lfr_service_installation

<< PREVIOUS NEXT >>

LOCAL FILE REPOSITORY (LFR) SERVICE INSTALLATION

Local File Repository (LFR) service installation is the first step. This section describes the setup process in detail.

LFR SERVICE INSTALLATION

Create virsec Namespace using the below command:
1. kubectl create namespace virsec
Create a secret for Virsec Container Registry using the below command:
1. Method 1: Using kubectl command:
  
  kubectl create secret docker-registry regcred --docker-server="artifacts.virsec.work" --docker-username="<Virsec_Artifactory_username>" --docker-password="<Virsec_Artifactory_password>" -n virsec
2. Method 2:
  1. Log in to the Artifactory site using Virsec-provided credentials from the local machine
  2. Navigate to the directory vsp > releases > public > 2 > 2.10 > <Patch_Version> > Helm
  3. Right-click on the file vsp_create_secret.sh, listed on the page and download it to the local system
  4. Log in to the Management Node
  5. Copy the downloaded file vsp_create_secret.sh
  6. Modify the Permission using the command
    1. chmod +x vsp_create_secret.sh
  7. Execute the script using the below command and provide the artifactory credentials when prompted
    1. ./vsp_create_secret.sh
    2. Provide the artifactory credentials when prompted
Log in to the Artifactory site using Virsec-provided credentials from the local machine
Navigate to the directory vsp > releases > public > 2 > 2.10 > <Patch_Version> > Helm
Right-click on the file vsp-lfr-<version>.tgz, listed on the page and download it to the local system
1. Log in to the Management Node
2. Copy the downloaded file vsp-lfr-<version>.tgz
Execute the below command to display the configurable parameters:
1. helm inspect values vsp-lfr-<version>.tgz
Execute the below commands to install LFR and display the LFR URL (using either Method 1 or 2)
1. Method 1: Using helm install command
  1. For On-Premise environments:
    1. Helm 3:
      
      helm install vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec
    2. Helm 2:
      
      helm install --name vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec
  2. For AWS EKS/ GOOGLE GKE environments:
    1. Helm 3:
      
      helm install vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set cloudProvider=eks --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec
    2. Helm 2:
      
      helm install --name vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set cloudProvider=eks --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec
  3. A sample output of the command is provided below
  4. Execute the provided commands to retrieve LFR URL:
    
    (kubectl -n virsec get pods -o wide -l run=vsp-lfr | grep vsp-lfr | awk '{print $7}' | xargs -I {} kubectl -n virsec get node -o wide {} | tail -n 1 | awk '{print $6}') | xargs -I {} kubectl patch service vsp-lfr -n virsec -p '{"spec":{"externalIPs": [ "{}" ]}}'
    
    export SERVICE_IP=$(kubectl get svc --namespace virsec vsp-lfr -o jsonpath='{.spec.externalIPs[0]}')
    
    echo https://$SERVICE_IP:8443/vsp
2. Method 2: Using kubectl command
  1. For On-Premise environments:
    1. Helm 3:
      
      helm template vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec > vsp-lfr.yaml
    2. Helm 2:
      
      helm template --name vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec > vsp-lfr.yaml
  2. For AWS EKS/ GOOGLE GKE environments:
    1. Helm 3:
      
      helm template vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set cloudProvider=eks --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec > vsp-lfr.yaml
    2. Helm 2:
      
      helm template --name vsp-lfr ./vsp-lfr-<RELEASE_VERSION>.tgz --set cloudProvider=eks --set artifactory.username="<ARTIFACTORY_USERNAME>" --set artifactory.password='<ARTIFACTORY_PASSWORD>' --set artifactory.token="<ARTIFACTORY_TOKEN>" --namespace virsec > vsp-lfr.yaml
  3. Execute the below commands to deploy LFR URL:
    
    kubectl apply -f vsp-lfr.yaml
  4. Execute the below commands to retrieve LFR URL:
    
    (kubectl -n virsec get pods -o wide -l run=vsp-lfr | grep vsp-lfr | awk '{print $7}' | xargs -I {} kubectl -n virsec get node -o wide {} | tail -n 1 | awk '{print $6}') | xargs -I {} kubectl patch service vsp-lfr -n virsec -p '{"spec":{"externalIPs": [ "{}" ]}}'
    
    export SERVICE_IP=$(kubectl get svc --namespace virsec vsp-lfr -o jsonpath='{.spec.externalIPs[0]}')
    
    echo https://$SERVICE_IP:8443/vsp

<< PREVIOUS NEXT >>