Install Cyberwatch offline with MicroK8s (deprecated)

This document details the procedure to follow to install Cyberwatch on an offline machine.

Prerequisites

Please ensure that the following prerequisites are satisfied:

  • a machine with MicroK8s installed;
  • a machine with access to the internet with a similar operating system to the one that does not have access to the internet;
  • credentials provided by Cyberwatch to access container images and Helm charts (i.e a login/password provided by Cyberwatch).

Get required files

  1. Connect via SSH on a machine with the same operating system as the machine where Cyberwatch will be deployed. This machine must be connected to the internet.

  2. Create the cyberwatch_sources directory:

    mkdir cyberwatch_sources; cd cyberwatch_sources

  3. On a Red Hat based distribution:

    1. Install yum-utils:

      sudo yum install yum-utils curl epel-release

    2. Install snapd:

      sudo yum install snapd

    3. Install podman:

      sudo yum install podman
export CONTAINER_DOWNLOADER=podman

  4. On a Debian-based distribution:

    1. Install snapd:

      sudo apt install snapd

    2. Install docker:

      sudo apt install docker.io
export CONTAINER_DOWNLOADER=docker

  5. Download the cyberwatch package:

    • For Apt:

      wget https://dl.cyberwatch.fr/apt/incoming/cyberwatch.deb

    • For Rpm:

      wget https://dl.cyberwatch.fr/rpm/incoming/cyberwatch.rpm

  6. Export the Cyberwatch’s credentials (complete the commands):

     export CBW_USER=
 export CBW_PASSWORD=

  7. Download the container images.

    Login to the container registry:

    sudo $CONTAINER_DOWNLOADER login -u cbw\$$CBW_USER -p $CBW_PASSWORD harbor.cyberwatch.fr/cbw-on-premise

    Pull the images and save them:

    sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/olympe:stable
sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/redis:latest
sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/nginx:latest
sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/mariadb:latest
sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/third_parties:latest
sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/kibana-oss:latest
sudo $CONTAINER_DOWNLOADER pull harbor.cyberwatch.fr/cbw-on-premise/elasticsearch-oss:latest

sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/olympe:stable            -o olympe.tar
sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/redis:latest             -o redis.tar
sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/nginx:latest             -o nginx.tar
sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/mariadb:latest           -o mariadb.tar
sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/third_parties:latest     -o third_parties.tar
sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/kibana-oss:latest        -o kibana-oss.tar
sudo $CONTAINER_DOWNLOADER save harbor.cyberwatch.fr/cbw-on-premise/elasticsearch-oss:latest -o elasticsearch-oss.tar

    Ensure that 7 container images have been downloaded:

    ls *.tar | wc -l

  8. Download Cyberwatch’s Helm chart.

    Install Helm:

    sudo systemctl start snapd
sudo ln -s /var/lib/snapd/snap /snap
sudo snap install helm --classic

    Login to the registry and download the chart:

    echo "$CBW_PASSWORD" | /snap/bin/helm registry login harbor.cyberwatch.fr/cbw-on-premise \
   --username "cbw\$$CBW_USER" --password-stdin
/snap/bin/helm pull oci://harbor.cyberwatch.fr/cbw-on-premise/cyberwatch-chart

  9. Erase the environment variables:

    unset CBW_USER CBW_PASSWORD
history -c

  10. Archive all the files:

    cd ..
sudo tar czvf cyberwatch_sources.tar.gz cyberwatch_sources

Install Cyberwatch

  1. Transfer the archive on the offline machine.

  2. Switch to the root user:

    sudo su

  3. Extract the sources:

    tar xvzf cyberwatch_sources.tar.gz
cd cyberwatch_sources

  4. Start MicroK8s:

    /snap/bin/microk8s start

  5. Load the container images into MicroK8s container’s cache:

    ls *.tar| xargs -n 1 -I {} /snap/bin/microk8s ctr i import $(pwd)/{}

  6. Verify the default containers are running:

    /snap/bin/microk8s kubectl get po -A

    If there is an error, please refer to the Troubleshooting page.

  7. Install the cyberwatch package:

    For Debian-based distributions:

       dpkg -i cyberwatch.deb

    For Red Hat based distributions:

       rpm -i cyberwatch.rpm

  8. Configure these two environment variable to file /etc/cyberwatch/config.env:

    CBW_OFFLINE="true"
HELM="helm -n cyberwatch --kubeconfig /var/snap/microk8s/current/credentials/client.config"

  9. Configure Cyberwatch:

    sudo cyberwatch configure --offline

  10. Start Cyberwatch:

    sudo cyberwatch start

  11. Monitor the status of the containers until they are all in the Running state:

    sudo cyberwatch status

  12. Register the admin user through the web interface.

Back to top