Install Continuous Delivery in an air-gapped environment

When necessary, you can create an air-gapped bundle from a Bolt project and copy the bundle to the install target. This bundle contains all the images and dependencies needed to install Continuous Delivery on the desired host.

Before you begin:

If your Continuous Delivery host is air-gapped, ensure the following packages are installed (or are available to install with associated dependencies via reposerver accessible to the host) on the host before installing Continuous Delivery:

  • puppet-agent 7.30.0 or later
  • container runtime (e.g.: Docker 26.1.3, or Podman 4.9.4+ (the podman-plugins package is also required and is installed with Podman when using yum))
  • Zip 3.0 or later
  • Logrotate 3.14.0 or later
  • Ruby 2.5.9 or later
Ruby is only required for Bolt versions prior to 3.30.0
  1. Install Bolt version 3.27.4 or later on a Linux jumphost. This can be the intended Continuous Delivery 5.x host, or any other system.
  2. Create the Continuous Delivery Bolt project and switch to that directory.
    Copy
    mkdir cd4pe-bolt-project 
    cd cd4pe-bolt-project
    bolt project init cd4pe_bolt_project
    If your jumphost is air-gapped, ensure the following images are available to the jumphost under cd4pe-bolt-project/downloads/cd4pe/images before installing Continuous Delivery:
    • https://storage.googleapis.com/cd4pe-images/gcr.io_platform-services-297419_teams-ui_5.9.0.tar.gz
    • https://storage.googleapis.com/cd4pe-images/gcr.io_platform-services-297419_cd4pe_continuous-delivery-for-puppet-enterprise_5.9.0.tar.gz
    • https://storage.googleapis.com/cd4pe-images/gcr.io_platform-services-297419_query-service_5.9.0.tar.gz
    • https://storage.googleapis.com/cd4pe-images/gcr.io_platform-services-297419_cd4pe-postgresql_5.9.0.tar.gz
  3. Edit the bolt-project.yaml file’s modules and module-install sections. Replace the version_requirement with the version you wish to install, for example you would use 5.9.0 for the latest version. Change the sections in one of the following ways:
    • If the jumphost can connect to the internet you need to specify the module to install as mentioned and add your Forge API token in authorization_token. Change the modules and module-install sections to:
      Copy
      # bolt-project.yaml
      modules:
        - name: puppetlabs/cd4peadm
          version_requirement: <version to install>

      module-install:
        forge:
           authorization_token: 'Bearer <your API token>'
           baseurl: https://forgeapi.puppet.com
    • If the jumphost is also air-gapped, you need to point your dependencies to where you are mirroring the required modules, for example:
      Copy

      # bolt-project.yaml
      modules:
      - git: https://example.git.com/puppetlabs/puppetlabs-cd4peadm
        ref: 5.y.z
      - git: https://example.git.com/puppetlabs/puppetlabs-apt
        ref: v9.4.0
      - git: https://example.git.com/puppetlabs/puppetlabs-docker
        ref: v9.1.0
      - git: https://example.git.com/puppetlabs/puppetlabs-powershell
        ref: v6.0.0
      - git: https://example.git.com/puppetlabs/ruby-pwsh
        ref: v1.1.1
      - git: https://example.git.com/puppetlabs/puppetlabs-reboot
        ref: v5.0.0
      - git: https://example.git.com/puppetlabs/puppetlabs-stdlib
        ref: v9.6.0
    • Optional: Download module tarballs and use the method outlined in Installing and managing modules from the command line.
  4. Install the cd4peadm module and its dependencies using the command: bolt module install.
  5. Create an inventory.yaml file with the connection information for the host on which Continuous Delivery 5.x is to be installed. Do not install Continuous Delivery on the same host you've installed Puppet Enterprise on. For example:
    Copy
    ---
    groups:
      - name: cd4pe-nodes
        config:
          transport: ssh
          ssh:
            host-key-check: false
            native-ssh: true
            private-key: /path/to/your/private/key
            user: root
        targets:
          - cd4pev5.<yourcompany.com>

    If you are installing on a localhost, use the following inventory.yaml instead:

    Copy
    ---
    groups:
      - name: cd4pe-nodes
        config:
          transport: local
        targets:
          - uri: localhost
  6. Install Continuous Delivery on the target host using: bolt plan run cd4peadm::install.
Results
You can now log into the application at the resolvable hostname with the admin username and password you provided during the installation.