Installing CFM Operator (airgap)

You can install CFM Operator after meeting all prerequisites and installing dependencies, either using the cfmctl CLI tool or Helm.

Complete these steps to install CFM Operator if your Kubernetes cluster does not have internet access, or if you want to install it from a self-hosted registry. Installing CFM Operator installs the applications and resources that enable you to deploy and manage NiFi in Kubernetes.

  • You have a Kubernetes cluster up and runing.
  • You have obtained a license from Cloudera.

  • You have valid credentials to access the required artifact repositories.

  1. Create a secret to access installation images.
    kubectl create secret docker-registry docker-pull-secret \
      --namespace [***NAMESPACE***] \
      --docker-server container.repository.cloudera.com \
      --docker-username [***USERNAME***] \
      --docker-password [***PASSWORD***]
    
  2. Move the installation artifacts to a local registry using the docker pull, docker tag, and docker push commands.
    docker pull container.repository.cloudera.com/cloudera/cfm-operator:[***OPERATOR VERSION***] \
    docker tag container.repository.cloudera.com/cloudera/cfm-operator:[***OPERATOR VERSION***] [***PRIVATE REGISTRY[:PORT]/PATH/TAG:OPERATOR VERSION***] \
    docker push us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator:[***OPERATOR VERSION***]
    
    For example:
    docker pull container.repository.cloudera.com/cloudera/cfm-operator:2.8.0-b94 \
    docker tag container.repository.cloudera.com/cloudera/cfm-operator:2.8.0-b94 us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator:2.8.0-b94 \
    docker push us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator:2.8.0-b94
    For more information on pulling, pushing, and tagging Docker images, see the Docker documentation.
  3. Create a namespace for the operator.
    kubectl create namespace [***CFM OPERATOR NAMESPACE***]
    Replace [***CFM OPERATOR NAMESPACE***] with the desired namespace.
    For example:
    kubectl create namespace cfm-operator-system
  4. Install cert-manager.

    Follow the instructions for installing the cert-manager Operator for RedHat OpenShift.

    helm install cert-manager jetstack/cert-manager \
    --version [***CERT MANAGER VERSION***]\
    --namespace cert-manager \
    --create-namespace \
    --set installCRDs=true
    

    Replace ***CERT MANAGER VERSION***] with the certificate manager version you want to install.

  5. Create image pull secret.
    kubectl create secret docker-registry docker-pull-secret \
      --namespace [***CFM OPERATOR NAMESPACE***] \
      --docker-server [***CONTAINER REGISTRY***] \
      --docker-username [***USERNAME***] \
      --docker-password [***PASSWORD***]
    

    Replace:

    • [***USERNAME***] and [***PASSWORD***] with your internal registry credentials.

    • [***CFM OPERATOR NAMESPACE***] with the desired operator installation namespace, typically cfm-operator-system.

    • Replace [***CONTAINER REGISTRY***] with your internal registry URL.

  6. Optional: Install the cfmctl CLI tool.
    1. Download the CLI tool. Select the version appropriate for your environment..
    2. Copy and run it in the CFM installation directory.
    3. Make the tool executable.
      chmod +x [***CFMCTl FILE***]
      Replace [***CFMCTl FILE***] with the name of the executable file that you have downloaded.

    The cfmctl tool allows you to:

    • Manage your environment

    • Check the current state and existence of prerequisites in an environment

    • Install and uninstall the operator

    • Quickstart install NiFi clusters

    • Perform common configuration tasks using flags, with the ability to provide a helmvalues.yaml file

    • Install using default image location without the need to provide it manually

  7. Install CFM Operator.
    Install CFM Operator using the cfmctl install command:
    $ ./cfmctl install --license [***LICENSE***] \
    --image-repository "[***IMAGE REPOSITORY***]" \
    --image-tag "[***OPERATOR VERSION***]" \
    –values [***VALUES.YAML***] \
    --namespace [***CFM OPERATOR NAMESPACE***]

    Replace

    • [***LICENSE***] with the license file. This flag is mandatory.

    • [***IMAGE REPOSITORY***] Defaults to “container.repository.cloudera.com/cloudera/cfm-operator” unless a Helm values.yaml is provided. This flag is optional.

    • [***OPERATOR TAG***] Defaults to “latest” unless a Helm values.yaml is provided. This flag is optional.

