Single node K3s installation

Below mentioned steps help you to install K3s before proceeding with installing DSPM.
Note:
  • Make sure you have /usr/local/bin configured in your PATH: export PATH=$PATH:/usr/local/bin). All the commands must be executed as root user.
  • Refer to System requirements.
  • For RHEL, K3s needs the following package to be installed: k3s-selinux (repo rancher-k3s-common-stable) and its dependencies container-selinux (repo rhel-8-appstream-rhui-rpms) and policycoreutils-python-utils (repo rhel-8-baseos-rhui-rpms).

Steps

  1. Obtain the download link from Forcepoint Technical Support. Extract the downloaded file: tar -xf gv-platform-$VERSION.tar.
  2. Prepare K3s for air-gap installation: 
    sudo su -
mkdir -p /var/lib/rancher/k3s/agent/images/
gunzip -c assets/k3s-airgap-images-amd64.tar.gz > /var/lib/rancher/k3s/agent/images/airgap-images.tar
cp assets/k3s /usr/local/bin && chmod +x /usr/local/bin/k3s
tar -xzf assets/helm-v3.8.2-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin
  3. Before installation, it is recommended to run automatic checks (as root; PRODUCT_NAME is either “synergy” (endpoint agent) or “dspm“ (dspm without endpoint agent) or “ultimate“ (dspm + endpoint agent). If unsure use “ultimate“): 
    cat scripts/k3s.sh | PRODUCT_NAME=ultimate ONLY_PRECHECK=true bash -
  4. Install K3s: 
    cat scripts/k3s.sh | INSTALL_K3S_SKIP_DOWNLOAD=true K3S_KUBECONFIG_MODE="644" \ 
SKIP_NETWORK_CHECKS=true sh -s - server --node-name=local-01
    Few more arguments that can be used to customize the execution of the k3s script:
    • SKIP_PRECHECK=true to skip the execution of the precheck script while installing k3s service.
    • SKIP_SYSTEM_CHECKS=true to skip the system hardware checking during precheck.
    • SKIP_NETWORK_CHECKS=true to skip the system network connectivity checking during precheck.

    Example:

    cat scripts/k3s.sh | INSTALL_K3S_SKIP_DOWNLOAD=true SKIP_PRECHECK=true K3S_KUBECONFIG_MODE="644" sh -s - server --node-name=local-01
  5. Wait for the 30s and check if K3s is running with the command: 
    kubectl get pods -A and systemctl status k3s.service