Installing Sisense in an Offline Environment

You can install Sisense in an offline environment with no outside access.

An offline, or air-gapped, environment provides higher security than online, connected environments. As the offline environment has no outside communication, the only method to install Sisense in this environment is by using removable media, such as USB drives.

Your system must have the following in place to complete an offline installation:

  • A Bastion host with Docker installed (Recommended)

Note:

For a single node installation, you must have an additional disk space for local storage, see Mounting on a Dedicated Disk for Sisense Single Nodes.

  • A secured Docker registry that is accessible to the offline environment

As Sisense is installed offline, some features will not work as they require internet access:

  • Scatter Map widgets will not load
  • Analyzing trends is not supported
  • All email connections and notifications including reporting, user creating, dashboard sharing are not supported
  • All services that require internet connection will be blocked
  • External monitoring is not supported

Sisense Offline Installation

You can install Sisense in offline environments with the Sisense’s offline installation package. The package includes the following components:

  • Major offline bootstrap script
  • Base Docker image for installation bootstrap
  • RKE Docker images for Kubernetes cluster installation.
  • Sisense pods Docker images
  • Monitoring pods Docker images
  • Logging pods Docker images

As part of the installer, Sisense supports Rancher Kubernetes cluster installation. If your Kubernetes cluster is already configured and running, Sisense will skip the cluster installation.

You can obtain the Sisense offline installation package from your Sisense Customer Support Manager.

Once you have the installation package, you must transfer it to a bastion machine in your offline environment that is connected internally to a local Docker registry and your Kubernetes cluster.

The offline installation package includes the Sisense installer. The installer must be configured to point to your Docker registry. When you run the installer, Sisense pushes Sisense-related Docker images to your local registry, which are then pulled by your K8S cluster when Sisense is installed on the cluster.
The process for installing Sisense requires you to complete two procedures:

  • Uploading the Sisense Docker images to the Docker registry
  • Executing the Sisense installer

Prerequisites

You must have the following prepared on your system before you install Sisense:

  • A prepared environment for the Sisense installation.
  • An installed Docker platform to run the offline installer container (Note: iptables for Docker must be enabled).
  • A configured secure Docker registry must be available for the Sisense offline installation.
  • A kubectl client must be installed on the bastion host, and configured to work with the target cluster (relevant when using the existing cluster).

To install Sisense on an offline environment:

  1. Login to your bastion host.

Note:

You must have installed the latest Docker version. Also, for a single-node installation, you must login to the node.

  1. Verify connectivity to your local Docker registry.
sudo docker login <registry-IP>
user: <user name>
pwd: <password>
  1. Contact your Sisense Customer Success Manager to obtain a link to download the Sisense offline installer.
  2. After you received the link from Sisense, download the Sisense offline installer with the command:
wget {$PACKAGE_URL}
  1. Extract the Sisense package.
tar zxf ${PACAKGE_NAME}
  1. Navigate to the Sisense directory and edit the relevant Sisense configuration file for your environment:
  • For single-node, on-premises Kubernetes, use the single_config.yaml
vim single_config.yaml
  • For multi-node, on-premises Kubernetes, use the cluster_config.yaml
vim cluster_config.yaml

Set the following parameters:

  • offline_installer: true
  • docker_registry: ${YOUR_DOCKER_REGISTRY}
  • private_docker_registry: true


Parameters

Value

k8s_nodes

- { node: node1, internal_ip: 0.0.0.0, external_ip: 0.0.0.0, disk_volume_device: /dev/sdb, roles: "application, query" }

- { node: node2, internal_ip: 0.0.0.0, external_ip: 0.0.0.0, disk_volume_device: /dev/sdb, roles: "application, query" }

- { node: node3, internal_ip: 0.0.0.0, external_ip: 0.0.0.0, disk_volume_device: /dev/sdb, roles: "build" }

The K8S nodes are the set of machines that will be used to run Sisense.

These parameters define the IP address of your internal and external IP addresses.

If you are implementing a multi-node cluster deployment, define the following for each node:

node: The DNS name of your node.

internal_ip: Enter the addresses that define the location of your nodes within your Kubernetes cluster.

external IP: address defines how your cluster can be accessed from outside, or the DNS name of the node. It can also be the same value as the internal IP in case this is the only IP used to access the node.

If you are using Rook-Ceph for shared storage, disk_volume_device is the location where ElastiCubes and other shared assets are stored. You need to define this value for each node. To retrieve the value, run the lsblk command on each node and enter the location returned for each node.

roles: Define the role of the node. There are three possible values: application, query and build.

The installation machine is used only during installation to run the installation scripts. The Installation machine can be one of the K8S nodes, but it can also be a different machine (remote installation).

offline_installer: true

Set to true to use an offline installer.

docker_registry: registry.sisense.com

You must have DNS entries for this host and the kubernetes cluster can reach this host.

private_docker_registry: true

Set to true if your registry requires credentials to pull images or not.

update: false

If you are upgrading Sisense, enter true, otherwise, keep this value as the default.

If you enter true, Sisense skips the RKE Kubernetes installation. If your Kuberenetes cluster is already configured and running, keep true to skip cluster installation.

Staging and dev environments can run on the same cluster as a separate namespace. For installing on a separate namespace, see Setting Up Multiple Instances of Sisense .

remote installation: false

Enter true if you are running your installation from a bastion machine (part of the K8S nodes) or remotely.

application_dns_name: ""

Enter the DNS name.

  • If no DNS name is entered, the default value is the external IP of the first node in the cluster.

  • If the is_ssl parameter is set to true, enter the Common Name for this parameter.

  • If an external load balancer is used for the Common Name, add the http:// or https:// prefix to the entry.

