Air gap installation#

This topic provides guidance for installing Anaconda Server in an air-gapped environment.

Note

To successfully install Anaconda Server in an air-gapped environment, you must have already prepared your environment according to the Air gap environment preparation instructions.

Installing Anaconda Server#

Obtain the Anaconda Server installer location and your Anaconda Server license from your Anaconda representative before proceeding.

  1. Download Anaconda Server:

    # Replace <INSTALLER_LOCATION> with the provided installer URL
    curl -O <INSTALLER_LOCATION>
    
  2. Make it executable:

    # Replace <INSTALLER> with the installer you just downloaded
    chmod +x <INSTALLER>
    
  3. Run one of the following installation commands. Choose the command that corresponds with your setup:

    # Replace <INSTALLER> with the installer you just downloaded
    # Replace <FQDN> with the fully qualified domain name of your Anaconda Server instance
    sudo bash <INSTALLER> --keep -- --domain <FQDN> --default-user anaconda --custom-cve-source file://opt/anaconda/repo/airgap/cve.zip 2>&1 | tee as.install.output
    

    Note

    To include Grafana monitoring dashboards in your installation of Anaconda Server, add the following argument to your installation command:

    --grafana-monitor-stack
    

    If you are using TLS/SSL certificates, run this command to install Anaconda Server:

    # Replace <INSTALLER> with the installer you just downloaded
    # Replace <FQDN> with the fully qualified domain name of your Anaconda Server instance
    # Replace <PATH_TO_CERT> with the path to your TLS/SSL cert
    # Replace <PATH_TO_KEY> with the path to your TLS/SSL key
    sudo bash <INSTALLER> --keep -- --domain <FQDN> --tls-cert <PATH_TO_CERT> --tls-key <PATH_TO_KEY> --default-user anaconda --custom-cve-source file://opt/anaconda/repo/airgap/cve.zip 2>&1 | tee as.install.output
    

    Note

    To include Grafana monitoring dashboards in your installation of Anaconda Server, add the following argument to your installation command:

    --grafana-monitor-stack
    

    Caution

    You must be using Postgres version 9.6 or later and Redis version 6.0 or later.

    # Replace <INSTALLER> with the installer file you just downloaded
    # Replace <FQDN> with the fully qualified domain name of your Anaconda Server instance
    # Replace <PATH_TO_CERT> with the path to your TLS/SSL cert
    # Replace <PATH_TO_KEY> with the path to your TLS/SSL key
    # Replace <EXTERNAL_PS/RD_INSTANCE_IP4> with your external instance IP4 address (in both locations)
    # Replace <ASSIGNED_PORT> with the port used for communication
    # Replace <POSTGRES_USERID> with your postgres user ID
    # Replace <POSTGRES_PASSWORD> with your postgres password
    chmod +x <INSTALLER>
    bash <INSTALLER> --keep -- --domain <FQDN> --tls-cert <PATH_TO_CERT> --tls-key <PATH_TO_KEY> -e redis://<EXTERNAL_PS/RD_INSTANCE_IP4> -h <EXTERNAL_PS/RD_INSTANCE_IP4> -p <ASSIGNED_PORT> -u <POSTGRES_USERID> -pw <POSTGRES_PASSWORD> --default-user --custom-cve-source file://opt/anaconda/repo/airgap/cve.zip anaconda -y 2>&1 | tee as.install.output
    

    Note

    To include Grafana monitoring dashboards in your installation of Anaconda Server, add the following argument to your installation command:

    --grafana-monitor-stack
    

The installation process creates three distinct user profiles: one for administrating Anaconda Server, one for administrating Keycloak, and one for accessing Prometheus. Login credentials for these profiles are shown during the installer output. Use these credentials for your initial logins, and update them as soon as possible.

Example output
KeyCloak admin user: 'admin'
KeyCloak admin password: 'B1EpU33Wasdfh0Z64LL767cD'

Updating Keycloak settings ...
Default user: 'anaconda' password: '8aZ6302Ssd34ge415Ld97I'

Prometheus admin user:
username=admin
Generated password for prometheus
password=34ab35y63CUJak6asdf2Am7z40z7lhG8

Note

The Prometheus password cannot currently be updated. Save your password somewhere secure!

Installing packages and CVEs#

In a standard installation, Anaconda Server points to a web URL that contains artifacts for your users to view or download. However, on an air-gapped network, you’ll need to provide network directory folder locations for Anaconda Server to look in when searching for artifacts, and populate those folders with artifacts.

