Install YugabyteDB Anywhere

Install YBA software using Replicated in an airgapped environment

Use the following instructions to install YugabyteDB Anywhere software. For guidance on which method to choose, see YBA Prerequisites.

Note: For higher availability, one or more additional YugabyteDB Anywhere instances can be separately installed, and then configured later to serve as passive warm standby servers. See Enable High Availability for more information.

Prerequisites

If Docker is not installed on the host computer, you need to install a recent version that matches the minimum requirements outlined in Installing Docker in Airgapped Environments.

If access to the Docker repositories for your Linux distribution is not available on the host computer, you may have to manually transfer the necessary RPM or DEB packages whose locations are specified in Installing Docker in Airgapped Environments.

Refer to Airgapped hosts for more details on preparing your host machine.

Install Replicated

On a computer connected to the Internet, perform the following steps:

  • Make a directory for downloading the binaries by executing the following command:

    sudo mkdir /opt/downloads
    
  • Change the owner user for the directory by executing the following command:

    sudo chown -R ubuntu:ubuntu /opt/downloads
    
  • Change to the directory by executing the following command:

    cd /opt/downloads
    
  • Download the replicated.tar.gz file by executing the following command:

    wget --trust-server-names https://get.replicated.com/airgap
    
  • Download the yugaware binary and change the following number, as required:

    wget https://downloads.yugabyte.com/releases/2.17.3.0/yugaware-2.17.3.0-b152-linux-x86_64.airgap
    
  • Switch to the following directory:

    cd /opt/downloads
    
  • Extract the replicated binary, as follows:

    tar xzvf replicated.tar.gz
    
  • Install Replicated. If multiple options appear, select the eth0 network interface, as follows:

    cat ./install.sh | sudo bash -s airgap
    

The yugaware binary is installed using the Replicated UI after the Replicated installation completes.

After Replicated finishes installing, ensure that it is running by executing the following command:

sudo docker ps

You should see an output similar to the following:

Replicated successfully installed

The next step is to install YugabyteDB Anywhere.

Set Up HTTPS (optional)

Launch the Replicated UI via http://yugaware-host-public-ip:8800. Expect to see a warning stating that the connection to the server is not yet private. This condition is resolved once HTTPS for the Replicated Admin Console is set up in the next step. Proceed by clicking Continue to Setup > ADVANCED to bypass the warning and access the Replicated Admin Console, as shown in the following illustration:

Replicated SSL warning

You can provide your own custom SSL certificate and a hostname, as shown in the following illustration:

Replicated HTTPS setup

It is recommended that you start with using a self-signed certificate, and then add the custom SSL certificate later. Note that in this case you connect to the Replicated Admin Console using an IP address, as shown in the following illustration:

Replicated Self Signed Cert

Upload the License File

Upload the Yugabyte license file that you received from Yugabyte, as shown in the following illustration:

Replicated License Upload

Two options to install YugabyteDB Anywhere are presented as shown in the following illustrations:

Replicated License Air-gapped Install

Replicated License Air-gapped Path

Replicated License Air-gapped Progress

Secure Replicated

Add a password to protect the Replicated Admin Console, which is different from the Admin Console for YugabyteDB used by YugabyteDB Anywhere, as shown in the following illustration:

Replicated Password

Preflight checks

Replicated performs a set of preflight checks to ensure that the host is set up correctly for YugabyteDB Anywhere, as shown in the following illustration:

Replicated Checks

Click Continue to configure YugabyteDB Anywhere.

If the preflight check fails, review the Troubleshoot YugabyteDB Anywhere to resolve the issue.

Set the TLS Version for Yugaware Frontend

Specify TLS versions via Application config, as shown in the following illustration:

Application Configuration

The recommended TLS version is 1.2.

Set up HTTP/HTTPS proxy

YugabyteDB Anywhere sometimes initiates HTTP or HTTPS connections to other servers. For example, HTTP or HTTPS connections (depending on your setup) can be used to do the following, or more:

  • Contact a public cloud provider to create VMs.
  • Deposit backups on a public cloud provider's object storage service.
  • Contact an external load balancer.

You can set up YBA to use an HTTP/HTTPS proxy server via Application config, and select Enable Proxy as per the following illustration:

Enable Proxy

When completing the Enable Proxy settings, keep in mind the following:

  • If your proxy is using the default ports for each protocol, then set the ports for the HTTP and HTTPS proxies to the default, 80 and 443 respectively, instead of 8080 and 8443 as shown in the preceding illustration.

  • If you have only one proxy set up (HTTP or HTTPS), then set the same values for both.

  • This configuration sets operating system environment variables and Java system properties. The help text for each field shows which Java system property or environment variable gets set by the field. System properties have the "-D" prefix. For example "Specify -Dhttps.proxyPort".

  • The no proxy fields (HTTP no proxy setting, HTTP no proxy setting for Java) are lists of exception hosts, provided as a comma-delimited list of addresses or hostnames. Include the following addresses:

    • The Docker gateway address (172.17.0.1 by default).
    • The address of any previously-specified web proxy.
    • Any other IP addresses that you deem safe to bypass the proxy.
  • These settings comprehensively govern all network connections that YBA initiates. For example, if you specify a proxy server for HTTP, all unencrypted connections initiated by YBA will be affected. If you want YBA to bypass the proxy server when connecting to database universe nodes, then you must explicitly specify the database universe node IP addresses as exception hosts (also known as "no proxy").

  • Because some YBA network connections are driven by YBA's Java process, while others are driven outside of Java (for example, via Python or a Linux shell execution), each (Java and non-Java) has its own separate configurable parameters.

  • The Java fields can accept values as Java system properties, including the use of pipe ("|") as a field separator. Refer to Java Networking and Proxies for more details about the properties.

  • YugabyteDB Anywhere follows community standards for setting proxy environment variables, where two environment variables are exported with lowercase and uppercase names. For example, if you enter "http://my.Proxy.host:8080" for HTTP Proxy setting, then two environment variables are exported as follows:

    HTTP_PROXY = http://my.Proxy.host:8080
    http_proxy = http://my.Proxy.host:8080