Deploying a Local Universe

PREVIEW

You can install and run DC/OS services on a datacenter without internet access with a local Universe. You can install a local Universe that includes the default packages (easiest), or select your own set of local Universe packages (advanced).

Prerequisites:

  • DC/OS CLI installed.

  • Logged into the DC/OS CLI via dcos auth login. On DC/OS Enterprise, you must be logged in as a user with the dcos:superuser permission.

Note: As the Universe tarball is over two gigabytes in size it may take some time to download it to your local drive and upload it to each master.

Installing the default Universe packages

  1. Because DC/OS 1.9 is not the latest release, you will need to build your own local Universe image. Follow these instructions, skipping step 3.

  2. Use secure copy to transfer the Universe and registry files to a master node. Replace <master-IP> with the public IP address of a master before issuing the following commands.

    Tip: You can find the public IP address of a master in the top left corner of the DC/OS web interface.

    scp local-universe.tar.gz core@<master-IP>:~
    scp dcos-local-universe-http.service core@<master-IP>:~
    scp dcos-local-universe-registry.service core@<master-IP>:~
    
  3. SSH into the master using the following command. Replace <master-IP> with the IP address used in the previous commands.

    ssh -A core@<master-IP>
    
  4. Confirm that the files were successfully copied.

    ls
    
  5. You should see the following files listed.

    dcos-local-universe-http.service  dcos-local-universe-registry.service  local-universe.tar.gz
    
  6. Move the registry files into the /etc/systemd/system/ directory.

    sudo mv dcos-local-universe-registry.service /etc/systemd/system/
    sudo mv dcos-local-universe-http.service /etc/systemd/system/
    
  7. Confirm that the files were successfully copied into /etc/systemd/system/.

    ls -la /etc/systemd/system/
    
  8. Load the Universe into the local Docker instance.

    docker load < local-universe.tar.gz
    

    Tip: This may take some time to complete.

  9. Restart the systemd daemon.

    sudo systemctl daemon-reload
    
  10. Enable and start the dcos-local-universe-http and dcos-local-universe-registry services.

    systemctl enable dcos-local-universe-http
    systemctl enable dcos-local-universe-registry
    sudo systemctl start dcos-local-universe-http     
    sudo systemctl start dcos-local-universe-registry
    
  11. Use the following commands to confirm that the services are now up and running.

    sudo systemctl status dcos-local-universe-http
    sudo systemctl status dcos-local-universe-registry
    
  12. If you only have one master, skip to step 25. If you have multiple masters, continue to the next step.

  13. Use the following command to discover the private IP addresses of all of your masters. Identify the private IP address of the master you are SSHed into right now from the list.

    Tip: It will match the path shown after core@ip- in your prompt, where the hyphens become periods.

    host master.mesos
    
  14. Use secure copy to transfer the Universe and registry files to one of the other masters. Replace <master-IP> with the IP address of the other master.

    scp local-universe.tar.gz core@<master-IP>:~
    scp /etc/systemd/system/dcos-local-universe-registry.service core@<master-IP>:~
    scp /etc/systemd/system/dcos-local-universe-http.service core@<master-IP>:~
    
  15. SSH into the master that you just copied these files to.

    ssh -A core@<master_IP>
    
  16. Confirm that the files were successfully copied.

    ls
    
  17. You should see the following files listed.

    dcos-local-universe-http.service  dcos-local-universe-registry.service  local-universe.tar.gz
    
  18. Move the registry files into the /etc/systemd/system/ directory.

    sudo mv dcos-local-universe-registry.service /etc/systemd/system/
    sudo mv dcos-local-universe-http.service /etc/systemd/system/
    
  19. Confirm that the files were successfully copied into /etc/systemd/system/.

    ls -la /etc/systemd/system/
    
  20. Load the Universe into the local Docker instance.

    docker load < local-universe.tar.gz
    

    Tip: This may take some time to complete.

