Requirements
Management Plane Requirements
| Deployment | Minimum | Recommended |
|---|---|---|
| Multi Node | Compute: 8vCPU, Memory: 16GB, Disk: 250GB | Compute: 8vCPU, Memory: 16GB, Disk: 300GB |
| Single Node | Compute: 16 vCPU, Memory: 32 GB, Disk: 250GB | Compute: 16 vCPU, Memory: 32 GB, Disk: 300GB |
Disks
For proper functionality, the Management Plane relies on a performant underlying Kubernetes cluster. To achieve optimal performance, we recommend utilising an SSD (Solid State Drive). Please refer to https://etcd.io/docs/v3.4/op-guide/hardware/#disks for more details.
Operating Systems
SMCP is designed to run on the following Operating Systems.
| Operating System | Version |
|---|---|
| CentOS | 7.9 |
| RHEL | 8.5, 8.6 |
| Rocky Linux | 9.2 |
| Ubuntu Linux | 22.04 LTS (Jammy Jelfish) |
Networking
Virtual IPs
SMCP uses virtual IPs to access the Management Cluster. We require 2 virtual IPs on the same L2 domain as the nodes in the management cluster.
| VIP | Description | Required | Configuration | |
|---|---|---|---|---|
| VIP 1 | This is the IP where you can access the management cluster's UI. | Yes | externalIp and/or externalIpV6 in airctl-config.yaml | |
| VIP 2 | This is used to serve the management cluster's API server. | Optional | masterIp and/or masterIpV6 in clusterSpec.yaml (pointed to by bootstrapCfgPath). For single-master clusters, it is simply the IP of the master node (no VIP). For multi-master, it becomes the VIP |
Proxy
If using a proxy in your environment, edit the /etc/yum/yum.conf file to add the proxy configuration as well as environment variable HTTP_PROXY and HTTPS_PROXY
Firewall
Disable firewalld - or update firewall rules so that the required ports are open as specified in Network Port Configurations
System Configuration
Passwordless Sudo
Ensure that passwordless sudo is enabled on your hosts.
Many operations require sudo access (for example, the installation of yum repos, docker etc.). Please ensure your hosts have passwordless sudo enabled.
Disable Swap
It's recommended to disable swap on nodes when installing and running SMCP.
Disable Swap: Before starting the installation, you need to disable swap on your node. You can do this by running the following command with superuser privileges:
This command will deactivate all swap partitions.
Remove Swap Entry from /etc/fstab: Next, you should remove any references to swap partitions from the /etc/fstab file. Open the /etc/fstab file in a text editor, such as nano or vi, and delete the lines that reference swap partitions. Make sure to save the file after making these changes.
Reboot the System: To apply the changes and ensure that swap is completely disabled, reboot your node by running the following command:
After the system reboots, it will no longer use swap space, and you can proceed with the node installation.
SSH Keys
SMCP relies on SSH to login to the various nodes of the management cluster, as well as, the user clusters, to install various components and manage them.
Please generate SSH keys and sync them across all nodes of the management cluster as well as all nodes that will run the user's workload clusters.
We recommend generating the keys on one node and then adding the public key to all other hosts in its ~/.ssh/authorized_keys file.
Airctl
Airctl is the CLI based installer for SMCP, and is used to manage the management cluster and the user nodes. Airctl and its corresponding artifacts needs to be downloaded and installed on one of the nodes of the Management Cluster.
Downloading Artifacts
Platform9 publishes SMCP artifacts as secured HTTP endpoints. These endpoints can be accessed via curl or wget or any other command line utility to download the artifacts.
To downloading these artifacts, contact a Platform9 Support Engineer, Solutions Architect or Sales Team member. They will provide you with the "secret" that can be added to the "_user-agent_" value and the appropriate release version
You can download all artifacts using the following download script:
wget https://raw.githubusercontent.com/platform9/support-locker/master/edge-stack/download.shchmod +x ./download.shOnce you’ve downloaded the script you can then run the script with the following options:
./download.sh <secret-key> <release-version>- secret-key: ask Platform9 Support for this key
- release-version: The latest release version is available on the Platform9 Docs Website: https://platform9.com/docs/PEC
For online mode, we can run the following command to download only few essential artifacts to start with:
% curl --user-agent "<secret>" https://pf9-airctl.s3-accelerate.amazonaws.com/<version>/index.txt | grep -e airctl -e nodelet.tar.gz -e nodelet-deb.tar.gz -e install.sh | awk '{print "curl -sS --user-agent \"<secret>\" \"https://pf9-airctl.s3-accelerate.amazonaws.com/<version>/" $NF "\" -o <download directory>" $NF}' | bashOnce all artifacts are downloaded, install them using:
chmod +x ./install.sh./install.sh <release-version>This copies all artifacts under /opt/pf9/airctl.
For airgapped setups, please ensure all the nodes of management cluster and user workload cluster have the following Linux packages pre-installed depending on the operating system:
CentOS/ RHEL
container-selinuxcurlgzipipset-libsiptables-servicesipvsadmlibcgroup-toolsnet-snmp-agent-libsnet-snmp-libsnet-toolsRocky Linux
Support for Rocky Linux was introduced with release 5.9 / LTS3/ SMCP-GA with Rocky Linux 9.2
container-selinuxcurlgzipipset-libsiptables-servicesipvsadmlibnftnllm_sensors-libsnet-snmp-agent-libsnet-snmp-libsnet-toolsUbuntu Linux
Support for Ubuntu Linux was introduced with SMCP 5.10 with Ubuntu Linux 22.04 LTS (Jammy Jellyfish)
cgroup-toolscurlgzipipvsadmlibcgroup1libsnmp40net-toolssocatIn addition, we require OpenSSL version 3.0.7 to be installed on Ubuntu 22.04
Download the pre-compiled package from the following location provided by Platform9 instead of the upstream apt repository
curl --user-agent <SECRET> https://pf9-airctl.s3-accelerate.amazonaws.com/openssl-smcp-ubuntu/openssl_3.0.7-1_amd64.deb --output openssl_3.0.7-1_amd64.debInstall it using the following commands
sudo dpkg -i openssl_3.0.7-1_amd64.debcd /etc/ld.so.conf.d/echo "/usr/local/ssl/lib64" > openssl-3.0.7.confldconfig -vsed -i 's/\(^PATH="[^"]*\)"/\1:\/usr\/local\/ssl\/bin"/' /etc/environmentsource /etc/environmentln -sf /usr/local/ssl/bin/openssl /usr/bin/opensslOnce downloaded, the directory contains a list of .tar or .tar.gz files, an index file, and a simple install.sh file. Visit the Artifacts page to learn more about the downloaded artifacts.