How to Perform an Offline Air-Gapped Server Installation
search cancel

How to Perform an Offline Air-Gapped Server Installation

book

Article ID: 288102

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

To install Carbon Black EDR server onto Air-Gapped Linux servers that do not have access to the public internet.

Environment

  • Carbon Black EDR Server: 7.x, 8.x
  • Linux OS: All Supported Versions

Resolution

The caching server is a Linux server that connects to the Internet to collect the rpm packages necessary to perform an EDR install.  It does not need to meet the Operating Environment Requirements (OER).
The air-gapped server is the production Linux server that does not connect to the Internet.  It must meet OER sizing guides.
Note: The caching server needs to matches the OS and kernel version of the air-gapped server.
Note: These steps are for a new installation only.  Using these instructions for updating EDR can result in loss of all data, configurations and certificates.


Configure the Caching Server:
  1. Install the appropriate OS on the caching server.
  2. Install the Carbon Black EDR License RPM, this file can be found in your entitlements section under licenses.  
    sudo rpm -ivh <carbon-black-release-file>

Example file name: carbon-black-release-1.0.5-1-My_Company.x86_64.rpm
  3. Edit /etc/yum.conf, and set:  
    [main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=1
  4. Run:  
    sudo yum install cb-enterprise
sudo yum reinstall sysstat iotop socat -y --enablerepo=baseos,appstream
  5. Tar up the Yum cache directory, where 8 is RHEL 8 in this example: (the files are saved in a directory specified in /etc/yum.conf cachedir key value) 
    sudo tar --selinux -cvzf yumcache.tar.gz -C /var/cache/yum/x86_64/8/ .
  6. Take the resulting file (yumcache.tar.gz) and move it to the desired offline server.
  7. Log into the offline EDR server CLI
  8. If necessary, create the following folder hierarchy:  
    sudo mkdir /var/cache/yum/x86_64/6/
  9. Untar the file to the local offline server:  
    sudo tar -xvzf yumcache.tar.gz -C /var/cache/yum/x86_64/6/
  10. Install EDR as normal, but flag it (with -C) to only use the local cache, which will pull the RPM files from the local yum cache directory that was just created.  
    sudo yum -C install iotop socat sysstat -y
sudo yum install -C cb-enterprise -y
  11. Complete the installation by running the following.  
    sudo /usr/share/cb/cbinit

Additional Information

  • Installation instructions also exist in the Server Cluster Management Guide
  • This staging/caching server must be the same OS (CentOS, RHEL) as the actual target EDR server.
  • iotop, socat and sysstat are required dependencies that are downloaded via the OS repos. They must be installed first before cb-enterprise can be installed.
Powered by Wolken Software