Installation Procedure

NMX-M installation is now simplified using a one-click shell script that ensures full air-gapped support. The below are detailed instructions of how to seamlessly install NMX-M on your dedicated machines.

The NMX-M package is distributed as a single tarball, `NMX-MGR-<VERSION>-VM.tar.gz`. Within this tarball, there are several additional tarballs organized into various categories:

• Installation

• Infra

• Services

• RKE2

To install the VM image, follow the steps below:

1. Extract NMX-MGR-<VERSION>-VM.tar.gz

2. Mount the VM image ( .qcow2 file) using the appropriate KVM commands

   Example: Copy the Base image to - /var/lib/libvirt/images/

   Copy

   Copied!

               
   
               
   virt-install --connect qemu:///system --ram 512000-n ubuntu1 --os-type linux --os-variant generic --vcpus=48 --disk path=/var/lib/libvirt/images/ubuntu-24.04-nmx-base.qcow2,format=qcow2,device=disk,bus=virtio --vnc --noautoconsole --import --network=bridge=br0,model=virtio,mac=<MAC> --check all=off
           

3. Login as root on the machine.

To install NMX Manager (NMX-M) software package, follow the steps below:

1. Copy the `NMX-MGR-M-<VERSION>.tar.gz ` file to one of the VMs. Once the tarball is in place, execute the following command to extract its contents.

   Copy

   Copied!

               
   
               
   tar -xzf NMX-MGR-M-*.tar.gz
           

2. Navigate to the created `NMX-M` directory. Run the installation script using the following command.

   Copy

   Copied!

               
   
               
   cd NMX-M
   ./install.sh
           

3. Install the required tools. The installation script will begin by installing all the necessary tools to support the installation. This includes:

   • Ansible

   • kubectl

   • zarf

   • helm

4. Configure Kubernetes Cluster. You will be required to specify the number of server Virtual Machines (VMs) for the Kubernetes cluster (NODES) and provide their respective IP addresses. Please note that a minimum of three VMs is needed.

   Additionally, during the setup process, you will be required to enter the SSH password twice:

   - Once for the local user

   - Once for the root user ( same as local user)

5. Install RKE2. The script will proceed by running the RKE2 (Rancher Kubernetes Engine 2) installation.

6. Provide Client Certificates for mTLS. When prompted, provide the client certificates or create temporary certificates to support southbound mTLS (mutual Transport Layer Security).

   1. Use existing certificates: Place the required certificate files (client.cert, client.key, and rootCA.crt)

      1. Log in with an additional shell to install the machine and place the certificates in the folder – NMX-M/Installation/Ansible with the required names.

      2. If you do not yet have the certificates, proceed with the installation using option 2. Once you have obtained the certificates, rerun the installation.

   2. Create temporary certificates: If the client has not provided the necessary certificates yet or for testing reasons, you can generate temporary self-signed certificates as a stopgap measure.

7. Set the API user passwords. You will be asked twice to set passwords for the API users `ro_user ` and `rw_user`. Each password must be at least 8 characters long and include a mix of letters and numbers.

8. The script installs the infrastructure components.

9. The script installs the NMX-M Microservices.