Installing CFM Operator (airgap)

You can install CFM Operator after meeting all prerequisites and installing dependencies, either using the cfmctl CLI tool or Helm.

Complete these steps to install CFM Operator if your Kubernetes cluster does not have internet access, or if you want to install it from a self-hosted registry. Installing CFM Operator installs the applications and resources that enable you to deploy and manage NiFi in Kubernetes.

You have a Kubernetes cluster up and runing.
You have obtained a license from Cloudera.
You have valid credentials to access the required artifact repositories.

Create a secret to access installation images.

kubectl create secret docker-registry docker-pull-secret \
  --namespace [***NAMESPACE***] \
  --docker-server container.repository.cloudera.com \
  --docker-username [***USERNAME***] \
  --docker-password [***PASSWORD***]

Move the installation artifacts to a local registry using the docker pull, docker tag, and docker push commands.

docker pull container.repository.cloudera.com/cloudera/cfm-operator:[***OPERATOR VERSION***] \
docker tag container.repository.cloudera.com/cloudera/cfm-operator:[***OPERATOR VERSION***] [***PRIVATE REGISTRY[:PORT]/PATH/TAG:OPERATOR VERSION***] \
docker push [***PATH TO SELF-HOSTED REGISTRY***]/cfm-operator:[***OPERATOR VERSION***]

For example:

docker pull container.repository.cloudera.com/cloudera/cfm-operator:2.8.0-b94 \
docker tag container.repository.cloudera.com/cloudera/cfm-operator:2.8.0-b94 us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator:2.8.0-b94 \
docker push us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator:2.8.0-b94

For more information on pulling, pushing, and tagging Docker images, see the Docker documentation.

Create a namespace for the operator.
```
kubectl create namespace [***CFM OPERATOR NAMESPACE***]
```
Replace [***CFM OPERATOR NAMESPACE***] with the desired namespace.
For example:
```
kubectl create namespace cfm-operator-system
```
Install cert-manager.
- OpenShift
- Helm
Follow the instructions for installing the cert-manager Operator for RedHat OpenShift.
helm install cert-manager jetstack/cert-manager \ --version [***CERT MANAGER VERSION***]\ --namespace cert-manager \ --create-namespace \ --set installCRDs=true

Replace ***CERT MANAGER VERSION***] with the certificate manager version you want to install.

note

For CFM Operator there is no specific version requirement.
Create image pull secret.
```
kubectl create secret docker-registry docker-pull-secret \
  --namespace [***CFM OPERATOR NAMESPACE***] \
  --docker-server [***CONTAINER REGISTRY***] \
  --docker-username [***USERNAME***] \
  --docker-password [***PASSWORD***]
```
Replace:
- [***USERNAME***] and [***PASSWORD***] with your internal registry credentials.
- [***CFM OPERATOR NAMESPACE***] with the desired operator installation namespace, typically cfm-operator-system.
- Replace [***CONTAINER REGISTRY***] with your internal registry URL.
Optional: Install the cfmctl CLI tool.
1. Download the CLI tool. Select the version appropriate for your environment..
2. Copy and run it in the CFM installation directory.
3. Make the tool executable.
```
chmod +x [***CFMCTl FILE***]
```
  Replace [***CFMCTl FILE***] with the name of the executable file that you have downloaded.
The cfmctl tool allows you to:
- Manage your environment
- Check the current state and existence of prerequisites in an environment
- Install and uninstall the operator
- Quickstart install NiFi clusters
- Perform common configuration tasks using flags, with the ability to provide a helmvalues.yaml file
- Install using default image location without the need to provide it manually

Install CFM Operator.

cfmctl
Helm

Install CFM Operator using the cfmctl install command:

$ ./cfmctl install --license [***LICENSE***] \
--image-repository "[***IMAGE REPOSITORY***]" \
--image-tag "[***OPERATOR VERSION***]" \
–values [***VALUES.YAML***] \
--namespace [***CFM OPERATOR NAMESPACE***]

Replace

[***LICENSE***] with the license file. This flag is mandatory.
[***IMAGE REPOSITORY***] Defaults to “container.repository.cloudera.com/cloudera/cfm-operator” unless a Helm values.yaml is provided. This flag is optional.
[***OPERATOR TAG***] Defaults to “latest” unless a Helm values.yaml is provided. This flag is optional.
[***VALUES.YAML***] with a Helm values.yaml file to supply any variables to the underlying helm chart that is not available through cfmctl command flags. This flag is optional.
[***CFM OPERATOR NAMESPACE***] with the desired operator installation namespace. Defaults to cfm-operator-system.

