Reinstall an Edge site

Updated: January 6, 2026

Important

Choose an option below to explore the documentation for the latest user interface (UI) or the classic UI.

Latest UI Classic UI

You always reinstall an Edge site by restoring a backup of that Edge site. Reinstallation may be necessary to resolve an issue or to upgrade the software included in the Edge site installer.

This process is certified for restoring an Edge site to the Collibra environment on which the site was originally created, for example, restoring Development to Development or Production to Production. The process is not certified or tested for promoting an Edge site migration from one environment to another, for example, from Development to Production. These types of migrations require the reinstallation of the Edge application each time the migration is promoted.

Warning If you have existing connections, we recommend backing up your site and reinstalling the site from the backup. If you reinstall the Edge site without a backup and the Edge site is unhealthy, you must delete the Edge site key and manually re-enter passwords, encrypted text parameters, and any file parameters in each connection to restore full functionality.

Prerequisites

You have a global role with the Install Edge sites and the User Administration global permission, for example Edge site administrator.
You have a previous Edge site installation.
You configured the forward proxy, if a forward proxy is required for Edge to connect to Collibra, Datadog, OpenTelemetry and jFrog. Contact your network administrator if this is applicable.
Your server meets all system requirements.

Steps

Back up your current Edge site.
On the server that runs your Edge site, run the following command:
Copy
```
sudo ./edgecli recovery backup
```
Note By default, the backup is generated in the current working directory. If you want to specify where the backup is generated, add the following flag to the command: --path <backup>.
Edge creates a backup of your Edge site in the selected folder of the command.
If you are reusing the same server as your old Edge site:
1. Go to the /resources/tools directory where the uninstall-edge.sh script is located, and run the following command to uninstall the old installation:
  Copy
```
uninstall-edge.sh --remove-local-data
```
  Note You can run the command from any location if you specify the location of the uninstall script: {uncompressed_installer_directory}/resources/tools/uninstall-edge.sh --remove-local-data
  Example /home/user/centos/installer/resources/tools/uninstall-edge.sh --remove-local-data
2. Recreate the Linux disk mount for the /var/lib/rancher/k3s directory.
  1. Create /var/lib/rancher/k3s with mkdir -p /var/lib/rancher/k3s
  2. Mount the disk with "mount -a"
  3. Delete the contents with rm -rf /var/lib/rancher/k3s/*
  Note This is the default installation path. If it is not created as a separate mount point after following the steps above, the installation will use 50 GB of disk space from either /var, or if not present, the root level of the drive.
Redownload the installer.
Important This is a new, single-use installer for your Edge site. The previous installer will no longer work.
1. Go to the Edge site page in your Edge environment.
2. Click ActionsSite Actions.
3. Click Redownload Installer.
4. Review and check the required acknowledgment checkbox.
5. Click DownloadDownload Installer.
6. Save the new installer to your server where the old installer was saved.
Extract the downloaded installer to an empty folder.
Copy
```
tar -xf installer-<edge-site-id>.tgz
```
Note
- Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
- Ensure the directory is not mounted as noexec before you run scripts or executable files. If a directory is mounted as noexec, scripts and executable files can't be run within the directory.

Reinstall using the new installer with the backup option, including any additional installation scripts:

