

Run the script again with the sync action to copy the Privacera Manager package to your Privacera Manager host.

Bash
1
2
3
4
5
6
cd ~
./pm-airgap-installation.sh sync
Do you want to copy packages to PM Host [y/n]:
Can Current User <logged-in-user> can SSH(Passwordless), to PM Host [y/n]?:
Enter Hostname of PM HOST:
Enter Username of PM HOST:

You can also manually copy the package from ~/privacera/downloads/privacera-manager.tar.gz to the ~/privacera/downloads directory on the Privacera Manager host.

Air gap Installation Information

Now you should be ready with this set of properties which are hostname of your airgap Docker registry and the credentials to pull from it.

Information Required

AIRGAP_PRIV_MGR_IMAGE: The format will be <PRIVACERA_HUB_HOST>/privacera-manager:<PRIV_MGR_IMAGE_TAG>

AIRGAP_HUB_USER: Privacera Docker hub registry username

AIRGAP_HUB_PASSWORD: Privacera Docker hub registry password

Comments