Upload Packs to Palette VerteX with Management Appliance

danger

This has been split from the former VerteX Management Appliance page.

Upload Packs to Palette VerteX

Follow the instructions to upload packs to your Palette VerteX instance. Packs are used to create cluster profiles and deploy workload clusters in your environment.

Prerequisites

• Access to the Artifact Studio to download the Palette VerteX pack bundles.

  tip

  If you do not have access to Artifact Studio, contact your Spectro Cloud representative or open a support ticket.

• If using the internal Zot registry, ensure you have access to the Local UI of the leader node of the Palette VerteX management cluster. Also, verify that your local machine can access the Local UI, as airgapped environments may have strict network policies preventing direct access.

  • (Optional) The Palette CLI installed on your local machine if you prefer to use the command line for uploading packs. Refer to the Palette CLI guide for installation instructions.

• If using an external registry, the Palette CLI must be installed on your local machine to upload the content to the external registry. Refer to the Palette CLI guide for installation instructions.

  • Ensure your local machine has network access to the external registry server and you have the necessary permissions to push images to the registry.

Upload Packs

Internal Zot Registry

Local UI Method

1. Navigate to the Artifact Studio through a web browser and log in. Under Create pack bundle, select Build bundle.

2. Select the Palette VerteX Appliance product on the Product selection step and build your pack bundles by following the prompts in the Artifact Studio.

   Refer to the Artifact Studio guide for detailed guidance on how to build pack bundles and verify the integrity of the downloaded files.

3. Download the pack bundles to your local machine. Each pack is downloaded in .zst format.

4. Log in to the Local UI of the leader host of the Palette VerteX management cluster. By default, Local UI is accessible at https://<node-ip>:5080. Replace <node-ip> with the IP address of the leader host.

5. From the left main menu, click Content.

6. Click Actions in the top right and select Upload Content from the drop-down menu.

7. Click the upload icon to open the file selection dialog and select the downloaded pack ZST files from your local machine. You can select multiple files at once. Alternatively, you can drag and drop the files into the upload area.

   The upload process starts automatically once the files are selected. You can monitor the upload progress in the Upload Content dialog.

   Wait for the File(s) uploaded successfully confirmation message or the green check mark to appear next to the upload progress bar.

8. Log in to the Palette VerteX system console.

9. From the left main menu, select Administration, and then select the Pack Registries tab.

10. Select the three-dot menu for the OCI Pack Registry and click Sync.

Palette CLI Method

1. Navigate to the Artifact Studio through a web browser and log in. Under Create pack bundle, select Build bundle.

2. Select the Palette VerteX Appliance product on the Product selection step and build your pack bundles by following the prompts in the Artifact Studio.

   Refer to the Artifact Studio guide for detailed guidance on how to build pack bundles and verify the integrity of the downloaded files.

3. Download the pack bundles to your local machine. Each pack is downloaded in .zst format.

4. Open a terminal on your local machine and navigate to the directory where the downloaded pack bundles are located.

5. Use the Palette CLI to log in to the internal Zot registry. Replace <management-vip> with the VIP address of the Palette VerteX management cluster, <username> with your username, and <password> with your password. If you have changed the default port for the Zot registry, replace 30003 with the correct port number.

   palette content registry-login \
   --registry https://<management-vip>:30003 \
   --username <username> \
   --password <password>

6. Upload the pack bundles to the internal Zot registry using the Palette CLI. Replace <pack-zst> with your downloaded pack bundle file and <management-vip> with the VIP address of the Palette VerteX management cluster. If you have changed the default port or the base content path for the Zot registry, replace 30003 with the correct port number and spectro-content with the correct content path.

   If you are using regular TLS certificates, custom TLS certificates, or choosing to skip TLS, use the appropriate flags as shown in the following examples.

   Regular TLS Certificate

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <pack-zst>

   Custom TLS Certificate

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <pack-zst> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Skip TLS

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <pack-zst> \
   --insecure

   The following example output is expected when the upload is successful.

   Example Output

   ...
   INFO[0020] successfully copied all artifacts from local bundle /home/ubuntu/palette-cli/bin/tmp/bundle-extract/lb-metallb-helm-0.15.2 to remote bundle 10.11.12.13:30003/spectro-content/bundle-definition:bundle
   -----------------------------
   Push Summary
   -----------------------------
   local bundle bundle pushed to 10.11.12.13:30003/spectro-content

7. Log in to the Palette VerteX system console.

8. From the left main menu, select Administration, and then select the Pack Registries tab.

9. Select the three-dot menu for the OCI Pack Registry and click Sync.

External Registry

1. Navigate to the Artifact Studio through a web browser and log in. Under Create pack bundle, select Build bundle.

2. Select the Palette VerteX Appliance product on the Product selection step and build your pack bundles by following the prompts in the Artifact Studio.

   Refer to the Artifact Studio guide for detailed guidance on how to build pack bundles and verify the integrity of the downloaded files.

3. Download the pack bundles to your local machine. Each pack is downloaded in .zst format.

4. Open a terminal on your local machine and navigate to the directory where the downloaded pack bundles are located.

5. Use the Palette CLI to log in to your external registry. Replace <registry-dns-or-ip> with the DNS/IP address of your registry, <registry-port> with the port number of your registry (if applicable), <username> with your username, and <password> with your password.

   palette content registry-login \
   --registry https://<registry-dns-or-ip>:<registry-port> \
   --username <username> \
   --password <password>

6. Upload the pack bundles to your external registry using the Palette CLI. Replace <pack-zst> with your downloaded pack bundle file, <registry-dns-or-ip> with the DNS/IP address of your registry, and <registry-port> with the port number of your registry (if applicable). If you have changed the base content path from the default, replace spectro-content with the correct content path.

   If you are using regular TLS certificates, custom TLS certificates, or choosing to skip TLS, use the appropriate flags as shown in the following examples.

   Regular TLS Certificate

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <pack-zst>

   Custom TLS Certificate

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <pack-zst> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Skip TLS

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <pack-zst> \
   --insecure

   The following example output is expected when the upload is successful.

   Example Output

   ...
   INFO[0020] successfully copied all artifacts from local bundle /home/ubuntu/palette-cli/bin/tmp/bundle-extract/lb-metallb-helm-0.15.2 to remote bundle external.registry.com/spectro-content/bundle-definition:bundle
   -----------------------------
   Push Summary
   -----------------------------
   local bundle bundle pushed to external.registry.com/spectro-content
   tip

   Be aware of the timeout period for the authentication token. If the authentication token expires, you will need to re-authenticate to the OCI registry and restart the upload process.

7. Log in to the Palette VerteX system console.

8. From the left main menu, select Administration, and then select the Pack Registries tab.

9. Select the three-dot menu for your external registry and click Sync.

Validate

Internal Zot Registry

1. Log in to the Local UI of the leader host of the Palette VerteX management cluster.

2. From the left main menu, click Content.

3. Enter the filename of the uploaded pack in the Filter by name search bar. The pack should appear in the table below. You can repeat this step for each pack you uploaded.

External Registry

1. Check that the packs have been successfully uploaded to your external registry using the Palette CLI. Replace <registry-dns-or-ip> with the DNS/IP address of your registry, <registry-port> with the port number of your registry (if applicable), and <image-repository> with the name of the image repository. If you have changed the base content path from the default, replace spectro-content with the correct content path.

   If you are using custom TLS certificates or choosing to skip TLS, use the appropriate flags as shown in the following examples.

   Custom TLS Certificate

   palette content list \
   --repo <registry-dns-or-ip>:<registry-port>/spectro-content/<image-repository> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Skip TLS

   palette content list \
   --repo <registry-dns-or-ip>:<registry-port>/spectro-content/<image-repository> \
   --insecure

2. Check that the pack images you uploaded are listed in the output as repositories with version tags.

   Example command

   palette content list \
   --repo external.registry.com/spectro-content/us-docker.pkg.dev/palette-images/packs/metallb/0.15.2/controller
   Example output

   Listing bundles
   external.registry.com/spectro-content/us-docker.pkg.dev/palette-images/packs/metallb/0.15.2/controller:v0.15.2

(Optional) Upload Third Party Packs

Follow the instructions to upload the Third Party packs to your Palette VerteX instance. The Third Party packs contain additional functionality and capabilities that enhance the Palette VerteX experience, such as backup and restore, configuration scanning, penetration scanning, SBOM scanning, and conformance scanning.

Prerequisites

• Access to the Artifact Studio to download the Third Party packs.

  tip

  If you do not have access to Artifact Studio, contact your Spectro Cloud representative or open a support ticket.

• If using the internal Zot registry, ensure you have access to the Local UI of the leader node of the Palette VerteX management cluster. Also, verify that your local machine can access the Local UI, as airgapped environments may have strict network policies preventing direct access.

  • (Optional) The Palette CLI installed on your local machine if you prefer to use the command line for uploading packs. Refer to the Palette CLI guide for installation instructions.

• If using an external registry, the Palette CLI must be installed on your local machine to upload the content to the external registry. Refer to the Palette CLI guide for installation instructions.

  • Ensure your local machine has network access to the external registry server and you have the necessary permissions to push images to the registry.

Upload Packs

Internal Zot Registry

Local UI Method

1. Navigate to the Artifact Studio through a web browser and log in. Under Create pack bundle, select Build bundle.

2. Select the Palette VerteX Appliance product on the Product selection step and select your current version on the Version selection step.

3. On the Use case step, select the Add-on only option.

4. On the Configure bundle step, enter Palette Third Party in the Search packs field and click Search. Alternatively, you can find the packs in the thirdparty category.

   Click the checkbox next to the Palette Third Party and Palette Third Party Conformance packs to select them, and click Next Step.

5. On the Review and download step, click the I'm not a robot reCAPTCHA checkbox, and then click the Download bundle button to begin the download. Alternatively, you can click the Copy all URLs button to copy the download URLs to your clipboard.

   Wait until the packs have been downloaded to your local machine. The packs are downloaded in .zst format alongside a signature file in sig.bin format.

   tip

   Refer to the Artifact Studio guide for detailed guidance on how to verify the integrity of the downloaded files using the provided signature file.

6. Log in to the Local UI of the leader host of the Palette VerteX management cluster. By default, Local UI is accessible at https://<node-ip>:5080. Replace <node-ip> with the IP address of the leader host.

7. From the left main menu, click Content.

8. Click Actions in the top right and select Upload Content from the drop-down menu.

9. Click the upload icon to open the file selection dialog and select the Third Party ZST files from your local machine. Alternatively, you can drag and drop the files into the upload area.

   The upload process starts automatically once the files are selected. You can monitor the upload progress in the Upload Content dialog.

   Wait for the File(s) uploaded successfully confirmation message or the green check mark to appear next to the upload progress bar.

10. Log in to the Palette VerteX system console.

11. From the left main menu, select Administration, and then select the Pack Registries tab.

12. Select the three-dot menu for the OCI Pack Registry and click Sync.

Palette CLI Method

1. Navigate to the Artifact Studio through a web browser and log in. Under Create pack bundle, select Build bundle.

2. Select the Palette VerteX Appliance product on the Product selection step and select your current version on the Version selection step.

3. On the Use case step, select the Add-on only option.

4. On the Configure bundle step, enter Palette Third Party in the Search packs field and click Search. Alternatively, you can find the packs in the thirdparty category.

   Click the checkbox next to the Palette Third Party and Palette Third Party Conformance packs to select them, and click Next Step.

5. On the Review and download step, click the I'm not a robot reCAPTCHA checkbox, and then click the Download bundle button to begin the download. Alternatively, you can click the Copy all URLs button to copy the download URLs to your clipboard.

   Wait until the packs have been downloaded to your local machine. The packs are downloaded in .zst format alongside a signature file in sig.bin format.

   tip

   Refer to the Artifact Studio guide for detailed guidance on how to verify the integrity of the downloaded files using the provided signature file.

6. Open a terminal on your local machine and navigate to the directory where the Third Party ZST files are located.

7. Use the Palette CLI to log in to the internal Zot registry. Replace <management-vip> with the VIP address of the Palette VerteX management cluster, <username> with your username, and <password> with your password. If you have changed the default port for the Zot registry, replace 30003 with the correct port number.

   palette content registry-login \
   --registry https://<management-vip>:30003 \
   --username <username> \
   --password <password>

8. Upload the packs to the internal Zot registry using the Palette CLI. Replace <third-party-zst> and <third-party-conformance-zst> with your downloaded Third Party pack ZST files and <management-vip> with the VIP address of the Palette VerteX management cluster. If you have changed the default port or the base content path for the Zot registry, replace 30003 with the correct port number and spectro-content with the correct content path.

   If you are using regular TLS certificates, custom TLS certificates, or choosing to skip TLS, use the appropriate flags as shown in the following examples.

   Regular TLS Certificate

   Upload Third Party Pack with Regular TLS Certificate

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <third-party-zst>

   Upload Third Party Conformance Pack with Regular TLS Certificate

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <third-party-conformance-zst>

   Custom TLS Certificate

   Upload Third Party Pack with Custom TLS Certificate

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <third-party-zst> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Upload Third Party Conformance Pack with Custom TLS Certificate

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <third-party-conformance-zst> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Skip TLS

   Upload Third Party Pack skipping TLS

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <third-party-zst> \
   --insecure

   Upload Third Party Conformance Pack skipping TLS

   palette content push \
   --registry <management-vip>:30003/spectro-content \
   --file <third-party-conformance-zst> \
   --insecure

   The following example output is expected when an upload is successful.

   Example Output

   ...
   INFO[0020] successfully copied all artifacts from local bundle /home/ubuntu/palette-cli/bin/tmp/bundle-extract/palette-thirdparty-bundle-4.7.3 to remote bundle 10.11.12.13:30003/spectro-content/bundle-definition:bundle
   -----------------------------
   Push Summary
   -----------------------------
   local bundle bundle pushed to 10.11.12.13:30003/spectro-content

9. Log in to the Palette VerteX system console.

10. From the left main menu, select Administration, and then select the Pack Registries tab.

11. Select the three-dot menu for the OCI Pack Registry and click Sync.

External Registry

1. Navigate to the Artifact Studio through a web browser and log in. Under Create pack bundle, select Build bundle.

2. Select the Palette VerteX Appliance product on the Product selection step and select your current version on the Version selection step.

3. On the Use case step, select the Add-on only option.

4. On the Configure bundle step, enter Palette Third Party in the Search packs field and click Search. Alternatively, you can find the packs in the thirdparty category.

   Click the checkbox next to the Palette Third Party and Palette Third Party Conformance packs to select it, and click Next Step.

5. On the Review and download step, click the I'm not a robot reCAPTCHA checkbox, and then click the Download bundle button to begin the download. Alternatively, you can click the Copy all URLs button to copy the download URLs to your clipboard.

   Wait until the packs have been downloaded to your local machine. The packs are downloaded in .zst format alongside a signature file in sig.bin format.

   tip

   Refer to the Artifact Studio guide for detailed guidance on how to verify the integrity of the downloaded files using the provided signature file.

6. Open a terminal on your local machine and navigate to the directory where the Third Party ZST files are located.

7. Use the Palette CLI to log in to your external registry. Replace <registry-dns-or-ip> with the DNS/IP address of your registry, <registry-port> with the port number of your registry (if applicable), <username> with your username, and <password> with your password.

   palette content registry-login \
   --registry https://<registry-dns-or-ip>:<registry-port> \
   --username <username> \
   --password <password>

8. Upload the packs to your external registry using the Palette CLI. Replace <registry-dns-or-ip> with the DNS/IP address of your registry and <registry-port> with the port number of your registry (if applicable). If you have changed the base content path from the default, replace spectro-content with the correct content path.

   If you are using regular TLS certificates, custom TLS certificates, or choosing to skip TLS, use the appropriate flags as shown in the following examples.

   Regular TLS Certificate

   Upload Third Party Pack with Regular TLS Certificate

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <third-party-zst>

   Upload Third Party Conformance Pack with Regular TLS Certificate

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <third-party-conformance-zst>

   Custom TLS Certificate

   Upload Third Party Pack with Custom TLS Certificate

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <third-party-zst> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Upload Third Party Conformance Pack with Custom TLS Certificate

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <third-party-conformance-zst> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Skip TLS

   Upload Third Party Pack skipping TLS

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <third-party-zst> \
   --insecure

   Upload Third Party Conformance Pack skipping TLS

   palette content push \
   --registry <registry-dns-or-ip>:<registry-port>/spectro-content \
   --file <third-party-conformance-zst> \
   --insecure

   The following example output is expected when an upload is successful.

   Example Output

   ...
   INFO[0287] successfully copied all artifacts from local bundle /root/tmp/bundle-extract/palette-thirdparty-bundle-4.7.0 to remote bundle external.registry.com/spectro-content/bundle-definition:palette-thirdparty-bundle-4.7.0
   -----------------------------
   Push Summary
   -----------------------------
   local bundle palette-thirdparty-bundle-4.7.0 pushed to external.registry.com/spectro-content
   tip

   Be aware of the timeout period for the authentication token. If the authentication token expires, you will need to re-authenticate to the OCI registry and restart the upload process.

9. Log in to the Palette VerteX system console.

10. From the left main menu, select Administration, and then select the Pack Registries tab.

11. Select the three-dot menu for your external registry and click Sync.

Validate

Internal Zot Registry

1. Log in to the Local UI of the leader host of the Palette VerteX management cluster. By default, Local UI is accessible at https://<node-ip>:5080. Replace <node-ip> with the IP address of the leader host.

2. From the left main menu, click Content.

3. Enter the filename of each Third Party pack in the Filter by name search bar. The packs should appear in the table.

External Registry

1. Check that the packs have been successfully uploaded to your external registry using the Palette CLI. Replace <registry-dns-or-ip> with the DNS/IP address of your registry, <registry-port> with the port number of your registry (if applicable), and <image-repository> with the name of the image repository. If you have changed the base content path from the default, replace spectro-content with the correct content path.

   If you are using custom TLS certificates or choosing to skip TLS, use the appropriate flags as shown in the following examples.

   Custom TLS Certificate

   palette content list \
   --repo <registry-dns-or-ip>:<registry-port>/spectro-content/<image-repository> \
   --ca-cert <path-to-ca-cert> \
   --tls-cert <path-to-tls-cert> \
   --tls-key <path-to-tls-key>

   Skip TLS

   palette content list \
   --repo <registry-dns-or-ip>:<registry-port>/spectro-content/<image-repository> \
   --insecure

2. Check that the Third Party images you uploaded are listed in the output as repositories with version tags.

   Example command

   palette content list \
   --repo external.registry.com/spectro-content/sonobuoy/sonobuoy
   Example output

   Listing bundles
   harbor.teams.spectrocloud.com/docs-private/sonobuoy/sonobuoy:v0.57.1
   harbor.teams.spectrocloud.com/docs-private/sonobuoy/sonobuoy:v0.57.2

Next Steps

The following actions are recommended after installing Palette VerteX to ensure your environment is ready for use:

• Assign your SSL certificates to Palette VerteX. Palette VerteX is installed with a self-signed SSL certificate. To assign a different SSL certificate, upload the certificate, key, and certificate authority files to Palette VerteX. You can upload the files using the system console. Refer to the Configure HTTPS Encryption page for instructions on how to upload the SSL certificate files to Palette VerteX.

• Create a tenant in Palette VerteX to host your users. Refer to the Create a Tenant guide for instructions on how to create a tenant in Palette VerteX.

• Activate your Palette VerteX installation before the trial mode expires. Refer to the Activate Installation guide for instructions on how to activate your installation.

• Create additional system administrator accounts and assign roles to users in the system console. Refer to the Account Management guide for instructions on how to manage user accounts and roles in Palette VerteX.

• Configure SMTP settings to enable email notifications and password recovery. Refer to the Configure SMTP Settings guide for instructions on how to configure SMTP settings in Palette VerteX.

For all system management options in Palette VerteX, refer to the System Management guide.