Channels
#general
Title
m
many-nightfall-61858
09/18/2023, 11:36 PMHi, we have been running into some pain points with installing RKE2 in an air gapped environment on SELinux for Red Hat. Is there any guidance on how this should be done? We need the RKE2 rpms associated with the version of the tarballed container images. E.g. if I am using RKE2 v1.25.12, I need to make sure I also tarball those image versions. Additionally,
install.shfapolicydc
creamy-pencil-82913
09/18/2023, 11:39 PMmethod conflict?
you can get the tarballs from github for any given version; are you specifying the version when installing so that you can match the RPM to the tarballs?
m
many-nightfall-61858
09/18/2023, 11:42 PMmethod conflict: https://github.com/rancher/rke2/blob/master/install.sh#L137
But the yum repos setup in the script point to repos that you need internet connectivity for
this doesnt seem to work (maybe I’m doing something wrong): https://github.com/rancher/rke2/blob/master/install.sh#L579
this works: https://github.com/rancher/rke2/blob/master/install.sh#L577, but its kind of buried on how to construct these env variables to pick up the version correctly
c
creamy-pencil-82913
09/18/2023, 11:46 PMWhy are you installing tars on top of RPMs?
m
many-nightfall-61858
09/18/2023, 11:46 PMso we end up just forking the install script, removing
check_method Copy code
rke2_rpm_version=$(echo "${INSTALL_RKE2_VERSION}" | sed -E -e "s/[\+-]/~/g" | sed -E -e "s/v(.*)/\1/")
yum install -y rke2-server-${rke2_rpm_version}~rke2r1-0.el8.x86_64c
creamy-pencil-82913
09/18/2023, 11:47 PMyeah I’m really confused by what you’re doing here
m
many-nightfall-61858
09/18/2023, 11:47 PMfollowing these docs: https://docs.rke2.io/install/airgap#rke2-installsh-script-install
yeah 😓 thats why I’m coming here for help
is there a different way we can load images without doing
INSTALL_RKE2_ARTIFACT_PATH=/root/rke2-artifacts sh install.shc
creamy-pencil-82913
09/18/2023, 11:50 PMtry with
INSTALL_RKE2_METHOD=rpm INSTALL_RKE2_VERSION=v1.25.12+rke2r1 INSTALL_RKE2_ARTIFACT_PATH=/where/you/put/stuffThe error you were getting indicates that you previously installed from tarballs, so make sure you don’t have any of that left behind when running it
I mean, if you’re doing RPMs you can just install them normally, and place the images in /var/lib/rancher/rke2/agent/images yourself
with RPMs, that’s really all the install script is doing for you - since you don’t need it to go out and grab stuff from GH for you
the install script doesn’t add much value if you already know which version you want, and have all the files downloaded
m
many-nightfall-61858
09/18/2023, 11:53 PMyeah but we need some of the other configuration that’s done in install.sh, such as https://github.com/rancher/rke2/blob/master/install.sh#L625
c
creamy-pencil-82913
09/18/2023, 11:56 PMis that it? you just need the fapolicy rules, and the tarballs copied over?
m
many-nightfall-61858
09/18/2023, 11:56 PMyeah I tried this
INSTALL_RKE2_METHOD=rpm INSTALL_RKE2_VERSION=v1.25.12+rke2r1 INSTALL_RKE2_ARTIFACT_PATH=/where/you/put/stuff,we have to do a reposync on those, and bring them in
is that it? you just need the fapolicy rules, and the tarballs copied over?I think so? not sure what else the installer does that we might need. if we dont need it, then we can copy paste the fapolicyd stuff
c
creamy-pencil-82913
09/19/2023, 12:05 AMYeah, I think your best bet is just to handle it yourself