Note: You can only define this parameter when installing or upgrading Sisense. After defining this value, you can view this value under General Settings in the Sisense Admin page.

linux_user: "sisense"

The default Linux username used by base container is sisense.

high_availability: true

True means that Sisense is scaled for service redundancy.
Enter false means that Sisense will not scale its services.

storage_type: “ ”

Enter one of the following values:

rook-ceph: For using Rook-Ceph with the three secondary disks, you defined in the k8s_nodes disk_volume_device on the first 3 machines.

nfs: For using an external NFS server as the shared storage. You must define the nfs_server and nfs_path parameters, and have root read/write permissions on the path from the cluster hosts.

fsx: For using Amazon FSX cluster. You must also enter values for fsx_dns_name and fsx_mount_name.

fsx_dns_name: “”

If your system uses AWS FSx services, enter the associated DNS alias name.

fsx_mount_name: “”

If your system uses AWS FSx services, enter the mount name for the file system. If you are using Scratch 1, enter fsx.

nfs_server: ""

Enter your NFS server's address (IP or DNS).

nfs_path: ""

Enter your NFS server's location.

The mounting point for each logical disk (Sisense app, MongoDB, and Zookeeper) is created under this path.

sisense_disk_size: 70

If you have implemented Rook-Ceph for storage, enter the amount of disk space in gigabytes allocated for Sisense.

Important! You must provide enough space to support your Sisense ElastiCube models, at least two times the amount of data in all ElastiCubes. Rook-Ceph is set for two replicas so assume the same logical disk is in two of the physical disks you set in the you defined in the k8s_nodes disk_volume_device parameter.

Every namespace takes additional logical disk space from the physical disks, and the installation fails if you did not allocate enough space.

To calculate the required space, tou can use the following equation:

sisense_disk_size = 70GB x 3 (for a three node deployment).

If you allocate space for the application DB and configuration DB (the values of mongodb_disk_size and zookeeper_disk_size) this should be considered as well. If you enter 210GB as the value, this allocates 70GB in a 3 node deployment minus 3 times (the values of mongodb_disk_size and zookeeper_disk_size).

Sisense also recommends that you specify an additional 5GB free space for the value of sisense_disk_size.

mongodb_disk_size: 20

Enter the amount of disk space allocated for the Sisense application database.

This value should be multiplied by the number of nodes used in your deployment.

It is recommended to leave the default of 3 GB. If only metadata is stored in the MongoDB, there is no need to increase the size.

zookeeper_disk_size: 2

Enter the amount of disk space allocated for the ZooKeeper service.

This value should be multiplied by the number of nodes in your deployment.

It is recommended to leave the default of 2GB. If only metadata is stored in the Zookeeper service, there is no need to increase the size.

timezone: “UTC”

Enter the system time zone. Applicable to the time zone of the relative date-time filters.
Format: TZ database name (i.e., UTC, US/Central, Asia Tokyo, Etc/GMC+6).

namespace_name: sisense

Enter the name of the Kubernetes namespace. By default, the namespace is Sisense.

If you have multiple deployments, you should have a unique namespace for each deployment For example, there might be a development and production environment.

Additionally for multiple deployments:

  • Each environment must have a unique gateway_port value.

  • Each deployment after the first, the value of the update should be set to true.

Note: Kubernetes ports should be released (Non-listening mode).

gateway_port: 30845

Enter the port of the API gateway for your deployment. Do not set this port to 443 if setting up SSL.

If you are not implementing SSL, this is the port used to connect to Sisense.

is_ssl: false

Enter true for secure connections to Sisense.

Enter false if you have not implemented SSL.

If you enter true, see Setting Up SSL for Sisense Linux for more information.

ssl_key_path: “”

If you connect to your server securely, enter the SSL keypath.

When SSL is defined, the Sisense API Gateway Port will be 443 and not the value defined in the gateway_port parameter.

ssl_cer_path: “”

If you connect to your server securely, enter the SSL certificate path (.cer file).

http_proxy

(Optional) If you use a web proxy, set this to the unsecured proxy value.

https_proxy

(Optional) If you use a web proxy, set this to the secured proxy value.

no_proxy

(Optional) If you use a web proxy and need to, to exclude certain addresses from your proxy, enter the IP addresses separated by a comma.

internal_monitoring: true

When true, Sisense installs a Prometheus/Grafana/Flunetd dashboard. Enter false to disable a Prometheus supported Grafana dashboard from monitoring your deployment.

For more information, see Monitoring Sisense on Linux.

external_monitoring: false

Enter false to disable external monitoring with your Logz.io account.

See Connecting to your Logz.io Account for more information.

uninstall_sisense: false

Enter true to uninstall Sisense services, but leave your Kubernetes infrastructure unchanged, in case it's needed in the future.

remove_user_data: false

Enter true to delete all user data.

This deletes your ElastiCube models, application database, message broker, and add-ons.

`


7. Upload Sisense images with the following command:

bash ./kubespray/offline/offline_installer.sh upload ${CONFIG_FILE} <USERNAME>
  • Upload: Upload action flag (Available actions: upload / run / help)
  • ${CONFIG_FILE}: Edited cluster_config.yaml file
  • USERNAME/PASSWORD: Your Docker registry credentials

8. After the Sisense images are uploaded, proceed with following instructions to install Sisense including RKE Kubernetes cluster:

bash ./kubespray/offline/offline_installer.sh run ${CONFIG_FILE}
  • Inside the Docker container, Navigate to the Sisense directory and run the following command to execute the installer: 
bash ./sisense.sh ${CONFIG_FILE}

Once the installation is complete, activate Sisense according to the Activating Sisense on Linux instructions.

.r.