The kURL installer runs several preflight checks to detect problems with the target environment early in the installation process.
These are system requirements for the admin processes running behind the Waydev application itself.
The system requirements for the Waydev application are listed later in this document.
Checks Run on All Nodes
The following checks run on all nodes where kURL is installed:
The installer is running on a 64-bit platform.
The installer is running on a supported OS.
Swap is disabled.
Docker is not being installed on EL 8.
Firewalld is disabled.
SELinux is disabled.
At least one nameserver is accessible on a non-loopback address.
TCP ports 10248 and 10250 are available for kubelet.
TCP port 10257 is available for the kube controller manager.
TCP port 10259 is available for the kube scheduler.
At least 4 GiB of memory is available. (Warn when less than 8GiB).
/var/lib/kubelet has at least 30GiB total space and is less than 80% full. (Warn when more than 60% full).
The server has at least 2 CPUs. (Warn when less than 4 CPUs).
The system clock is synchronized and the time zone is set to UTC.
These checks run only on new installs on primary nodes:
TCP port 6443 is available for the Kubernetes API server.
TCP ports 2379, 2380 and 2381 are available for etcd.
The load balancer address is propery configured to forward TCP traffic to the node. (This check only runs on the first primary).
99th percentile filesystem write latency in the etcd data directory is less than 20ms. (Warn when more than 10ms). See cloud recommendations.
These checks run on all primary and secondary nodes joining an existing cluster:
Can connect to the Kubernetes API server address.
All existing nodes in the cluster can be reached on TCP port 6783.
TCP ports 6781, 6782 and 6783 are available on the current host.
If using block storage, check that at least one block device is available with a minimum size of 10GiB.
TCP port 9100 is available for the node exporter.
/var/lib/longhorn has at least 50GiB total space and is less than 80% full. (Warn when more than 60% full).
/var/lib/docker has at least 30GiB total space and is less than 80% full. (Warn when more than 60% full).
Ubuntu 16.04 (Kernel version >= 4.15)
Ubuntu 18.04 (Recommended)
Ubuntu 20.04 (Docker version >= 19.03.10)
CentOS 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3, 8.4 (CentOS 8.x requires Containerd)
RHEL 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3, 8.4 (RHEL 8.x requires Containerd)
Oracle Linux 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3, 8.4 (OL 8.x requires Containerd)
Amazon Linux 2
The Waydev application runs many different processes in the background that are fairly resource-intensive. Because of this, we recommend the following system requirements for a bare-metal server or virtual machine:
A minimum of 8 CPU cores, recommended 16 CPU cores or more
A minimum of 32 GB of RAM, with a recommended amount of 64GB or more
TCP ports 10251 and 10252 open between cluster nodes
UDP ports 6783 and 6784 open between cluster nodes
A minimum of 100 GB of disk space for the main system (this is only for the root directory that contains the application data, and it is different from the storage needed for repository data)
A directory (or mounted volume) on the host for repository data. See Calculating Required Storage below.
Trial Tip: An EC2 m4.2xlarge should provide enough CPU and RAM resources to get you started with a trial install.
Calculating Required Storage
A minimum of 64 GB of storage is recommended for the repository work directory. However, this is just a guess based on the average size of customer data. To truly calculate how much storage you require, you should perform the following tasks:
For each repository you intend to analyze with Waydev, locate its current size
Sum them all together
Add 25% for growth
We strongly recommend that the directory used be something that can be easily exchanged or grown. However, it does not need to be "permanent" storage. It can be ephemeral.
Trial Tip: A 100 GB EBS volume should provide enough space to get you started with a trial install.
kURL Dependencies Directory
kURL will install additional dependencies in the directory /var/lib/kurl/. These dependencies include utilities as well as system packages and container images. This directory must be writeable by the kURL installer and must have sufficient disk space (5 GB).
Firewall Openings for Online Installations
The following domains need to accessible from servers performing online kURL installs. IP addresses for these services can be found in replicatedhq/ips.
tar.gz packages are downloaded from Amazon S3 during embedded cluster installations. The IP ranges to allowlist for accessing these can be scraped dynamically from the AWS IP Address Ranges documentation.
Kubernetes cluster installation scripts and artifacts are served from kurl.sh. Bash scripts and binary executables are served from kurl.sh. This domain is owned by Replicated, Inc which is headquartered in Los Angeles, CA.
No outbound internet access is required for airgapped installations.
Host Firewall Rules
The kURL install script will prompt to disable firewalld. Note that firewall rules can affect communications between containers on the same machine, so it is recommended to disable these rules entirely for Kubernetes. Firewall rules can be added after or preserved during an install, but because installation parameters like pod and service CIDRs can vary based on local networking conditions, there is no general guidance available on default requirements.
The following ports must be open between nodes for multi-node clusters:
Kubernetes API server
etcd server client API
Weave Net control
Weave Net data
Weave Net control
Weave Net data
In addition to the ports listed above that must be open between nodes, the following ports should be available on the host for components to start TCP servers accepting local connections.
etcd health and metrics server
weave network policy controller metrics server
weave metrics server
kubelet health server
kube-proxy metrics server
prometheus node-exporter metrics server
kube-controller-manager health server
kube-scheduler health server
It is recommended that it be able to connect to port HTTPS/443 on external addresses for access to installer files during the install and later for updates. This, obviously, could be scheduled to coincide with your maintenance schedules.
For data analysis, your Waydev Enterprise system must have access to your Git repositories and your ticket system. The following ports should be allowed to those instances:
HTTP/80 and HTTPS/443: This should be the standard ports where your Git repository and ticket system server data for both Git data and API information.
SSH: Most Git vendors also allow for SSH download of the repositories they serve. This is sometimes port 22 and sometimes port 7999 or a custom port.
For access to the system itself by your users, it also requires the following ports be open to internal users:
HTTP/80: This must be open for internal health-check pings.
HTTPS/443: This must be open for users to use the interface.
HTTPS/8800: This port is used to reach the administration interface with a web browser. It does not have to be open to general users, but must be available to system administrators.
SSH/22: System administrators will need access to SSH on the server instance running Waydev Enterprise for occasional updates and maintenance.
Trial Tip: Talk to your Network Administrator and find out where Waydev should be located on your network and how it will communicate with your repositories, ticketing system, and users.
Waydev Enterprise requires a MySQL database that meets the following specifications:
A minimum of 2 CPU cores, recommended 4 CPU cores or more
A minimum of 8 GB of RAM
Trial Tip: We recommend using the embedded database during the trial. The database can be migrated to RDS later.
E-mail Server Requirements
To offer a full experience to users, Waydev Enterprise requires that an email server is provided. This e-mail server and information is required for the system to function. You must choose an e-mail server that meets the following criteria:
It must be able to send e-mail from the e-mail you choose to use as the "From" address in system e-mails.
It must be able to send e-mail to any users you intend to invite into the system.
It must be able to be reached on the given hostname and port from your chosen server.
It must not be a one-off installation of SendMail or Postfix on the local host server running the application.
Trial Tip: Waydev can be installed even if a connection to the SMTP server is not possible during the install.