I want to use Okteto in an airgapped environment with a k3s cluster. How can I do the full process?
To install Okteto in an airgapped cluster with k3s you need to follow this steps:
Install k3s in VM
If you don’t have k3s cluster already installed, follow this steps to install it. This guide is for Ubuntu
- Installation:
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable=traefik" sh -
We are going to disable traefik, which comes by default and we are going to use nginx controller from Okteto.
If you already have it installed in your cluster with traefik you can disable it editing k3s configuration file (usually located at/etc/rancher/k3s/config.yamlor/etc/k3s/config.yaml.
disable:
- traefik
>> sudo systemctl restart k3s
- Check status:
systemctl status k3s
This should show status asactive (running) - Checking Default Kubernetes Objects:
sudo kubectl get all -n kube-system
To avoid getting errors running it with sudo:sudo chmod 644 /etc/rancher/k3s/k3s.yaml
Okteto installation
Pull Images
To install Okteto you need to have access to all the images that the Chart is going to use. Otherwise Okteto will try to pull them from Dockerhub and if you don’t have access in an airgapped VM it will fail with ImagePullBackOff Error.
You can check all the images needed in the Chart Artifactory. Choose the version of Okteto that you want and:
- Open DEFAULT VALUES and search the word
image: - Look in the DEPENDENCIES section to find Charts Okteto depends on with its version. Open them and repeat the process to know which images to pull
- In addition to this ones, Okteto will need:
**okteto/okteto: https://hub.docker.com/r/okteto/okteto (we can check the version used by the Chart after installation)
**okteto/bin: https://hub.docker.com/r/okteto/bin
**docker/dockerfile: https://hub.docker.com/r/docker/dockerfile
Now that you have all the images, you have two options:
- Copy them to the VM and use them with Local Registry
** No changes need in theconfig.yamlto specify the images and tags if you use same name
** WARNING: k3s usually works withruntime runc/containerd. If you were usingdockerthey won’t work and they will need to be exported. Example:
>> docker save okteto/backend:52c5ec953 -o backend.tar
>> sudo ctr -n k8s.io images import backend.tar
>> sudo k3s crictl images
- Push them to your Private Registry
** Your VM/cluster will need access to the Private Registry
** You will need to add them to theconfig.yaml. Example:
backend:
image:
registry: your_registry/backend
tag: 1fe82c0b7
Helm installation
Follow our installation guide for DNS and certificates in Okteto docs
In addition to the images of your registry (in case you need to add them), things needed are:
license: provided by Okteto sales
subdomain: your domain
telemetry:
enabled: false
installer:
runner: only needed if you are installing with local VM registry. You need to push always this oneto your private registry and add it here
For the LoadBalancer you have several options:
- Use MetalLB
- Type
nginx controlleras NodePort
ingress-nginx:
enabled: true
controller:
service:
type: NodePort
- Use the
VM internal IP
ingress-nginx:
controller:
service:
externalIPs:
- 10.132.0.2 (example)
Now you have everything ready to install Okteto!! Download the chart.tar if you don’t have access and push it to your VM to install from it.
helm upgrade --install okteto okteto -f config.yaml --namespace okteto --create-namespace
Subdomain
If you are in an airgapped environment you may need to ask your IT team to be able to resolve DNS to:
okteto.subdomainbuildkit.subdomainkubernetes.subdomainregistry.subdomain
If you are using wildcard the best would be for *.subdomain