Install Continuous Delivery in an air-gapped environment

When necessary, you can create an air-gapped bundle from a Bolt project and copy the bundle to the install target. This bundle contains all the images and dependencies needed to install Continuous Delivery on the desired host.

Before you begin:

If your Continuous Delivery host is air-gapped, ensure the following packages are installed (or are available to install with associated dependencies via reposerver accessible to the host) on the host before installing Continuous Delivery:

  • puppet-agent 7.30.0 or later
  • container runtime (e.g.: Docker 26.1.3, or Podman 4.9.4+ (the podman-plugins package is also required and is installed with Podman when using yum))
  • Zip 3.0 or later
  • Logrotate 3.14.0 or later
  • Ruby 2.5.9 or later
Ruby is only required for Bolt versions prior to 3.30.0
  1. Install Bolt version 3.27.4 or later on a Linux jumphost. This can be the intended Continuous Delivery 5.x host, or any other system.
  2. Create the Continuous Delivery Bolt project and switch to that directory.
    mkdir cd4pe-bolt-project 
    cd cd4pe-bolt-project
    bolt project init cd4pe_bolt_project
    If your jumphost is air-gapped, ensure the following images are available to the jumphost under cd4pe-bolt-project/downloads/cd4pe/images before installing Continuous Delivery:
    • https://storage.googleapis.com/cd4pe-images/gcr.io_platform-services-297419_teams-ui_5.y.z.tar.gz
    • https://storage.googleapis.com/cd4pe-images/gcr.io_platform-services-297419_cd4pe_continuous-delivery-for-puppet-enterprise_5.y.z.tar.gz
    • https://storage.googleapis.com/cd4pe-images/gcr.io_estate-reporting_query-service_1.8.16.tar.gz
    • https://storage.googleapis.com/cd4pe-images/bitnami_postgresql_14.7.0.tar.gz
  3. Edit the bolt-project.yaml file’s modules and module-install sections. Replace the version_requirement with the version you wish to install, for example you would use 5.7.0 for the latest version. Change the sections in one of the following ways:
    • If the jumphost can connect to the internet you need to specify the module to install as mentioned and add your Forge API token in authorization_token. Change the modules and module-install sections to:
      # bolt-project.yaml
      modules:
        - name: puppetlabs/cd4peadm
          version_requirement: <version to install>
      
      module-install:
        forge:
           authorization_token: 'Bearer <your API token>'
           baseurl: https://forgeapi.puppet.com
      
    • If the jumphost is also air-gapped, you need to point your dependencies to where you are mirroring the required modules, for example:
      # bolt-project.yaml
      modules:
      - git: https://example.git.com/puppetlabs/puppetlabs-cd4peadm
        ref: 5.y.z
      - git: https://example.git.com/puppetlabs/puppetlabs-apt
        ref: v9.4.0
      - git: https://example.git.com/puppetlabs/puppetlabs-docker
        ref: v9.1.0
      - git: https://example.git.com/puppetlabs/puppetlabs-powershell
        ref: v6.0.0
      - git: https://example.git.com/puppetlabs/ruby-pwsh
        ref: v1.1.1
      - git: https://example.git.com/puppetlabs/puppetlabs-reboot
        ref: v5.0.0
      - git: https://example.git.com/puppetlabs/puppetlabs-stdlib
        ref: v9.6.0
    • Optional: Download module tarballs and use the method outlined in Installing and managing modules from the command line.
  4. Install the cd4peadm module and its dependencies using the command: bolt module install.
  5. Create an inventory.yaml file with the connection information for the host on which Continuous Delivery 5.x is to be installed. For example:
    ---
    groups:
      - name: cd4pe-nodes
        config:
          transport: ssh
          ssh:
            host-key-check: false
            native-ssh: true
            private-key: /path/to/your/private/key
            user: root
        targets:
          - cd4pev5.<yourcompany.com>

    If you are installing on a localhost, use the following inventory.yaml instead:

    ---
    groups:
      - name: cd4pe-nodes
        config:
          transport: local
        targets:
          - uri: localhost

  6. Install Continuous Delivery on the target host using: bolt plan run cd4peadm::install.
Results
You can now log into the application at the resolvable hostname with the admin username and password you provided during the installation.