Requirements
Before you can install DigiCert ONE, you must have a running CentOS7 virtual machine. If you do not have one, this article outlines how to set one up.
VM setup checklist
A VMWare runtime environment
Kubernetes
Helm 3.x
Docker
Rancher
VMWare runtime environment
Before you can install the required tools, make sure that you have...
VMWare runtime (Fusion, Workstation, etc.)
You will need a VMWare runtime environment where you can install your virtual machine. Download and install VMWare runtime from https://www.vmware.com.
CentOS7 VMWare image
You will need a CentOS7 virtual machine image.
Tools
When your environment is set up, you can begin downloading the tools required to install and run DigiCert One on your virtual machine.
Tools checklist
Kubernetes
Helm 3.x
Docker
Rancher
Kubernetes (K8s)
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services. It facilitates both declarative configuration and automation, and has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available.
We will use Kubernetes for our installation of the platform. All the platform managers and resources will be deployed as containers in this environment.
You can install Kubernetes in a variety of ways. These instructions are for the CentOS Yum installation method.
Run the following commands as root. You can also follow the more detailed instructions that include more options.
su cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg EOF
Execute the following command:
sudo yum install -y kubectl
Kubernetes is installed, and you can proceed to installing Helm.
Helm 3.x
Helm is used as a package manager of the Kubernetes cluster, and DigiCert ONE installation scripts have dependencies on this tool. Version 3.x is required for the DigiCert ONE installation.
Download helm: https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz
Unpack it.
tar -zxvf helm-v3.2.1-linux-amd64.tar.gz
Find the helm binary in the unpacked directory, and move it to its desired destination.
sudo cp linux-amd64/helm /usr/local/bin/helm
More detailed Helm installation instructions can be found here: https://helm.sh/docs/intro/install/
Docker
The next component is Docker. Docker is a software platform that allows you to build, test, and deploy applications quickly. Docker packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime. Using Docker, you can quickly deploy and scale applications into any environment and know your code will run.
Complete installation instructions for Docker can be found here: https://docs.docker.com/engine/install/centos/
Remove old versions of Docker. If you used the linuxVMImages.com image, docker is not installed and you can skip this step.
$ sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine
Nota
It's okay if nothing is found, we just want to make sure there are no conflicts.
Install the yum-utils package (which provides the yum-config-manager utility) and set up the stable repository.
$ sudo yum install -y yum-utils $ sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo
Install the latest version of Docker Engine and containers, or go to the next step to install a specific version.
$ sudo yum install docker-ce docker-ce-cli containerd.io # Add your user to the docker group $ sudo usermod -aG docker <Your Username>
Start Docker.
$ sudo systemctl start docker
Verify that Docker Engine is installed correctly by running the hello-world image.
$ sudo docker run hello-world
This command downloads a test image and runs it in a container. When the container runs, it prints an informational message and exits.
Rancher
This is a command-line tool for installing Rancher Kubernetes Engine (RKE): You must install the specific version in the steps below. Once downloaded, you can follow the same instructions for installing the latest version found here: https://rancher.com/docs/rke/latest/en/installation/.
Download the binary https://github.com/rancher/rke/releases/tag/v0.3.2
Copy the RKE binary to a folder in your $PATH and rename it rke
$ mv rke_linux-amd64 rke
Make the RKE binary that you just downloaded executable. Open Terminal and change directory to the location of the RKE binary.
$ chmod +x rke
Confirm that RKE is now executable.
$ rke --version
Move rke into your PATH.
$ sudo cp rke /usr/local/bin/rke
Configure your SSH access. If you don't have a SSH server running, install it with your favorite package manager. If you are using the VM Image from linuxvmimages.com, that means the server is already installed.
Generate SSH authentication keys for the Kubernetes tools to use to communicate with your local machine. Do not set a passphrase.
ssh-keygen cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
Test SSH public key login to the server from the client.
ssh <your-username>@localhost
If you were not asked for a password, SSH public authentication was successful.
Add your user to root group.
usermod -a -G root <your-username>
You are ready to start configuring and running your Kubernetes cluster.