This command installs the CustomResourceDefinitions and Helm chart for the operator, and starts the operator.

$ ./cfmctl install --license ./license.txt --image-repository "us-central1-docker.pkg.dev/nifi-testing/cfm-k8s/cfm-operator" --image-tag "2.8.0-b94"
2024-01-25T14:12:29.684-0800	INFO	cli.install	cmd/install.go:154	installing CRDs
2024-01-25T14:12:29.684-0800	INFO	cli.install	cmd/install.go:172	installing	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
2024-01-25T14:12:29.691-0800	INFO	cli.install	cmd/install.go:175	already installed	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
2024-01-25T14:12:29.695-0800	INFO	cli.install	cmd/install.go:184	updating	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
2024-01-25T14:12:29.709-0800	INFO	cli.install	cmd/install.go:199	ready	{"CustomResourceDefinition": "nifiregistries.cfm.cloudera.com"}
2024-01-25T14:12:29.709-0800	INFO	cli.install	cmd/install.go:172	installing	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
2024-01-25T14:12:29.721-0800	INFO	cli.install	cmd/install.go:175	already installed	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
2024-01-25T14:12:29.727-0800	INFO	cli.install	cmd/install.go:184	updating	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
2024-01-25T14:12:29.757-0800	INFO	cli.install	cmd/install.go:199	ready	{"CustomResourceDefinition": "nifis.cfm.cloudera.com"}
2024-01-25T14:12:29.757-0800	INFO	cli.install	cmd/install.go:80	installing chart	{"namespace": "cfm-operator-system"}
2024-01-25T14:12:30.045-0800	INFO	cli.install.helmclient	cmd/install.go:124	creating 1 resource(s)
2024-01-25T14:12:30.066-0800	INFO	cli.install.helmclient	cmd/install.go:124	creating 16 resource(s)
2024-01-25T14:12:30.127-0800	INFO	cli.install.helmclient	cmd/install.go:124	beginning wait for 16 resources with timeout of 10m0s
2024-01-25T14:12:30.150-0800	INFO	cli.install.helmclient	cmd/install.go:124	Deployment is not ready: cfm-operator-system/cfm-operator. 0 out of 1 expected pods are ready
2024-01-25T14:13:30.173-0800	INFO	cli.install.helmclient	cmd/install.go:124	Deployment is not ready: cfm-operator-system/cfm-operator. 0 out of 1 expected pods are ready
2024-01-25T14:14:20.180-0800	INFO	cli.install.helmclient	cmd/install.go:124	Deployment is not ready: cfm-operator-system/cfm-operator. 0 out of 1 expected pods are ready
2024-01-25T14:14:22.219-0800	INFO	cli.install.helmclient	cmd/install.go:124	release installed successfully: cfm-operator/cfm-operator-0.0.0-dev

Create your license secret.
```
kubectl create secret generic cfm-operator-license --from-file=license.txt=[***PATH/TO/LICENSE.TXT***]
```
Replace [***PATH/TO/LICENSE.TXT***] with the relative path to the license file
Run Helm install.
```
helm install cfm-operator ./charts/cfm-operator \
       --create-namespace \
       --namespace [***CFM OPERATOR NAMESPACE***] \
       --set installCRDs=true \
       --set image.repository=[***IMAGE REPOSITORY***] \
       --set image.tag=[***CFM OPERATOR VERSION***] \
       --set licenseSecret=cfm-operator-license
```
Replace
- [***CFM OPERATOR NAMESPACE***]with the desired operator installation namespace, for example "cfm-operator-system".
- [***IMAGE REPOSITORY***] with your target repository.
- [***CFM OPERATOR VERSION***] with your desired operator version.

Validate your installation.

Check if CustomResourceDefinitions for NiFi were installed or updated:

kubectl get crds | grep nifi


nifiregistries.cfm.cloudera.com 2024-01-25T21:31:28Z
nifis.cfm.cloudera.com 2024-01-25T21:31:29Z

Check if a CFM Operator pod is up and running:

kubectl get pods -n cfm-operator-system


NAME                            READY   STATUS    RESTARTS   AGE
cfm-operator-545bfbc96b-sx4jt   2/2     Running   0          18m

With the operator installed and running, you can create and manage instances of NiFi and NiFi Registry by manipulating the Kubernetes object definitions.