Skip to main content

Installation

Guided Installation

Please review the system requirements prior to attempting any installation.

For production installations, most scenarios can rely on the guided quickstart.sh installer. This installer allows the user to bring their own flavor of Kubernetes, and will validate prerequisites and prompt for required inputs. Optionally, the installer will also setup K3s as a single-node cluster if there is not a cluster available.

Requirements for the installer:

  • Must be run from an Ubuntu 22.x or Ubuntu 24.x machine
  • A user with sudo permissions
  • The install script will verify certain package prerequisites, and ask to install them if they are not available
  • For an existing Kubernetes installation, Kubernetes context must already be loaded into the shell session. This installer will verify access by running: kubectl cluster-info

The quickstart installer will step through the following processes:

  • Verify binary prerequisites exist on the current machine
  • Verify connectivity and kubectl access to a running Kubernetes cluster
  • Verify that a default storage class exists on the current cluster
  • Install the Netfoundry Support stack to the "support" namespace
  • Install the OpenZiti ziti-controller helm chart to the "ziti" namespace
  • Optionally install a Ziti edge router with edge listener enabled to the "ziti" namespace (requires an advertise address that is reachable by the Ziti network clients)
  • Optionally install Ziti network resources for support tool access (Ziti services and policies for Grafana, Kibana, and RabbitMQ)
  • Optionally install Ziti edge tunnel as a host identity to access the above support resources in the "support" namespace

Installing

To run the installer in interactive mode:

./quickstart.sh

To run the installer in non-interactive mode and accept all defaults:

export CTRL_ADDR=<Controller advertise address>
./quickstart.sh -y

Offline Installation

NetFoundry provides an installation tarball to support offline installation that provides all necessary packages and container images within the tarball. Currently the offline installer only supports single-node K3s installations, but full K8s support is coming soon.

Obtain your JFROG service account credentials from the NetFoundry Console at: https://<orgname>.cloudziti.io

Download the offline installer tarball

curl -fSL -u “$USERNAME:$PASS" -OJ https://netfoundry.jfrog.io/artifactory/nfpax-private-tgz-stable/deb/amd64/On-Prem-Offline-0.4.1.tar.gz

Copy to the destination machine, and untar the offline bundle.

mkdir -p netfoundry
tar -zxf ./On-Prem-Offline-0.4.1.tar.gz -C ./netfoundry

Run in interactive mode with:

./quickstart.sh

Or run non-interactively with:

export CTRL_ADDR=<controller advertise address>
./quickstart.sh -y

Enabling Netfoundry zLAN Features

For installations that use NetFoundry zLAN, these features can be enabled during the initial installation, or added later on by running the quickstart.sh script with the -z option.

note

Enabling zLAN features requires access to NetFoundry's private container registry. Service account credentials can be obtained by downloading the QUAY service credentials from the NetFoundry Console.

./quickstart.sh -z

The zLAN installation will prompt for the username and password for NetFoundry's private container registry. These credentials can also be set in the environment ahead of time to run in non-interactive mode by setting the following environment variables:

export REGISTRY_USERNAME=<YOUR USERNAME>
export REGISTRY_PASSWORD=<YOUR PASSWORD>

The credentials will then be stored in Kuberenetes as netfoundry-pull-secret.

Installing behind a corporate proxy?

Installing from behind a proxy requires some additional setup steps. Review the proxy setup documentation before running the quickstart.sh