LogoLogo
StackState.comDownloadSupportExplore playground
SUSE Observability
SUSE Observability
  • SUSE Observability docs!
  • Docs for all SUSE Observability products
  • 🚀Get started
    • Quick start guide
    • SUSE Observability walk-through
    • SUSE Rancher Prime
      • Air-gapped
      • Agent Air-gapped
    • SUSE Cloud Observability
  • 🦮Guided troubleshooting
    • What is guided troubleshooting?
    • YAML Configuration
    • Changes
    • Logs
  • 🚨Monitors and alerts
    • Monitors
    • Out of the box monitors for Kubernetes
    • Notifications
      • Configure notifications
      • Notification channels
        • Slack
        • Teams
        • Webhook
        • Opsgenie
      • Troubleshooting
    • Customize
      • Add a monitor using the CLI
      • Derived State monitor
      • Override monitor arguments
      • Write a remediation guide
  • 📈Metrics
    • Explore Metrics
    • Custom charts
      • Adding custom charts to components
      • Writing PromQL queries for representative charts
      • Troubleshooting custom charts
    • Advanced Metrics
      • Grafana Datasource
      • Prometheus remote_write
      • OpenMetrics
  • 📑Logs
    • Explore Logs
    • Log Shipping
  • 🔭Traces
    • Explore Traces
  • 📖Health
    • Health synchronization
    • Send health data over HTTP
      • Send health data
      • Repeat Snapshots JSON
      • Transactional Increments JSON
    • Debug health synchronization
  • 🔍Views
    • Kubernetes views
    • Custom views
    • Component views
    • Explore views
    • View structure
      • Overview perspective
      • Highlights perspective
      • Topology perspective
      • Events perspective
      • Metrics perspective
      • Traces perspective
      • Filters
      • Keyboard shortcuts
    • Timeline and time travel
  • 🕵️Agent
    • Network configuration
      • Proxy Configuration
    • Using a custom registry
    • Custom Secret Management
      • Custom Secret Management (Deprecated)
    • Request tracing
      • Certificates for sidecar injection
  • 🔭Open Telemetry
    • Overview
    • Getting started
      • Concepts
      • Kubernetes
      • Kubernetes Operator
      • Linux
      • AWS Lambda
    • Open telemetry collector
      • Sampling
      • SUSE Observability OTLP APIs
    • Instrumentation
      • Java
      • Node.js
        • Auto-instrumentation of Lambdas
      • .NET
      • SDK Exporter configuration
    • Troubleshooting
  • CLI
    • SUSE Observability CLI
  • 🚀Self-hosted setup
    • Install SUSE Observability
      • Requirements
      • Kubernetes / OpenShift
        • Kubernetes install
        • OpenShift install
        • Alibaba Cloud ACK install
        • Required Permissions
        • Override default configuration
        • Configure storage
        • Exposing SUSE Observability outside of the cluster
      • Initial run guide
      • Troubleshooting
        • Advanced Troubleshooting
        • Support Package (Logs)
    • Configure SUSE Observability
      • Slack notifications
      • E-mail notifications
      • Stackpacks
      • Advanced
        • Analytics
    • Release Notes
      • v2.0.0 - 11/Sep/2024
      • v2.0.1 - 18/Sep/2024
      • v2.0.2 - 01/Oct/2024
      • v2.1.0 - 29/Oct/2024
      • v2.2.0 - 09/Dec/2024
      • v2.2.1 - 10/Dec/2024
      • v2.3.0 - 30/Jan/2025
      • v2.3.1 - 17/Mar/2025
      • v2.3.2 - 22/Apr/2025
      • v2.3.3 - 07/May/2025
    • Upgrade SUSE Observability
      • Migration from StackState
      • Steps to upgrade
      • Version-specific upgrade instructions
    • Uninstall SUSE Observability
    • Air-gapped
      • SUSE Observability air-gapped
      • SUSE Observability Kubernetes Agent air-gapped
    • Data management
      • Backup and Restore
        • Kubernetes backup
        • Configuration backup
      • Data retention
      • Clear stored data
    • Security
      • Authentication
        • Authentication options
        • Single password
        • File-based
        • LDAP
        • Open ID Connect (OIDC)
          • Microsoft Entra ID
        • KeyCloak
        • Service tokens
        • Troubleshooting
      • RBAC
        • Role-based Access Control
        • Permissions
        • Roles
        • Scopes
      • Self-signed certificates
      • External secrets
  • 🔐Security
    • Service Tokens
    • API Keys
  • ☁️SaaS
    • User Management
  • Reference
    • SUSE Observability Query Language (STQL)
    • Chart units
    • Topology Identifiers
Powered by GitBook
LogoLogo

Legal notices

  • Privacy
  • Cookies
  • Responsible disclosure
  • SOC 2/SOC 3
On this page
  • Prerequisites
  • On the Local Host (Internet Access)
  • On the Private Network Host
  • Preparing the Docker Images and Helm Chart
  • Copying the Required Files to the Remote Host
  • Restoring Docker Images from the Archive to the Private Registry
  • Installing SUSE Observability Agent
  1. Get started
  2. SUSE Rancher Prime

Agent Air-gapped

SUSE Observability

PreviousAir-gappedNextSUSE Cloud Observability

Last updated 7 months ago

This document provides a step-by-step guide for installing the SUSE Observability Agent using Helm charts in an air-gapped environment. The installation process involves preparing the necessary Docker images and Helm chart on a host with internet access, transferring them to a host within a private network, uploading Docker images to a private registry, and deploying the Helm charts.

