Skip to main content
Version: 2.9

Install on Air-gapped Environments

This topic explains how you can prepare your clusters in an air-gapped environment and install Portworx Backup on-premises.

For installation through Argo CD, refer to Argo CD installation topic.

Prepare air-gapped environments

If your cluster is internet-connected, skip this section. If your cluster is air-gapped, you must pull the below Docker images to either your docker registry or your server. If you are using your own Prometheus and Alertmanager with Portworx Backup, you do not have to pull the last four images from the following list:

ImageImage pathVersion
pxcentralOnpremApidocker.io/portworx/pxcentral-onprem-api2.9.1
pxcentralOnpremUiFrontenddocker.io/portworx/pxcentral-onprem-ui-frontend2.9.1
pxcentralOnpremUiBackenddocker.io/portworx/pxcentral-onprem-ui-backend2.9.1
pxcentralOnpremUiLhbackenddocker.io/portworx/pxcentral-onprem-ui-lhbackend2.9.1
pxcentralOnpremPreSetupdocker.io/portworx/pxcentral-onprem-hook2.9.1
pxcentralOnpremPostSetupdocker.io/portworx/pxcentral-onprem-post-setup2.9.1
pxBackupdocker.io/portworx/px-backup2.9.1
postgresqldocker.io/portworx/postgresql17.4.0-debian-12-r19
keycloakdocker.io/portworx/keycloak26.2.4
keycloakLoginThemedocker.io/portworx/keycloak-login-theme2.9.1
busyboxdocker.io/portworx/busybox1.35.0
mysqldocker.io/portworx/mysql8.0.40
mongodbdocker.io/portworx/mongodb8.0.9-debian-12-r1
mongodb7docker.io/portworx/mongodb7.0.15-debian-12-r2
mongodb6docker.io/portworx/mongodb6.0.13-debian-11-r21
mongodb5docker.io/portworx/mongodb5.0.24-debian-11-r20
kopiaExecutordocker.io/portworx/kopiaexecutor1.2.20
nfsExecutordocker.io/portworx/nfsexecutor1.2.20
filesystemCtldocker.io/portworx/filesystemctl1.2.20
pxBackupPrometheusImagedocker.io/portworx/prometheusv3.3.1
pxBackupAlertmanagerImagedocker.io/portworx/alertmanagerv0.28.0
pxBackupPrometheusOperatorImagedocker.io/portworx/prometheus-operatorv0.82.1
pxBackupPrometheusConfigReloaderImagedocker.io/portworx/prometheus-config-reloaderv0.82.1
pxLicenseServerdocker.io/portworx/px-els2.8.0
note
  1. Refer to the Install Stork in air-gapped environments section to know more about the Stork and other openstorage images in your air-gapped environment, before installing Portworx Backup.
  2. If your application cluster is running in the IBM Cloud environment, ensure that the image repository path is set to icr.io/ext/portworx/stork:<supported-pxb-stork-version> before applying the stork-spec.yaml during Stork installation (without PXE).

To pull the above Docker images and push them to an internal registry:

  1. Download the pxcentral-ag-install-backup.sh air-gapped bootstrap Portworx Backup install script.

    curl -o pxcentral-ag-install-backup.sh -L "https://install.portworx.com/pxcentral-air-gapped?px-backup=true"

    You can also download the install script for a specific release by specifying a version query. For example:

    curl -o pxcentral-ag-install-backup.sh -L "https://install.portworx.com/pxcentral-air-gapped?version=2.9.1&px-backup=true"

  2. Provide execute permission for the install script:

    chmod +x pxcentral-ag-install-backup.sh

  3. Pull the container images to your local setup using the pxcentral-ag-install-backup.sh script:

     ./pxcentral-ag-install-backup.sh pull

  4. Push the images to a internal registry server, accessible by the air-gapped nodes. Replace <repo> with your registry location.

    ./pxcentral-ag-install-backup.sh push <repo>

  5. Access Portworx Central specgen.

  6. From the home page, navigate to Backup Services under Explore our Products.

  7. Click on I agree to EULA and go through the Portworx Products Terms of Use carefully.

  8. Navigate back to the Portworx Central portal and click Start Free Trial.

  9. In the Spec Details provide the following values:

    1. Release Information

    • Backup Version: select the required version of Portworx Backup from the drop-down list

    • Namespace: provide the name of the namespace where you want an instance of Portworx Backup to be installed

    • Select your environment: choose On-Premises or Cloud based on your storage environment

    1. Configuration

    • StorageClass Name: name of the StorageClass, refer tooltip for more details

    • Use your OIDC: select this checkbox only if your external authorization provider is Auth0 and key in the following fields:

      • Endpoint
      • Client ID
      • Client Secret

      These values can be fetched from the Auth0 web console. For more information on integrating external authorization providers, refer to Integrate Auth Providers

    • Use existing Prometheus: select this checkbox if you have to use your existing Prometheus stack to monitor Portworx Backup and enter the values for the following fields:

      • Prometheus Endpoint: enter details of the endpoint where your Prometheus is installed
      • Alertmanager Endpoint: enter details of the endpoint where your Alertmanager is installed
      • Prometheus secret name: enter secret name of your Prometheus stack
      • Alertmanager secret name: enter secret name of your Alertmanager
      • Use Custom email template from PX-Backup: select to upload Portworx Backup's custom email template to your pre-configured Alertmanager for email notifications

    • Proxy Configuration: select this checkbox if you have proxy server configured in your environment and enter the values for the following fields:

      • Unathenticated: choose this if you have unathenticated proxy server
        • HTTP Proxy: proxy server URL for http proxy
        • HTTPS Proxy: proxy server URL for https proxy
        • NO PROXY: comma separated list of hostnames IPs or domains that should bypass the proxy settings
      • Authenticated/CA: choose this option if your cluster is behind a proxy server with authentication or CA
        • Proxy configuration secret: name of the kubernetes proxy configuration secret created in pxb namespace holding the proxy configuration

    • Use custom registry: for air-gapped environments

      • Custom Image Repository Location: path of custom image repository
      • Image Pull Secret(s): create a secret in the following cases:
        • If image pulling from an internal repository requires credentials
        • If you were using docregistry-secret

  10. Click Next to navigate to Finish tab.

  11. In the Finish tab:

    • Step 1:

      • Execute the below command to add and then update helm repo:

        helm repo add portworx http://charts.portworx.io/ && helm repo update

    • Step 2:

      • Click values-px-central.yaml file to download the default options.

  12. From the instance where you run the helm3 command:

    • Download the latest px-central package with the following command:

      curl -O https://raw.githubusercontent.com/portworx/helm/master/stable/px-central-2.9.1.tgz

    • Modify the Helm command generated from second option of Step 2 (of Portworx Backup web console) to provide the helm package, instead of providing the repository. For example:

      helm install px-central portworx/px-central --namespace <pxb-namespace> --create-namespace --version 2.9.1 -f values-px-central.yaml

    Following is the modified command for air-gapped environment using the downloaded helm package:

    helm install px-central px-central-.tgz --namespace <pxb-namespace> --create-namespace --version 2.9.1 -f values-px-central.yaml
    1. Click Finish after you complete the installation through CLI way. You can find more information about the Portworx Backup Helm chart in the helm section.