  21. Restart the Docker daemon.

    sudo systemctl daemon-reload
    
  22. Start the dcos-local-universe-http and dcos-local-universe-registry services.

    sudo systemctl start dcos-local-universe-http
    sudo systemctl start dcos-local-universe-registry
    
  23. Use the following commands to confirm that the services are now up and running.

    sudo systemctl status dcos-local-universe-http
    sudo systemctl status dcos-local-universe-registry
    
  24. Repeat steps 14 through 23 until you have completed this procedure for all of your masters. Then continue to the next step.

  25. Close the SSH session by typing exit or open a new terminal prompt tab.

    Tip: You may have to exit more than one SSH session if you have multiple masters.

  26. (Optional) Use the following command to remove the references to the default Universe from your cluster. If you want to leave the default Universe in place and just add the local Universe as an additional repository, you can skip to the next step.

    dcos package repo remove Universe
    

    Tip: You can also remove the references to the default Universe repository from Settings > Repositories in the DC/OS web interface.

  27. Use the following command to add a reference to the new local Universes that you added to each master.

    dcos package repo add local-universe http://master.mesos:8082/repo
    

NOTE: If you need help resolving master.mesos, refer to Installing your own set of Universe packages.

  1. SSH into one of your agent nodes.:

    dcos node ssh --master-proxy --mesos-id=<mesos-id>
    
  2. Use the following commands to download a copy of the DC/OS certificate locally and set it as trusted.

    sudo mkdir -p /etc/docker/certs.d/master.mesos:5000
    sudo curl -o /etc/docker/certs.d/master.mesos:5000/ca.crt http://master.mesos:8082/certs/domain.crt
    sudo systemctl restart docker
    
  3. Configure the Apache Mesos fetcher to trust the downloaded Docker certificate.

    1. Copy the certificate:
    sudo cp /etc/docker/certs.d/master.mesos:5000/ca.crt /var/lib/dcos/pki/tls/certs/docker-registry-ca.crt
    
    1. Generate a hash:
    cd /var/lib/dcos/pki/tls/certs/
    openssl x509 -hash -noout -in docker-registry-ca.crt
    
    1. Create a soft link:
    sudo ln -s /var/lib/dcos/pki/tls/certs/docker-registry-ca.crt /var/lib/dcos/pki/tls/certs/<hash_number>.0
    

    Note: You will need to create the /pki/tls/certs directory on the public agent.

  4. Close the SSH session by typing exit or open a new terminal prompt tab. Repeat steps 28-30 on each agent node.

  5. To verify your success, log into the DC/OS web interface and open the Universe > Packages tab. You should see a list of selected packages. Go ahead and try to install one of the packages.

FAQ

  • I can’t install CLI subcommands

    Packages are hosted at master.mesos:8082. If you cannot resolve or connect to master.mesos:8082 from your DC/OS CLI install, you cannot install CLI subcommands. If you can connect to port 8082 on your masters, add the IP for one of the masters to /etc/hosts.

  • The images are broken

    All Universe components are hosted inside of your cluster, including the images. The components are served up by master.mesos:8082. If you have connectivity to that IP, you can add it to /etc/hosts and get the images working.

  • I don’t see the package I was looking for

    By default, only the selected packages are bundled. If you’d like to get something else, use the build your own instructions.

Installing your own set of Universe packages

Prerequisite: Git. On Unix/Linux, see these installation instructions.

To install your own set of packages you must build a customized local Universe Docker image.

  1. Clone the Universe repository:

    git clone https://github.com/mesosphere/universe.git --branch version-3.x
    
  2. Build the universe-base image:

    cd universe/docker/local-universe/
    sudo make base
    
  3. Build the mesosphere/universe Docker image and compress it to the local-universe.tar.gz file. Specify a comma-separated list of package names and versions using the DCOS_PACKAGE_INCLUDE variable. To minimize the container size and download time, you can select only what you need. If you do not use the DCOS_PACKAGE_INCLUDE variable, all selected Universe packages will be included. To view which packages are selected, click on the Universe tab in the DC/OS web interface.

    sudo make DCOS_VERSION=1.9 DCOS_PACKAGE_INCLUDE="cassandra:1.0.25-3.0.10,marathon:1.4.2" local-universe
    
  4. Perform all of the steps as described in Installing the default Universe packages.