Prerequisites

On the Local Host (Internet Access)

  • Operating System: Linux or MacOS

  • Tools Installed:

    • Scripts for downloading Docker images from the source registry (links will be provided later in the guide).

  • Internet Access: Required to pull Docker images from Quay.io and Helm charts from ChartMuseum.

On the Private Network Host

  • Access: SSH access to the host.

  • Tools Installed:

    • Scripts for downloading Docker images from the source registry (links will be provided later in the guide).

    • Network access and credentials to upload images to a private Docker registry.

    • A configured Kubeconfig to install the Helm charts on the target clusters.

Preparing the Docker Images and Helm Chart

Run the following commands on the local host to obtain the necessary Docker images and Helm charts:

Adding Helm Repositories to the Local Helm Cache:

# Adding the Helm repository for the SUSE Observability Agent
helm repo add suse-observability https://charts.rancher.com/server-charts/prime/suse-observability
helm repo update

Fetching the Latest Version of the Chart

The following command will download a TGZ archive of the chart from the Helm repository:

# Downloading the chart for the SUSE Observability Agent
# The file will be named stackstate-agent-X.Y.Z.tgz
helm fetch suse-observability/suse-observability-agent

Getting the Bash scripts to save Docker images.

# o11y-agent-get-images.sh
curl -LO https://raw.githubusercontent.com/StackVista/helm-charts/master/stable/suse-observability-agent/installation/o11y-agent-get-images.sh
# o11y-agent-save-images.sh
curl -LO https://raw.githubusercontent.com/StackVista/helm-charts/master/stable/suse-observability-agent/installation/o11y-agent-save-images.sh

# Make the scripts executable
chmod a+x o11y-agent-get-images.sh o11y-agent-save-images.sh

Extracting and Saving Docker Images

# Extract the list of images from the Helm chart and save it to a file.
./o11y-agent-get-images.sh -f suse-observability-agent-X.Y.Z.tgz > o11y-agent-images.txt

Replace suse-observability-agent-X.Y.Z.tgz with the actual filename of the chart archive downloaded earlier.*

# Save Docker images to an archive.
# The script expects the file o11y-agent-images.txt to contain the list of images used by the SUSE Observability Agent.
# The Docker images will be saved to o11y-agent-images.tar.gz.
./o11y-agent-save-images.sh -i o11y-agent-images.txt -f o11y-agent-images.tar.gz

Copying the Required Files to the Remote Host

The following files have to be copied from the local host to the host in the private network:

  • o11y-agent-images.txt (List of images required by the SUSE Observability Agent chart)

  • o11y-agent-images.tar.gz (An archive with the SUSE Observability Agent's Docker images)

  • Helm charts downloaded earlier:

    • suse-observability-agent-X.Y.Z.tgz

Restoring Docker Images from the Archive to the Private Registry

Uploading the images to the private registry:

# Load Docker images from the archive and push them to the private registry.
# Replace <private-registry> with your private registry's URL.
export DST_REGISTRY_USERNAME="..."
export DST_REGISTRY_PASSWORD="..."
./o11y-agent-load-images.sh -d registry.example.com:5043 -i o11y-agent-images.txt -f o11y-agent-images.tar.gz

Note: if the destination registry doesn't use authentication the environment variables, DST_REGISTRY_USERNAME and DST_REGISTRY_PASSWORD must not be configured or have to be set to empty values.

Installing SUSE Observability Agent

The command to install the SUSE Observability Agent has to be received from SUSE Observability UI. Log in to your instance and in the left-side menu choose the Stackpacks. Press ADD NEW INSTANCE and fill in the name of the cluster. For correct integration with Rancher it has to be the same as the cluster name in the Rancher UI.

When an instance is added, the UI will provide the instructions how the Helm chart can be deployed. Scroll down to the Self-hosted section and copy helm upgrade ... command

The command has to be updated for the air-gapped installation:

  • Overriding the image registry with all.image.registry value.

  • Using the archive with the Helm chart instead of the Helm repository. suse-observability/suse-observability-agent -> ./suse-observability-agent-X.Y.Z.tgz

Run the command to install the SUSE Observability Agent

helm upgrade --install \
--namespace suse-observability \
--create-namespace \
--set-string 'stackstate.apiKey'='<api-key>' \
--set-string 'stackstate.cluster.name'='<cluster-name>' \
--set-string 'stackstate.url'='https://...' \
--set 'nodeAgent.skipKubeletTLSVerify'=true \
--set-string 'all.image.registry'='registry.acme.com:5000' \
--set-string 'global.imageRegistry'='registry.acme.com:5000' \
--set-string 'global.skipSslValidation'=true \
suse-observability-agent ./suse-observability-agent-X.Y.Z.tgz

Validating the Deployment

kubectl get pod -n stackstate

(Bash script to upload Docker images to a registry)

🚀
Docker
Helm cli
Docker
Helm cli
o11y-agent-load-images.sh
Adding New Agent
Getting Helm Install Command