    • [***VALUES.YAML***] with a Helm values.yaml file to supply any variables to the underlying helm chart that is not available through cfmctl command flags. This flag is optional.

    • [***CFM OPERATOR NAMESPACE***] with the desired operator installation namespace. Defaults to cfm-operator-system.

    This command installs the CustomResourceDefinitions and Helm chart for the operator, and starts the operator.

    $ ./cfmctl install --license ./license.txt --image-repository "us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator" --image-tag "2.8.0-b94"
    2024-01-25T14:12:29.684-0800	INFO	cli.install	cmd/install.go:154	installing CRDs
    2024-01-25T14:12:29.684-0800	INFO	cli.install	cmd/install.go:172	installing	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
    2024-01-25T14:12:29.691-0800	INFO	cli.install	cmd/install.go:175	already installed	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
    2024-01-25T14:12:29.695-0800	INFO	cli.install	cmd/install.go:184	updating	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
    2024-01-25T14:12:29.709-0800	INFO	cli.install	cmd/install.go:199	ready	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
    2024-01-25T14:12:29.709-0800	INFO	cli.install	cmd/install.go:172	installing	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
    2024-01-25T14:12:29.721-0800	INFO	cli.install	cmd/install.go:175	already installed	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
    2024-01-25T14:12:29.727-0800	INFO	cli.install	cmd/install.go:184	updating	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
    2024-01-25T14:12:29.757-0800	INFO	cli.install	cmd/install.go:199	ready	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
    2024-01-25T14:12:29.757-0800	INFO	cli.install	cmd/install.go:80	installing chart	{"namespace": "cfm-operator-system"}
    2024-01-25T14:12:30.045-0800	INFO	cli.install.helmclient	cmd/install.go:124	creating 1 resource(s)
    2024-01-25T14:12:30.066-0800	INFO	cli.install.helmclient	cmd/install.go:124	creating 16 resource(s)
    2024-01-25T14:12:30.127-0800	INFO	cli.install.helmclient	cmd/install.go:124	beginning wait for 16 resources with timeout of 10m0s
    2024-01-25T14:12:30.150-0800	INFO	cli.install.helmclient	cmd/install.go:124	Deployment is not ready: cfm-operator-system/cfm-operator. 0 out of 1 expected pods are ready
    2024-01-25T14:13:30.173-0800	INFO	cli.install.helmclient	cmd/install.go:124	Deployment is not ready: cfm-operator-system/cfm-operator. 0 out of 1 expected pods are ready
    2024-01-25T14:14:20.180-0800	INFO	cli.install.helmclient	cmd/install.go:124	Deployment is not ready: cfm-operator-system/cfm-operator. 0 out of 1 expected pods are ready
    2024-01-25T14:14:22.219-0800	INFO	cli.install.helmclient	cmd/install.go:124	release installed successfully: cfm-operator/cfm-operator-0.0.0-dev
    1. Create your license secret.
      kubectl create secret generic cfm-operator-license --from-file=license.txt=[***PATH/TO/LICENSE.TXT***]
      Replace [***PATH/TO/LICENSE.TXT***] with the relative path to the license file
    2. Run Helm install.
      helm install cfm-operator ./charts/cfm-operator \
             --create-namespace \
             --namespace [***CFM OPERATOR NAMESPACE***] \
             --set installCRDs=true \
             --set image.repository=[***IMAGE REPOSITORY***] \
             --set image.tag=[***CFM OPERATOR VERSION***] \
             --set licenseSecret=cfm-operator-license
      
      Replace
      • [***CFM OPERATOR NAMESPACE***] with the desired operator installation namespace, for example "cfm-operator-system".

      • [***IMAGE REPOSITORY***] with your target repository.

      • [***CFM OPERATOR VERSION***] with your desired operator version.

  8. Validate your installation.
    1. Check if CustomResourceDefinitions for NiFi were installed or updated:
      kubectl get crds | grep nifi
      
      nifiregistries.cfm.cloudera.com 2024-01-25T21:31:28Z
      nifis.cfm.cloudera.com 2024-01-25T21:31:29Z
    2. Check if a CFM Operator pod is up and running:
      kubectl get pods -n cfm-operator-system
      
      NAME                            READY   STATUS    RESTARTS   AGE
      cfm-operator-545bfbc96b-sx4jt   2/2     Running   0          18m
      

With the operator installed and running, you can create and manage instances of NiFi and NiFi Registry by manipulating the Kubernetes object definitions.