Skip to main content
Version: 3.0

Set up the installation environment

Applicable to both Classic and Federated modes

You must set up the environment before you install Portworx Backup on an on-premise Kubernetes cluster or cloud cluster.

note

Before you begin, decide the Kubernetes namespace where you will install Portworx Backup (for example, central or px-backup). Several steps below reference this namespace as <pxb-namespace>. Having it decided upfront avoids having to revisit earlier steps after install time.

To set up the environment for Portworx Backup installation, follow these steps:

  1. Configure the Kubernetes command-line tool (kubectl) with cluster credentials to run commands for the backup cluster.

  2. Set up the backup cluster administrator privileges with RBAC permissions to create namespaces, deploy applications, and manage cluster-wide resources. The installing user must have sufficient permissions (for example, cluster-admin) to create CRDs, namespaces, service accounts, and role bindings.

  3. Set up Helm on the backup cluster.
    Install Helm 3.x or later package manager on your local machine or bastion host with access to the cluster for managing deployments. For more information, see Helm Setup.

  4. Configure certificates to securely integrate Portworx Backup with TLS-enabled services. For more information, see Configure Certificates.

  5. Configure proxy support for external communication to pass through a proxy server. For more information, see Enable Proxy Support.

  6. (Optional) To use your own Prometheus operator with Portworx Backup, ensure that you add the following argument to Prometheus operator spec (spec.template.spec.containers[0].args), replacing <pxb-namespace> with the namespace you chose above:

    --deny-namespaces=<pxb-namespace>

  7. (Optional) Perform the following observability configurations based on your cluster-type:

  8. (Optional) To install Portworx Backup with Portworx Enterprise, you must first Install Portworx Enterprise, then create the following storage class on your Kubernetes cluster:

    apiVersion: storage.k8s.io/v1
    kind: StorageClass
    metadata:
      name: portworx-sc
    provisioner: pxd.portworx.com
    parameters:
      repl: "3"
    note

    You can skip this step for a standalone installation of Portworx Backup.

  9. (Optional) Enable mutual TLS (mTLS) for Portworx Backup to ensure secure and trusted communication between services within the cluster. For more information, see Enable Mutual TLS.

  10. Configure external OIDC endpoints.
    If you enable an external OIDC during the Portworx Backup installation, you must manually configure the redirect URI in your OIDC provider. See the Setup login redirects section of the Portworx Enterprise documentation for instructions.

  11. (For air-gapped environment only) Pull the required Docker images to your private registry or server. For the complete list of images, including notes on which images to skip if you use your own Prometheus and Alertmanager, see Portworx Backup Image Repositories.

  12. (For air-gapped environment only) Set up a private container registry (an internal container registry) such as Harbor, Nexus, or Docker registry, that cluster nodes can reach to pull container images.
    To pull the Docker images and push them to an internal registry:

    1. Download the pxcentral-ag-install-backup.sh air-gapped bootstrap Portworx Backup install script.

      By default, the script includes only the images for the pxBackup and pxCentral modules. PX-Monitor and PX-License-Server are separate, optional components and their images are not included by default. Append the following query parameters to also mirror those images:

      ScenarioDownload URL
      PX-Backup only (default)https://install.portworx.com/pxcentral-air-gapped?px-backup=true
      PX-Backup + Monitoring + License Serverhttps://install.portworx.com/pxcentral-air-gapped?px-backup=true&px-monitor=true&px-license-server=true
      PX-Backup + Monitoring + License Server (pinned to a specific release)https://install.portworx.com/pxcentral-air-gapped?px-backup=true&px-monitor=true&px-license-server=true&version=3.0.0

      Where:

      • &px-monitor=true: Adds Cortex, Grafana, Prometheus, memcached, memcached-exporter, nginx, and go-dnsmasq images.
      • &px-license-server=true: Adds the PX-License-Server (px-els) image.
      note

      The stork and cmdexecutor images are not part of the PX-Backup air-gap script. They ship with the PX-Enterprise air-gap script (https://install.portworx.com/air-gapped). If you are running PX-Enterprise alongside PX-Backup, these images are already mirrored from the PX-Enterprise script.

      For example, to download the default (PX-Backup only) script:

      curl -o pxcentral-ag-install-backup.sh -L "https://install.portworx.com/pxcentral-air-gapped?px-backup=true"

      To download the full bundle (PX-Backup + Monitoring + License Server):

      curl -o pxcentral-ag-install-backup.sh -L "https://install.portworx.com/pxcentral-air-gapped?px-backup=true&px-monitor=true&px-license-server=true"

      To download the full bundle for a specific release, for example:

      curl -o pxcentral-ag-install-backup.sh -L "https://install.portworx.com/pxcentral-air-gapped?px-backup=true&px-monitor=true&px-license-server=true&version=3.0.0"

    2. Provide execute permission for the install script:

      chmod +x pxcentral-ag-install-backup.sh

    3. Pull the container images to your local setup using the pxcentral-ag-install-backup.sh script:

          ./pxcentral-ag-install-backup.sh pull

    4. Push the images to an internal registry server, accessible by the air-gapped nodes. Replace <repo> with your registry location.

      ./pxcentral-ag-install-backup.sh push <repo>

What to do next

Install Portworx Backup Using Portworx Central or Install Portworx Backup Using Argo CD.

Last updated on