Copy

sudo sh install-master.sh -r registries.yaml -b <backup_path>

Show me the k3s install script flags…

Flag	Description
`--proxy`	If you are using a forward proxy, add this flag to the installation prerequisite script. Note If your proxy properties are not in the default proxy.properties file in the root of the installer, you must add the file path the installation prerequisite script. For example: `--proxy temp/proxy/proxyproperties`
`--ca`	Add this flag to use a custom certificate, such as for a forward man-in-the-middle proxy. Note If your custom certificate are not in the default ca.pem file in the root of the installer, you must add the file path the installation prerequisite script. For example: `--ca temp/certs` You can also use this flag to add a custom certificate for data sources. More information… Your data source may require the injection of a custom certificate in order to connect with your Edge site. This custom certificate is typically signed by a private, untrusted Certificate Authority, and therefore must be added to your Edge site truststore. As you may not have a list of all required certificates at the time of installation, we recommend the `sudo ./edgecli config ca merge --path` command shown in the Edge CLI topic. The process functions as follows: Edge and the data source connect using the data source certificate. Edge communicates the data source metadata to your Collibra Platform using a Collibra certified certificate.
Private container image registry	Use these flags if you want to install your Edge site with a private container image registry to store and manage the container images included in an Edge site installation.
`--registry-url <registry-url>`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-user <registry-user>`	Your registry account username. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-pass <registry-pass>`	Your registry account password. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
Private Helm registry	Use the following flags if you want to install your Edge site with a private Helm registry, which stores and manage the Helm charts included in an Edge site installation.
`--helm-url <helm-registry-url`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-user <helm-registry-user>`	Your registry account username. This may look different depending on your authentication method, for example: Username Token name Service principal ID JSON key For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-pass <helm-registry-pass>`	Your registry account password. This may look different depending on your authentication method, for example: Password Token password Service principal secret Path to JSON file For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--user-id <user_id>`	Add this flag to run all of your Edge site pods and containers with a specific user ID (UID).
`--group-id <group_id>`	Add this flag to run all of your Edge site pods and containers with a specific group ID (GID).

Tip

What is your Edge site installation method?

Edge CLI (recommended)Helm Chart

Which Edge CLI method do you want to use?

Default (recommended)Restrictive

The default Edge CLI method automatically creates the required cluster level objects, such as namespaces and priority classes, for you. This reduces manual configuration and ensures your Edge site meets the cluster level requirements.

Prerequisites

You have a global role with the Install Edge sites and the User Administration global permission, for example Edge site administrator.
You have a previous Edge site installation.
You configured the forward proxy, if a forward proxy is required for Edge to connect to Collibra, Datadog, OpenTelemetry and jFrog. Contact your network administrator if this is applicable.
Your server meets all system requirements.
You will reinstall your Edge site on a supported Kubernetes cluster.
You must have admin level access to your the Kubernetes cluster where you want to install your Edge site.

Steps

Redownload the installer and save it on your Linux server that has kubectl access to the k8s cluster.
Important This is a new, single-use installer for your Edge site. The previous installer will no longer work.
1. Go to the Edge site page in your Edge environment.
2. Click ActionsSite Actions.
3. Click Redownload Installer.
4. Review and check the required acknowledgment checkbox.
5. Click DownloadDownload Installer.
6. Save the new installer to your server where the old installer was saved.
Note This is a new installer for your Edge site. The previous installer no longer works.
Extract the downloaded installer to an empty folder.
Copy
```
tar -xf installer-<edge-site-id>.tgz
```
Note
- Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
- Ensure the directory is not mounted as noexec before you run scripts or executable files. If a directory is mounted as noexec, scripts and executable files can't be run within the directory.
Use the Edge uninstall command, depending on your Edge site installation method, to uninstall the old installation. If you used a custom namespace, you must add -n <my-namespace> to the command, replacing <my-namespace> with your custom Edge site namespace.
Note
- By default, the backup file name is in the following format: edge-backup-SITE_ID-YYYYMMDD-HHMMSS.yaml. However, if you want to specify where your backup is stored, add the --path=/tmp/edge/backup flag to the uninstall command:
  Show me an example
  Copy
  ./edgecli uninstall --path=/tmp/edge/backup/mybackup.yaml
- If you don't want a backup to be taken, you can add the --no-backup flag to the command.
  However, we strongly recommend you take a backup of your Edge site if you plan to reinstall it. If you don't create a backup of your Edge site, and then later try to reinstall it, your site will be unhealthy and you will need to manually re-enter all of your connection credentials.
- With terminal logging:
  Copy
```
./edgecli uninstall
```
- With terminal and file logging:
```
./edgecli uninstall 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"
```
Set the EDGE_INSTALLER_PATH environment variable to the path of the root of the new extracted installer.
Example…
1. Go to the extracted installer and run pwd.The result should look similar to this:
  /path/to/installer/installer-111e8a59-b842-4f57-970c-32aa72000598
2. Set the environment variable to the result:
  export EDGE_INSTALLER_PATH=/path/to/installer/installer-111e8a59-b842-4f57-970c-32aa72000598
Run the following command to confirm that the Kubeconfig environment variable has been set to a valid kubeconfig:
Copy
```
echo $KUBECONFIG 
```
If you intend to have multiple Edge sites in your Kubernetes cluster, you must give each Edge site a unique namespace.
How to create a unique namespace…
1. Copy the following command, replacing <my-namespace> with a unique name for the namespace:
  Copy
  apiVersion: v1 kind: Namespace metadata: labels: pod-security.kubernetes.io/enforce: baseline pod-security.kubernetes.io/enforce-version: v1.27 name: <my-namespace>
2. Store this copied yaml into a new file called collibra-edge-ns.yaml.
3. Create the namespace using kubectl:
  Copy
  kubectl apply -f collibra-edge-ns.yaml <my-namespace>
Note Throughout the remaining installation steps, add this new namespace to the provided commands.

If you are using an Openshift cluster, deploy Security Context Constraints (SCC) which provide Edge service accounts with the required permissions.

How to create and install security constraints…

Create the SCC file, for example, edge-scc-minimal.yaml, and paste the following information into it:

Copy

apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
  name: edge-scc-documented
allowHostDirVolumePlugin: false
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowPrivilegeEscalation: false
allowPrivilegedContainer: false
allowedCapabilities: []
allowedUnsafeSysctls: []
defaultAddCapabilities: []
fsGroup:
  type: MustRunAs
priority: null
readOnlyRootFilesystem: true
requiredDropCapabilities: []
runAsUser:
  type: MustRunAs
  uid: 1000
seLinuxContext:
  type: MustRunAs
  seLinuxOptions:
    level: "s0"
    role: "system_r"
    type: "container_t"
    user: "system_u"
seccompProfiles:
  - 'runtime/default'
supplementalGroups:
  type: MustRunAs
# who can use it
users: []
groups: [system:authenticated]

Create the SCC-role file, for example, edge-scc-role-minimal.yaml, and paste the following information into it:

Copy

# File: edge-scc-role-minimal.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: edge-scc-minimal
rules:
- apiGroups:
  - security.openshift.io
  resourceNames:
  - edge-scc-minimal
  resources:
  - securitycontextconstraints
  verbs:
  - use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: edge-scc-minimal
subjects:
- kind: Group
  name: system:serviceaccounts
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: edge-scc-minimal
  apiGroup: rbac.authorization.k8s.io

Deploy both the SCC and SCC-role files:

Copy

kubectl apply -f edge-scc-minimal.yaml
kubectl apply -f edge-scc-role-minimal.yaml -n <my-namespace>

On the machine connected to Kubernetes, use one of the following commands to reinstall the Edge site using the new installer, backup, and any installation flag applied to the previous setup. To see a full list of available installation flags, run the edgecli install--help command in the Edge CLI:

Show me the additional installation flags

Use these flags to configure your reinstallation for your organization's setup, such as if you use a forward proxy or private registry. To apply a flag, add it to the ./edgecli install -b backup.yaml command.

Example

./edgecli install -b backup.yaml
     --is-openshift
     --registry-url https://private-docker.registry.com 
     --registry-user user1 
     --registry-pass pass12

Flag	Description
`-n <my-namespace>`	If you created a custom namespace, add `-n <my-namespace>` to the command. For example: `./edgecli install -n <my-namespace>`
`--proxy`	If you are using a forward proxy, add this flag to the installation prerequisite script. Note If your proxy properties are not in the default proxy.properties file in the root of the installer, you must add the file path the installation prerequisite script. For example: `--proxy temp/proxy/proxyproperties`
`--ca`	Add this flag to use a custom certificate, such as for a forward man-in-the-middle proxy. Note If your custom certificate are not in the default ca.pem file in the root of the installer, you must add the file path the installation prerequisite script. For example: `--ca temp/certs` You can also use this flag to add a custom certificate for data sources. More information Some data sources require a custom certificat to connect to Edge. If a private Certificate Authority signed the certificate, add it to the Edge site truststore. As you may not have a list of all required certificates at the time of installation, we recommend the `./edgecli config ca merge --path` command shown in the Edge CLI topic. The process functions as follows: Edge and the data source connect using the data source certificate. Edge communicates the data source metadata to your Collibra Platform using a Collibra certified certificate.
`--is-openshift`	Add this flag for OpenShift clusters to deploy Security Context Constraints (SCC). SCC provide the required permissions to the Edge service accounts.
`--disable-otel`	Add this flag to disable OpenTelemetry. Your metrics and logs will no longer be sent to Edge.
Private container image registry	Use these flags if you want to install your Edge site with a private container image registry to store and manage the container images included in an Edge site installation.
`--registry-url <registry-url>`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-user <registry-user>`	Your registry account username. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-pass <registry-pass>`	Your registry account password. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
Private Helm registry	Use the following flags if you want to install your Edge site with a private Helm registry, which stores and manage the Helm charts included in an Edge site installation.
`--helm-url <helm-registry-url`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-user <helm-registry-user>`	Your registry account username. This may look different depending on your authentication method, for example: Username Token name Service principal ID JSON key For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-registry-pass <helm-pass>`	Your registry account password. This may look different depending on your authentication method, for example: Password Token password Service principal secret Path to JSON file For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--user-id <user_id>`	Add this flag to run all of your Edge site pods and containers with a specific user ID (UID).
`--group-id <group_id>`	Add this flag to run all of your Edge site pods and containers with a specific group ID (GID).
`--unset-run-as-ids`	Add this flag for OpenShift clusters to run all of your Edge site pods and containers from random UIDs and GIDs,
`--no-priority-class-install`	Warning Don't skip priority class configuration unless you have an experienced Kubernetes engineer in your organization, as doing so may result in Edge site failures. Add this flag to skip installing priority classes. Running this flag sets all Edge site pods to the default priority (0).
`--use-custom-priority-class`	Warning Don't configure custom priority classes unless you have an experienced Kubernetes engineer in your organization, as doing so may result in Edge site failures. Add this flag and the following `--set` flags to configure custom priority classes for your Edge site pods: `--set global.priorityClassName.platform=<priority>`: This flags sets the custom priority class name for Edge platform pods. This should be the highest priority class in Edge. `--set global.priorityClassName.application=<priority>`: This flag sets the custom priority class name for Edge application pods. This should be the second highest priority class in Edge. `--set global.priorityClassName.job=<priority>`:This flag sets the custom priority class name for Edge job pods. This should be the third highest priority class in Edge. Show an example `--set global.priorityClassName.platform=critical-priority --set global.priorityClassName.application=high-priority --set global.priorityClassName.job=low-priority`
`--b <backup-file`	Add this flag if you have a backup you want to use to restore an Edge site.

With terminal logging, which only saves the output to the terminal:
Copy
```
./edgecli install -b <backup-file-path>
```
With terminal and file logging, which saves the output both to the terminal and a separate file. This file will be saved in the current directory with the naming format: edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log:
Copy
```
./edgecli install -b <backup-file-path> 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"
```

Warning Do not exclude -b <backup-file-path> from this command. If you exclude -b <backup-file-path> from the command, your Edge site will be reinstalled without your backup and previous configurations, such as passwords, encrypted text parameters, and any file parameters in each connection. Additionally, you will not be able to use that backup in any future reinstallations.

Run the following command to verify the status of the reinstallation.
Copy
```
kubectl get pods -n <my-namespace>
```

The restrictive Edge CLI method allows you to create the required cluster-level objects like namespaces and priority classes. Use this method if your organization has strict security requirements that prevent Edge from creating these objects automatically.

Prerequisites

You have a global role with the Install Edge sites and the User Administration global permission, for example Edge site administrator.
You have a previous Edge site installation.
You configured the forward proxy, if a forward proxy is required for Edge to connect to Collibra, Datadog, OpenTelemetry and jFrog. Contact your network administrator if this is applicable.
Your server meets all system requirements.
You will reinstall your Edge site on a supported Kubernetes cluster.
You must have namespace level access to the Kubernetes cluster where you want to install your Edge site.

Steps

Redownload the installer and save it on your Linux server that has kubectl access to the k8s cluster.
Important This is a new, single-use installer for your Edge site. The previous installer will no longer work.
1. Go to the Edge site page in your Edge environment.
2. Click ActionsSite Actions.
3. Click Redownload Installer.
4. Review and check the required acknowledgment checkbox.
5. Click DownloadDownload Installer.
6. Save the new installer to your server where the old installer was saved.
Note This is a new installer for your Edge site. The previous installer no longer works.
Extract the downloaded installer to an empty folder.
How to extract the installer...
Copy
tar -xf installer-<edge-site-id>.tgz
Note
Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
Ensure the directory is not mounted as noexec before you run scripts or executable files. If a directory is mounted as noexec, scripts and executable files can't be run within the directory.
Use the Edge uninstall command, depending on your Edge site installation method, to uninstall the old installation. If you used a custom namespace, you must add -n <my-namespace> to the command, replacing <my-namespace> with your custom Edge site namespace.
Note
- By default, the backup file name is in the following format: edge-backup-SITE_ID-YYYYMMDD-HHMMSS.yaml. However, if you want to specify where your backup is stored, add the --path=/tmp/edge/backup flag to the uninstall command:
  Show me an example
  Copy
  ./edgecli uninstall --path=/tmp/edge/backup/mybackup.yaml
- If you don't want a backup to be taken, you can add the --no-backup flag to the command.
  However, we strongly recommend you take a backup of your Edge site if you plan to reinstall it. If you don't create a backup of your Edge site, and then later try to reinstall it, your site will be unhealthy and you will need to manually re-enter all of your connection credentials.
- With terminal logging:
  Copy
```
./edgecli uninstall
```
- With terminal and file logging:
```
./edgecli uninstall 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"
```
Set the EDGE_INSTALLER_PATH environment variable to the path of the root of the extracted installer.
Example…
1. Go to the extracted installer and run pwd.The result should look similar to this:
  /path/to/installer/installer-111e8a59-b842-4f57-970c-32aa72000598
2. Set the environment variable to the result:
  export EDGE_INSTALLER_PATH=/path/to/installer/installer-111e8a59-b842-4f57-970c-32aa72000598
Run the following command to confirm that the Kubeconfig environment variable has been set to a valid kubeconfig:
Copy
```
echo $KUBECONFIG  
```

Deploy cluster level objects:

Create the namespace for collibra-edge.
Note Clusters that have more than one Edge site installed must have unique namespaces.
1. Copy the following command, replacing <my-namespace> with a unique name for the namespace:
  Copy
```
apiVersion: v1
kind: Namespace
metadata:
  labels:
    pod-security.kubernetes.io/enforce: baseline
    pod-security.kubernetes.io/enforce-version: v1.27
    name: <my-namespace>
```
2. Store this copied yaml into a new file called collibra-edge-ns.yaml.
3. Create the namespace using kubectl:
  Copy
```
kubectl apply -f collibra-edge-ns.yaml
```
Note Throughout the remaining installation steps, replace <my-namespace> in the provided commands with this new namespace name. Example commands will have edge-namespace as an example namespace name.

For all cluster types, deploy priority classes:

Copy

kubectl apply -f resources/custom/priorityclass.yaml

If you are using an Openshift cluster, deploy Security Context Constraints (SCC) which provide Edge service accounts with the required permissions.

How to create and install security constraints…

Create the SCC file, for example, edge-scc-minimal.yaml, and paste the following information into it:

Copy

apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
  name: edge-scc-documented
allowHostDirVolumePlugin: false
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowPrivilegeEscalation: false
allowPrivilegedContainer: false
allowedCapabilities: []
allowedUnsafeSysctls: []
defaultAddCapabilities: []
fsGroup:
  type: MustRunAs
priority: null
readOnlyRootFilesystem: true
requiredDropCapabilities: []
runAsUser:
  type: MustRunAs
  uid: 1000
seLinuxContext:
  type: MustRunAs
  seLinuxOptions:
    level: "s0"
    role: "system_r"
    type: "container_t"
    user: "system_u"
seccompProfiles:
  - 'runtime/default'
supplementalGroups:
  type: MustRunAs
# who can use it
users: []
groups: [system:authenticated]

Create the SCC-role file, for example, edge-scc-role-minimal.yaml, and paste the following information into it:

Copy

# File: edge-scc-role-minimal.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: edge-scc-minimal
rules:
- apiGroups:
  - security.openshift.io
  resourceNames:
  - edge-scc-minimal
  resources:
  - securitycontextconstraints
  verbs:
  - use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: edge-scc-minimal
subjects:
- kind: Group
  name: system:serviceaccounts
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: edge-scc-minimal
  apiGroup: rbac.authorization.k8s.io

Deploy both the SCC and SCC-role files:

Copy

kubectl apply -f edge-scc-minimal.yaml
kubectl apply -f edge-scc-role-minimal.yaml -n <my-namespace>

Show me the additional installation flags

Example

./edgecli install -b backup.yaml
     --is-openshift
     --registry-url https://private-docker.registry.com 
     --registry-user user1 
     --registry-pass pass12

Flag	Description
`-n <my-namespace>`	If you created a custom namespace, add `-n <my-namespace>` to the command. For example: `./edgecli install -n <my-namespace>`
`--proxy`	If you are using a forward proxy, add this flag to the installation prerequisite script. Note If your proxy properties are not in the default proxy.properties file in the root of the installer, you must add the file path the installation prerequisite script. For example: `--proxy temp/proxy/proxyproperties`
`--ca`	Add this flag to use a custom certificate, such as for a forward man-in-the-middle proxy. Note If your custom certificate are not in the default ca.pem file in the root of the installer, you must add the file path the installation prerequisite script. For example: `--ca temp/certs` You can also use this flag to add a custom certificate for data sources. More information Some data sources require a custom certificat to connect to Edge. If a private Certificate Authority signed the certificate, add it to the Edge site truststore. As you may not have a list of all required certificates at the time of installation, we recommend the `./edgecli config ca merge --path` command shown in the Edge CLI topic. The process functions as follows: Edge and the data source connect using the data source certificate. Edge communicates the data source metadata to your Collibra Platform using a Collibra certified certificate.
`--is-openshift`	Add this flag for OpenShift clusters to deploy Security Context Constraints (SCC). SCC provide the required permissions to the Edge service accounts.
`--disable-otel`	Add this flag to disable OpenTelemetry. Your metrics and logs will no longer be sent to Edge.
Private container image registry	Use these flags if you want to install your Edge site with a private container image registry to store and manage the container images included in an Edge site installation.
`--registry-url <registry-url>`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-user <registry-user>`	Your registry account username. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-pass <registry-pass>`	Your registry account password. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
Private Helm registry	Use the following flags if you want to install your Edge site with a private Helm registry, which stores and manage the Helm charts included in an Edge site installation.
`--helm-url <helm-registry-url`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-user <helm-registry-user>`	Your registry account username. This may look different depending on your authentication method, for example: Username Token name Service principal ID JSON key For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-registry-pass <helm-pass>`	Your registry account password. This may look different depending on your authentication method, for example: Password Token password Service principal secret Path to JSON file For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--user-id <user_id>`	Add this flag to run all of your Edge site pods and containers with a specific user ID (UID).
`--group-id <group_id>`	Add this flag to run all of your Edge site pods and containers with a specific group ID (GID).
`--unset-run-as-ids`	Add this flag for OpenShift clusters to run all of your Edge site pods and containers from random UIDs and GIDs,
`--no-priority-class-install`	Warning Don't skip priority class configuration unless you have an experienced Kubernetes engineer in your organization, as doing so may result in Edge site failures. Add this flag to skip installing priority classes. Running this flag sets all Edge site pods to the default priority (0).
`--use-custom-priority-class`	Warning Don't configure custom priority classes unless you have an experienced Kubernetes engineer in your organization, as doing so may result in Edge site failures. Add this flag and the following `--set` flags to configure custom priority classes for your Edge site pods: `--set global.priorityClassName.platform=<priority>`: This flags sets the custom priority class name for Edge platform pods. This should be the highest priority class in Edge. `--set global.priorityClassName.application=<priority>`: This flag sets the custom priority class name for Edge application pods. This should be the second highest priority class in Edge. `--set global.priorityClassName.job=<priority>`:This flag sets the custom priority class name for Edge job pods. This should be the third highest priority class in Edge. Show an example `--set global.priorityClassName.platform=critical-priority --set global.priorityClassName.application=high-priority --set global.priorityClassName.job=low-priority`
`--b <backup-file`	Add this flag if you have a backup you want to use to restore an Edge site.

With terminal logging, which only saves the output to the terminal:
Copy
```
./edgecli install -b <backup-file-path>
```
With terminal and file logging, which saves the output both to the terminal and a separate file. This file will be saved in the current directory with the naming format: edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log:
Copy
```
./edgecli install -b <backup-file-path> 2>&1 | tee "edge-installer-$(date +"%Y-%m-%d_%H-%M-%S").log"
```

Run the following command to verify the status of the reinstallation.
Copy
```
kubectl get pods -n <my-namespace>
```

Warning Collibra Support will not assist with custom Helm or Kubernetes configurations. The following steps are an example, and any assistance for configurations or issues outside of these steps is unsupported. We recommend using the Edge CLI method for managed Kubernetes installations.

A common example of custom Helm configurations is, but not limited to, using an unsupported private repository. For more information, go to our supported private helm registries documentation.

You have a global role with the Install Edge sites and the User Administration global permission, for example Edge site administrator.
You have a previous Edge site installation.
You configured the forward proxy, if a forward proxy is required for Edge to connect to Collibra, Datadog, OpenTelemetry and jFrog. Contact your network administrator if this is applicable.
Your server meets all system requirements.
You will reinstall your Edge site on a supported Kubernetes cluster.
You must have admin privileges to create the collibra-edge namespace, priority classes, and CRD’s when executing the install script.
You must run the following commands on a virtual machine where yq version 4.18.1 or later, and jq can be executed.

Steps

Back up your current Edge site. If you don't create a backup before you reinstall your Edge site, your Edge site will become unhealthy and your connection credentials will be lost.

Copy

kubectl get -n <my-namespace> secrets -l edge.collibra.com/backup -o yaml > <PATH_OF_BACKUP_FILE>

Property Description

Property	Description
`<my-namespace>`	The Edge site namespace. If your Edge site has a custom namespace, add it here. If your Edge site does not have a custom namespace, add the default namespace, `collibra-edge`.
`<PATH_OF_BACKUP_FILE>`	The name of the output yaml file containing your Edge site backup. For example, myBackupFile.yaml.

<my-namespace>

The Edge site namespace.

If your Edge site has a custom namespace, add it here.
If your Edge site does not have a custom namespace, add the default namespace, collibra-edge.

<PATH_OF_BACKUP_FILE> The name of the output yaml file containing your Edge site backup. For example, myBackupFile.yaml.

Redownload the installer and save it on your Linux server that has kubectl access to the k8s cluster.
Important This is a new, single-use installer for your Edge site. The previous installer will no longer work.
1. Go to the Edge site page in your Edge environment.
2. Click ActionsSite Actions.
3. Click Redownload Installer.
4. Review and check the required acknowledgment checkbox.
5. Click DownloadDownload Installer.
6. Save the new installer to your server where the old installer was saved.
Important This is a new installer for your Edge site. The previous installer no longer works.
Extract the downloaded installer to an empty folder.
Copy
```
tar -xf installer-<edge-site-id>.tgz
```
Note
- Keep the installer or the contents of the extracted installer in a secure location on your server. These contents contain various tools that you may need later, for example to troubleshoot issues.
- Ensure the directory is not mounted as noexec before you run scripts or executable files. If a directory is mounted as noexec, scripts and executable files can't be run within the directory.
From the extracted TGZ archive directory, run the uninstall command. For each of the following commands, replace <my-namespace> with the name of your Edge site namespace.
- If you installed your Edge site prior to the 2025.06 release and used the edge-cd helm chart, use the following command:
  Copy
```
sh edge-cd-helm-chart/helm-uninstall.sh --namespace <my-namespace>
```
- If you installed your Edge site from or after the 2025.06 release, using the collibra-edge helm art, use the following command:
  Copy
```
sh collibra-edge-helm-chart/helm-uninstall.sh --namespace <my-namespace>
```
Run the following command to apply the Edge site backup file:
Copy
```
kubectl apply -f <PATH_OF_BACKUP_FILE>
```

From inside the extracted TGZ archive directory , run the helm installer prerequisite script, including any additional helm install script flags you may need to configure. For example, if you want to use a custom namespace or install your Edge site on an OpenShift cluster.

Copy

sh collibra-edge-helm-chart/helm-install-prerequisites.sh --namespace <my-namespace> --installer .

Show me the Helm install prerequsite script flags…

Note When you run the installation command, a list of all of these flags are listed. When you run the full command, every command and property run is listed.

Flag	Description
`--installer <path_to_extracted_installer>` Note This property is required for all Edge site installations	The path to the downloaded, extracted Edge installer.
`--namespace <my-namespace>`	The identifier of the Edge site. If you are installing multiple Edge sites in the same Kubernetes cluster, each Edge site namespace must be unique. For example, `--namespace edge-namespace`. If you do not specify a namespace, the default `collibra-edge` namespace is used. Note Throughout the remaining installation steps, replace `<my-namespace>` in the provided scripts with this new namespace name. Example scripts will have `edge-namespace` as an example namespace name.
`--is-openshift`	Add this flag for OpenShift clusters to deploy Security Context Constraints (SCC). SCC provide the required permissions to the Edge service accounts.
`--proxy`	If you are using a forward proxy, add this flag to the install prerequisite script. Note If your proxy properties are not in the default proxy.properties file in the root of the Edge installer, you must: Add your proxy properties to a folder relative to the Edge installer. Add the file path of the proxy properties file, relative to the Edge installer, to the install prerequisite script. For example, if you added the proxy properties file to a folder called proxy within the Edge installer folder, add the following to the script: `--proxy proxy/myproxy.properties`
`--ca`	Add this flag to use a custom certificate, such as for a forward man-in-the-middle proxy. Note If your custom certificate is not in the default ca.pem file in the root of the Edge installer, you must: Add your certificate file to a folder relative to the Edge installer. Add the file path of the custom certificate file, relative to the Edge installer, to the installation prerequisite script. For example, if you added the custom certificate file to a folder called mycerts within the Edge installer folder, add the following to the script: `--ca mycerts/certs.pem`
`--disable-otel`	Add this flag to disable OpenTelemetry. Your metrics and logs will no longer be sent to Edge.
Private container image registry	Use these flags if you want to install your Edge site with a private container image registry to store and manage the container images included in an Edge site installation.
`--registry-url <registry-url>`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-user <registry-user>`	Your registry account username. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
`--registry-pass <registry-pass>`	Your registry account password. For more information about the flags and format required for the supported registries and authentication methods, go to the private container image registry documentation.
Private Helm registry	Use the following flags if you want to install your Edge site with a private Helm registry, which stores and manage the Helm charts included in an Edge site installation.
`--helm-url <helm-registry-url`	The URL of your registry. For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-user <helm-registry-user>`	Your registry account username. This may look different depending on your authentication method, for example: Username Token name Service principal ID JSON key For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--helm-pass <helm-registry-pass>`	Your registry account password. This may look different depending on your authentication method, for example: Password Token password Service principal secret Path to JSON file For more information about the flags and format required for the supported registries and authentication methods, go to the private Helm registry documentation.
`--user-id <user_id>`	Add this flag to run all of your Edge site pods and containers with a specific user ID (UID).
`--group-id <group_id>`	Add this flag to run all of your Edge site pods and containers with a specific group ID (GID).
`--unset-run-as-ids`	Add this flag for OpenShift clusters to run all of your Edge site pods and containers from random UIDs and GIDs,
`--no-priority-class-install`	Warning Don't skip priority class configuration unless you have an experienced Kubernetes engineer in your organization, as doing so may result in Edge site failures. Add this flag to skip installing priority classes. Running this flag sets all Edge site pods to the default priority (0).
`--use-custom-priority-class`	Warning Don't configure custom priority classes unless you have an experienced Kubernetes engineer in your organization, as doing so may result in Edge site failures. Add this flag and the following `--set` flags to configure custom priority classes for your Edge site pods: `--global.priorityClassName.platform <priority>`: This flags sets the custom priority class name for Edge platform pods. This should be the highest priority class in Edge. `--global.priorityClassName.application <priority>`: This flag sets the custom priority class name for Edge application pods. This should be the second highest priority class in Edge. `--global.priorityClassName.job <priority>`:This flag sets the custom priority class name for Edge job pods. This should be the third highest priority class in Edge. Show an example `--use-custom-priority-class --global.priorityClassName.platform critical-priority --global.priorityClassName.application high-priority --global.priorityClassName.job low-priority`

Reinstall your Edge site using the Helm installer script, replacing <my-namepsace> with your Edge site namespace.:
Copy
```
helm install collibra-edge collibra-edge-helm-chart/collibra-edge -n <my-namespace> --values site-values.yaml
```
Note
- If you need to review the default collibra-edge chart values included when you run the Helm installer script, you can either inspect the values.yaml or README.md files in ./collibra-edge-helm-chart/collibra-edge. If you need to override, manually add the value to the command using the --set flag.

What's next

Check the resinstalled Edge site status from the Sites dashboard.
Create an Edge site connection.
Create an Edge site capability.