The .zip files you downloaded during environment preparation will be the source of your packages for Anaconda Server. Choose a set of commands that correlate with the files you downloaded during environment preparation to move the files to their correct folder location:

  1. Open your Anaconda Server installation directory.

    # Replace <INSTALLER> with your installation directory
    cd <INSTALLER>
    
  2. Stop Anaconda Server by running the following command:

    docker compose down
    
  3. Move your airgap .zip files to the correct locations by running the following commands. Choose a set of commands that coorelates with your setup:

    All platforms
    mv conda_main.zip /opt/anaconda/repo/airgap/
    mv conda_msys2.zip /opt/anaconda/repo/airgap/
    mv conda_r.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    

    Note

    Moving the conda_msys2.zip and conda_r.zip files is optional.

    Windows airgap files
    mv conda_main_win-32.zip /opt/anaconda/repo/airgap/
    mv conda_main_win-64.zip /opt/anaconda/repo/airgap/
    mv conda_main_noarch.zip /opt/anaconda/repo/airgap/
    mv conda_msys2.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    
    mv conda_r_win-32.zip /opt/anaconda/repo/airgap/
    mv conda_r_win-64.zip /opt/anaconda/repo/airgap/
    mv conda_r_noarch.zip /opt/anaconda/repo/airgap/
    mv conda_msys2.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    
    Linux airgap files
    mv conda_main_linux-32.zip /opt/anaconda/repo/airgap/
    mv conda_main_linux-64.zip /opt/anaconda/repo/airgap/
    mv conda_main_linux-aarch64.zip /opt/anaconda/repo/airgap/
    mv conda_main_linux-armv6l.zip /opt/anaconda/repo/airgap/
    mv conda_main_linux-armv7l.zip /opt/anaconda/repo/airgap/
    mv conda_main_linux-ppc64le.zip /opt/anaconda/repo/airgap/
    mv conda_main_linux-s390x.zip /opt/anaconda/repo/airgap/
    mv conda_main_noarch.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    
    mv conda_r_linux-32.zip /opt/anaconda/repo/airgap/
    mv conda_r_linux-64.zip /opt/anaconda/repo/airgap/
    mv conda_r_linux-ppc64le.zip /opt/anaconda/repo/airgap/
    mv conda_r_noarch.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    
    MacOS airgap files
    mv conda_main_osx-32.zip /opt/anaconda/repo/airgap/
    mv conda_main_osx-64.zip /opt/anaconda/repo/airgap/
    mv conda_main_osx-arm64.zip /opt/anaconda/repo/airgap/
    mv conda_main_noarch.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    
    mv conda_r_osx-64.zip /opt/anaconda/repo/airgap/
    mv conda_r_noarch.zip /opt/anaconda/repo/airgap/
    mv cve.zip /opt/anaconda/repo/airgap/
    
  4. Save your work and close the file, then apply your changes to Anaconda Server by running the following:

    docker compose up -d
    
  5. Monitor the status of your instance by running the following command:

    docker ps
    
  6. Once the containers are healthy and running, access your instance of Anaconda Server by navigating to https:://<FQDN>.example.com and complete your installation by entering your license.

Adding hosted miniconda installers#

Because air-gapped users do not have access to the internet, Anaconda provides Miniconda installers for your company’s use through Anaconda Server.

  1. Download a valid installers.zip file from the s3 bucket:

    curl -O https://anaconda-airgap-te.s3.amazonaws.com/installers.zip
    curl -O https://anaconda-airgap-te.s3.amazonaws.com/installers.sha256
    
  2. Move the installers.zip file to the airgap folder of the Anaconda Server repositoryby running the following command:

    mv /installers.zip /opt/anaconda/repo/airgap/
    
  3. If necessary, open your Anaconda Server installer directory.

  4. Using your preferred file viewer, open the docker-compose.yml file.

  5. Verify that docker has access to the airgap folder contained in the volumes section. For example:

    ${BASE_INSTALL_DIR}/airgap:${BASE_INSTALL_DIR}/airgap
    
  6. Find the environments section of the docker-compose.yml file and add the following line:

    REPO_MINICONDA_INSTALLERS_ZIP_PATH=/opt/anaconda/repo/airgap/installers.zip
    
  7. Save your work and close the file, then apply your changes to Anaconda Server by running the following command:

    docker compose up -d
    

Tip

Miniconda installers will now be available for your end users to download from the login page of Anaconda Server.