Skip to main content

Requirements

Before you can install DigiCert ONE, you must have a running CentOS7 virtual machine. If you do not have one, this article outlines how to set one up.

VM setup checklist

  • A VMWare runtime environment

  • Kubernetes

  • Helm 3.x

  • Docker

  • Rancher

VMWare runtime environment

Before you can install the required tools, make sure that you have...

  • VMWare runtime (Fusion, Workstation, etc.)

    You will need a VMWare runtime environment where you can install your virtual machine. Download and install VMWare runtime from https://www.vmware.com.

  • CentOS7 VMWare image

    You will need a CentOS7 virtual machine image.

Tools

When your environment is set up, you can begin downloading the tools required to install and run DigiCert One on your virtual machine.

Tools checklist

  • Kubernetes

  • Helm 3.x

  • Docker

  • Rancher

Kubernetes (K8s)

Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services. It facilitates both declarative configuration and automation, and has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available.

We will use Kubernetes for our installation of the platform. All the platform managers and resources will be deployed as containers in this environment.

You can install Kubernetes in a variety of ways. These instructions are for the CentOS Yum installation method.

  1. Run the following commands as root. You can also follow the more detailed instructions that include more options.

    su
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

  2. Execute the following command:

    sudo yum install -y kubectl

Kubernetes is installed, and you can proceed to installing Helm.

Helm 3.x

Helm is used as a package manager of the Kubernetes cluster, and DigiCert ONE installation scripts have dependencies on this tool. Version 3.x is required for the DigiCert ONE installation.

  1. Download helm: https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz

  2. Unpack it.

    tar -zxvf helm-v3.2.1-linux-amd64.tar.gz

  3. Find the helm binary in the unpacked directory, and move it to its desired destination.

    sudo cp linux-amd64/helm /usr/local/bin/helm

More detailed Helm installation instructions can be found here: https://helm.sh/docs/intro/install/

Docker

The next component is Docker. Docker is a software platform that allows you to build, test, and deploy applications quickly. Docker packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime. Using Docker, you can quickly deploy and scale applications into any environment and know your code will run.

Complete installation instructions for Docker can be found here: https://docs.docker.com/engine/install/centos/

  1. Remove old versions of Docker. If you used the linuxVMImages.com image, docker is not installed and you can skip this step.

    $ sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

    Nota

    It's okay if nothing is found, we just want to make sure there are no conflicts.

  2. Install the yum-utils package (which provides the yum-config-manager utility) and set up the stable repository.

    $ sudo yum install -y yum-utils

$ sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo

  3. Install the latest version of Docker Engine and containers, or go to the next step to install a specific version.

    $ sudo yum install docker-ce docker-ce-cli containerd.io
# Add your user to the docker group
$ sudo usermod -aG docker <Your Username>

  4. Start Docker.

    $ sudo systemctl start docker

  5. Verify that Docker Engine is installed correctly by running the hello-world image.

    $ sudo docker run hello-world

    This command downloads a test image and runs it in a container. When the container runs, it prints an informational message and exits.

Rancher

This is a command-line tool for installing Rancher Kubernetes Engine (RKE): You must install the specific version in the steps below. Once downloaded, you can follow the same instructions for installing the latest version found here: https://rancher.com/docs/rke/latest/en/installation/.

  1. Download the binary https://github.com/rancher/rke/releases/tag/v0.3.2

  2. Copy the RKE binary to a folder in your $PATH and rename it rke

    $ mv rke_linux-amd64 rke

  3. Make the RKE binary that you just downloaded executable. Open Terminal and change directory to the location of the RKE binary.

    $ chmod +x rke

  4. Confirm that RKE is now executable.

    $ rke --version

  5. Move rke into your PATH.

    $ sudo cp rke /usr/local/bin/rke

  6. Configure your SSH access. If you don't have a SSH server running, install it with your favorite package manager. If you are using the VM Image from linuxvmimages.com, that means the server is already installed.

    1. Generate SSH authentication keys for the Kubernetes tools to use to communicate with your local machine. Do not set a passphrase.

      ssh-keygen
cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

    2. Test SSH public key login to the server from the client.

      ssh <your-username>@localhost

      If you were not asked for a password, SSH public authentication was successful.

  7. Add your user to root group.

    usermod -a -G root <your-username>

You are ready to start configuring and running your Kubernetes cluster.

Nesta secção: