Skip to content

Palette Management Appliance

The Palette Management Appliance (PMA) is a self-hosted VM that provides the Palette management plane, including the UI, API, and an internal container registry. In an air-gapped deployment, the PMA is the single source of truth for all cluster management and container images.

VM Specifications

Resource Requirement
vCPU 10
RAM 20 GB
Disk 1 (OS) 300 GB
Disk 2 (Storage Pool) 500 GB
Boot Mode Legacy (CSM)
Network 1 NIC on VLAN 111 subnet
VIP 10.25.232.155 (same subnet as node IP)
Node IP 10.25.232.252

VM vs Bare Metal

The PMA runs as a VM on existing Toyota infrastructure. It does not consume one of the 3 bare-metal POC nodes. The VM was provisioned by Ramana prior to the POC start.

Step 1: Download ISO and Content Bundle

Download both artifacts from Artifact Studio on an internet-connected machine.

  1. Navigate to https://artifact-studio.spectrocloud.com
  2. Log in with credentials:
    • Username: spectro
    • Password: mV715z##spPSJC
  3. Select Install Palette Enterprise
  4. Choose version 4.8.51
  5. Click Show Artifacts
  6. Download:
    • Palette Management Appliance ISO (~22 GB)
    • Content Bundle (select "including Ubuntu") -- contains all pack images

Transfer to Air-Gap

The ISO and content bundle must be transferred to the air-gapped environment via USB drive, out-of-band management, or other approved file transfer method. The ISO alone is ~22GB.

Step 2: Upload ISO to VM Datastore

Upload the Palette ISO to the hypervisor datastore so it can be mounted as a virtual CD/DVD drive on the PMA VM.

Step 3: Boot from ISO

  1. Mount the Palette ISO as a virtual CD/DVD drive on the PMA VM
  2. Set boot order to CD/DVD first
  3. Power on the VM
  4. GRUB will auto-select "Palette Edge Interactive Installer"
  5. Select the target disk for OS installation (the 300GB disk)

The installer will write the Palette OS to the selected disk. This takes approximately 5-10 minutes.

Step 4: Set Credentials

When prompted during installation:

  1. Enter a username for Local UI and SSH access
  2. Enter a password (must meet complexity requirements)
  3. Confirm the password

Wait approximately 15 minutes for the installation to complete. The VM will reboot automatically.

Step 5: Configure Networking

After the first reboot, configure networking through the TUI (Text User Interface):

Parameter Value
IP Address 10.25.232.252
Subnet Mask 255.255.255.0 (/24)
Gateway 10.25.232.254 (or appropriate gateway)
DNS Server 10.213.129.245
NTP Server 10.53.12.18
VLAN ID 111 (if required at node level)

Step 6: Access Local UI

  1. Open a browser and navigate to https://10.25.232.252:5080
  2. Accept the self-signed certificate warning
  3. Log in with the credentials set in Step 4
  4. Verify the node status shows Ready

The Local UI (port 5080) is the node-level management console. It is used for initial setup only.

Step 7: Create Palette Cluster

From the Local UI:

  1. Navigate to Cluster --> Create
  2. Provide a cluster name and optional tags
  3. Configure the cluster settings:
    • Set the VIP to 10.25.232.155
    • Configure NTP, DNS, and network settings
  4. Click Create

The Palette management cluster will deploy on the single VM node. This takes approximately 20-30 minutes.

Step 8: Access Palette System Console

Once the management cluster is running:

  1. Navigate to https://10.25.232.155/system
  2. Log in with default credentials: admin / admin
  3. Change the admin password immediately
  4. Configure system settings as needed

Change Default Password

The default admin/admin credentials must be changed on first login. This is a security requirement.

Step 9: Upload Content Bundles

Upload the content bundle (.zst) files downloaded in Step 1:

  1. In the Local UI (https://10.25.232.252:5080), navigate to Content --> Upload
  2. Upload each .zst file
  3. Wait for the upload and extraction to complete

There are 9 .zst files in total. Each file contains container images for specific packs and components.

Upload Port

Content bundles are uploaded to the PMA's internal registry via the Local UI on port 5080. Once uploaded, the images are served to cluster nodes via the internal registry on port 30003.

Step 10: Sync Pack Registry

After all content bundles are uploaded:

  1. In Palette System Console (https://10.25.232.155/system), navigate to Administration --> Pack Registries
  2. Click Sync to trigger a registry synchronization
  3. Verify that all packs appear in the registry list

Then complete tenant setup:

  1. Create a new Tenant for the Toyota POC
  2. Activate the tenant
  3. Add admin user accounts for Toyota team members
  4. Log in to the tenant console at https://10.25.232.155/

Post-Install Validation

After completing all steps, verify the following:

Check Expected Result How to Verify
PMA node health Ready, Running Local UI --> Node status
Palette cluster Running System Console --> Clusters
VIP accessible HTTPS on 443 responds Browser: https://10.25.232.155
Internal registry Port 30003 accessible curl -k https://10.25.232.155:30003/v2/
Pack registry All packs synced Palette --> Profiles --> available packs
Content bundles All 9 .zst uploaded Local UI --> Content
Admin password Changed from default System Console login

Architecture After PMA Install

graph TB
    subgraph PMA["Palette Management Appliance"]
        SYS["System Console<br/>:443/system"]
        TEN["Tenant Console<br/>:443"]
        LUI["Local UI<br/>:5080"]
        REG["Internal Registry<br/>:30003"]
    end

    ADMIN["Admin Browser"] -->|HTTPS| SYS
    ADMIN -->|HTTPS| TEN
    ADMIN -->|HTTPS| LUI

    subgraph FUTURE["Next: Bare Metal Nodes"]
        N1["STG-WAHVP004"]
        N2["STG-WAHVP005"]
        N3["STG-WAHVP006"]
    end

    FUTURE -->|"TCP 443<br/>Registration"| PMA
    FUTURE -->|"TCP 30003<br/>Image Pull"| REG