Install PX-Central on-premises


You can install PX-Central on-premises on any Kubernetes cluster using Helm charts, as long as your cluster meets the prerequisites.

Prerequisites

  • A Kubernetes cluster consisting of the following:

    • 3 worker nodes
    • 4 CPU cores
    • 8 GB of memory
    • A minimum of 1 disk with 100 GB, ideally 2 disks on each node with at least 100 GB each
    • Kubernetes version 1.20.x and below
    • If you want to use Portworx for the PX-Central installation and your Kubernetes cluster does not contain Portworx, ensure a minimum of 50 GB disk space is available on the /root file system.
    • If you use an external OIDC provider, then you must use certificates signed by a trusted certificate authority.
    • Helm
  • For internet-connected clusters, ensure the following ports are open:

    Port Component Purpose Incoming/Outgoing
    31241 PX-Central-Keycloak Access user auth token Incoming
    7070 License server License validation Outgoing
  • GKE clusters support Ubuntu OS only.

NOTE:

  • PX-Central supports Kubernetes version 1.18.3 and above. If you install PX-Central on Kubernetes version 1.18.2 or below, then Kubernetes does not proxy the service name to the pod resulting in service reachability errors.
  • You can install PX-Central on a Kubernetes cluster that is already running Portworx, or on a fresh Kubernetes cluster that does not contain Portworx.
  • If you also want to install the monitoring service component, you need at least 8 CPU cores and 16 GB of memory.

Prepare air-gapped environments

If your cluster is internet-connected, skip this section. If your cluster is air-gapped, you must pull the PX-Central and related Docker images to either your Docker registry or directly onto your nodes.

  1. Create a kube_version environment variable, and assign your Kubernetes version to it.

    kube_version=`kubectl version --short | awk -Fv '/Server Version: / {print $3}'`
  2. Pull the following required Docker images onto your air-gapped environment.

    • docker.io/portworx/pxcentral-onprem-api:2.0.1
    • docker.io/portworx/pxcentral-onprem-ui-frontend:2.0.1
    • docker.io/portworx/pxcentral-onprem-ui-backend:2.0.1
    • docker.io/portworx/pxcentral-onprem-ui-lhbackend:2.0.1
    • docker.io/portworx/pxcentral-onprem-post-setup:2.0.1
    • docker.io/portworx/postgresql:11.7.0-debian-10-r9
    • docker.io/portworx/keycloak:14.0.0
    • docker.io/portworx/keycloak-login-theme:2.0.1
    • docker.io/portworx/busybox:1.31
    • docker.io/portworx/mysql:5.7.22

Push Docker images to internal registry

To pull the above Docker images and push them to an internal registry:

  1. Download the pxcentral-ag-install-central.sh air-gapped bootstrap PX-Central install script.

    curl -o pxcentral-ag-install-central.sh -L https://install.portworx.com/pxcentral-air-gapped

    You can also download the install script for a specific release by specifying a version query. For example:

    curl -o pxcentral-ag-install-central.sh -L https://install.portworx.com/pxcentral-air-gapped?version=2.0.1
  2. Pull the container images using the pxcentral-ag-install-central.sh script.

    ./pxcentral-ag-install-central.sh pull
  3. Push the images to a local registry server accessible by the air-gapped nodes. Replace <repo> with your registry location.

    ./pxcentral-ag-install-central.sh push <repo>

Install PX-Central on-premises alone

  1. If you install PX-Central alone – without Portworx Enterprise – skip this step. If you do want to install PX-Central with Portworx Enterprise, then install Portworx and create the following storage class on your Kubernetes cluster.

    kind: StorageClass
    apiVersion: storage.k8s.io/v1
    metadata:
        name: portworx-sc
    provisioner: kubernetes.io/portworx-volume
    parameters:
        repl: "3"
  2. Generate the install spec using the License Server and Monitoring spec generator.

    If you use Portworx to install PX-Central alone, select the Use storage class checkbox under the Configuration section of the Spec Details tab. In the Storage Class Name text box, enter the name of the storage class you created in the previous step.

    If your cluster is air-gapped, select the Use custom registry checkbox under the *Custom Registry section, and enter the following information:

    • Custom Registry: The hostname of your custom registry
    • Image Repository: The path to the required Docker images
    • Image Pull Secret(s) (optional): A comma-separated list of your image pull secrets.
  3. Using Helm, add the Portworx Enterprise repository to your cluster and update it.

    helm repo add <repo-name> portworx http://charts.portworx.io/ && helm repo update
  4. Install PX-Central alone using either the --set flag or the values.yml file provided in the Step 2 section of the Complete tab of the spec generator.

  5. Monitor the installation status.

    kubectl get po --namespace px-backup -ljob-name=pxcentral-post-install-hook  -o wide | awk '{print $1, $3}' | grep -iv error

    Note: If you use your Kubernetes master IP as the Keycloak endpoint, then run the following command on all worker nodes:

     sudo iptables -P FORWARD ACCEPT

This enables port forwarding using iptables, making the NodePort service accessible through the master endpoint.

Configure external OIDC endpoints

If you enabled an external OIDC during PX-Central installation, then manually configure the redirect URI in your OIDC provider. For the configuration procedure, refer Set up login redirects.


Last edited: Thursday, Oct 7, 2021