Single node K3s installation

Below mentioned steps help you to install K3s before proceeding with installing DSPM.
Note:
  • Make sure you have /usr/local/bin configured in your PATH: export PATH=$PATH:/usr/local/bin). All the commands must be executed as root user.
  • Refer to System requirements.
  • For RHEL, K3s needs the following package to be installed: k3s-selinux (repo rancher-k3s-common-stable) and its dependencies container-selinux (repo rhel-8-appstream-rhui-rpms) and policycoreutils-python-utils (repo rhel-8-baseos-rhui-rpms).

Steps

  1. Obtain the download link from Forcepoint Technical Support. Extract the downloaded file: tar -xf gv-platform-$VERSION.tar.
  2. Prepare K3s for air-gap installation: 
    sudo su -
mkdir -p /var/lib/rancher/k3s/agent/images/
gunzip -c assets/k3s-airgap-images-amd64.tar.gz > /var/lib/rancher/k3s/agent/images/airgap-images.tar
cp assets/k3s /usr/local/bin && chmod +x /usr/local/bin/k3s
tar -xzf assets/helm-v3.8.2-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin
  3. Before installation, it is recommended to run automatic checks (as root; PRODUCT_NAME is either “synergy” (endpoint agent) or “dspm“ (dspm without endpoint agent) or “ultimate“ (dspm + endpoint agent). 
    cat scripts/k3s.sh | PRODUCT_NAME=ultimate ONLY_PRECHECK=true bash -
  4. Install K3s service by running the following command: 
    cat scripts/k3s.sh | INSTALL_K3S_SKIP_DOWNLOAD=true K3S_KUBECONFIG_MODE="644" \ 
SKIP_NETWORK_CHECKS=true sh -s - server --node-name=local-01
    Table 1. Optional K3s Install Script Arguments
    Argument Description
    SKIP_PRECHECK=true Skip all built in checks
    SKIP_SYSTEM_CHECKS=true Skip hardware checks
    ONLY_PRECHECK=true Run precheck only

    Example:

    cat scripts/k3s.sh | INSTALL_K3S_SKIP_DOWNLOAD=true SKIP_PRECHECK=true K3S_KUBECONFIG_MODE="644" sh -s - server --node-name=local-01
  5. Wait for the 30s and check if K3s is running with the command: 
    kubectl get pods -A and systemctl status k3s.service
  6. The step below will deploy the necessary images to the cluster. To import docker images locally: 
    # mkdir /tmp/import
# for f in images/*.gz; do IMG=$(basename "${f}" .gz); gunzip -c "${f}" > /tmp/import/"${IMG}"; done
# for f in /tmp/import/*.tar; do ctr -n=k8s.io images import "${f}"; done