If you have DC/OS installed in Strict mode then you need to follow the below steps to deploy portworx
All steps needs to be performed where you have your dcos cli is installed
Portworx:
- Install dcos enterprise cli, if not already installed
dcos package install --cli dcos-enterprise-cli
Grant the following permission
Permissions
Create a Service Account which will be used to install portworx
dcos security org service-accounts keypair temp-priv.pem temp-pub.pem
dcos security org service-accounts create -p temp-pub.pem -d “Portwrox service account” portworx-principal
dcos security secrets create-sa-secret --strict temp-priv.pem portworx-principal portworx/mesos-auth-secret
Grant required permission for portworx
dcos security org users grant dcos_marathon dcos:mesos:master:task:user:root create
dcos security org users grant portworx-principal dcos:mesos:master:framework:role:slave_public/portworx-role create
dcos security org users grant portworx-principal dcos:mesos:master:framework:role:slave_public/portworx-role delete
dcos security org users grant portworx-principal dcos:mesos:master:framework:role:portworx-role create
dcos security org users grant portworx-principal dcos:mesos:master:framework:role:portworx-role delete
dcos security org users grant portworx-principal dcos:mesos:master:task:user:root create
dcos security org users grant portworx-principal dcos:mesos:master:task:user:nobody create
dcos security org users grant portworx-principal dcos:mesos:master:volume:role:portworx-role create
dcos security org users grant portworx-principal dcos:mesos:master:volume:role:portworx-role delete
dcos security org users grant portworx-principal dcos:mesos:master:volume:role:slave_public/portworx-role create
dcos security org users grant portworx-principal dcos:mesos:master:volume:role:slave_public/portworx-role delete
dcos security org users grant portworx-principal dcos:mesos:master:volume:principal:portworx-principal create
dcos security org users grant portworx-principal dcos:mesos:master:volume:principal:portworx-principal delete
dcos security org users grant portworx-principal dcos:mesos:master:reservation:role:portworx-role create
dcos security org users grant portworx-principal dcos:mesos:master:reservation:role:portworx-role delete
dcos security org users grant portworx-principal dcos:mesos:master:reservation:role:slave_public/portworx-role create
dcos security org users grant portworx-principal dcos:mesos:master:reservation:role:slave_public/portworx-role delete
dcos security org users grant portworx-principal dcos:mesos:master:reservation:principal:portworx-principal create
dcos security org users grant portworx-principal dcos:mesos:master:reservation:principal:portworx-principal delete
dcos security org users grant portworx-principal dcos:secrets:default:/portworx/* full
dcos security org users grant portworx-principal dcos:secrets:list:default:/portworx read
Open the Catlog and search for Portworx, select and proceed, copy the below sample json content and modify as per you requirement
You need to modify Cluster name and -d -m parameter (You have to chose your ifcae)
sample.json
{
"service": {
"name": "portworx",
"user": "root",
"principal": "portworx-principal",
"pre_reserved_role": "",
"secret_name": "portworx/mesos-auth-secret",
"mesos_api_version": "V1",
"task_failure_timeout_minutes": 5
},
"node": {
"portworx_cluster": "sam-6-portworx-dcos",
"portworx_image": "portworx/px-enterprise:2.0.3",
"portworx_port_range_start": 9001,
"portworx_options": "-a -x mesos -d ens3 -m ens3",
"internal_kvdb": true,
"kvdb_servers": "",
"container_parameters": "",
"count": 3,
"placement_constraint": "hostname:UNIQUE"
},
"secrets": {
"enabled": false,
"base_path": "",
"dcos_username_secret": "portworx/dcos_username",
"dcos_password_secret": "portworx/dcos_password"
},
"etcd": {
"enabled": false,
"proxy_enabled": false,
"placement_constraint": "hostname:UNIQUE",
"image": "mesosphere/etcd-mesos:latest",
"cpus": 0.3,
"mem": 1024,
"disk_type": "ROOT",
"disk_size": 5120,
"node_advertise_port": 1026,
"node_peer_port": 1027,
"proxy_advertise_port": 2379
},
"lighthouse": {
"enabled": true,
"placement_constraint": "",
"public_agent": true,
"cpus": 0.3,
"mem": 1024,
"image": "portworx/px-lighthouse:2.0.1",
"webui_port": 8085,
"company_name": "Portworx",
"admin_username": "admin"
}
}
Review and Run
Once your done with changes, go hit Review & Run and wait for all Portworx nodes to come up. You can verify the status with pxctl status command from one of your private node.