...
At the moment the only Kubernetes distribution supported is K3s (click here for the official documentation) by Suse Linux for both on-premise and cloud deployments. Our plan for the future is to extend the support to Amazon Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS).
The requirements for the Kubernetes cluster is a single node (1 virtual machine) with the following specs:
Synergy | Focus | Enterprise | |
|---|---|---|---|
CPU cores |
...
(x86_64 processor with speed of 2.2 GHz or more) |
...
RAM: 32GB
...
Disk: 500GB SSD
8 | 16 | 20 | |
RAM | 32GB | 64GB | 80GB |
Free SDD disk space | 500GB | 600GB | 700GB |
OS | We recommend Ubuntu 20.04.4 LTS Server (Focal Fossa), but you can also use RHEL 8. | ||
...
6, CentOS 7.9 or Suse Linux 15.3. | ||
Firewall | ||
...
| |||
...
| |||
K3s version support | v1.23 | ||
Installation
Ensure the following items are in place and configured:
...
As root run the following command to install of K3s
| Code Block |
|---|
curl -sfL https://get.assets.master.k3s.getvisibility.com/k3s/k3s.iosh | INSTALL_K3S_VERSION="v1.23.9+k3s1" K3S_KUBECONFIG_MODE="644" sh -s - server --node-name=local-01 |
...
The K3s deployment is complete when elements of all the deployments (coredns, local-path-provisioner, metrics-server, traefik and cattle-cluster-agent) show at least "1" as "AVAILABLE"
In case of errors , you can inspect the logs of a pod using
kubectl logs, e.g.kubectl logs cattle-cluster-agent-d96d648d8-wjvl9 -n cattle-system
...
...
If the customer has slow internet connection, you may monitor the download of packages using kubectl get events -A command.
| Info |
|---|
Once the above two commands are executed successfully then inform the Forcepoint/Getvisibility backend team to push the remaining packages from master server. |
K3s support matrix
Please note that we don’t use Docker as the container runtime, instead we use containerd.
| View file | ||
|---|---|---|
|
...
Proxy settings
The customer’s firewall and/or internal proxy should be configured to allow the following public urls to be accessible over port 443 (HTTPS):
Note: replace $RESELLER_NAME with the name of the Rancher server which the customer will be connected to.
| Code Block |
|---|
rancher.$RESELLER_NAME.k3s.getvisibility.com images.https://assets.master.k3s.getvisibility.com charts.master.k3s.getvisibility.com www.getvisibility.com get.k3s.io github.com git.rancher.io api.github.com objects.githubusercontent.com raw.githubusercontent.com registry-1.docker.io auth.docker.io docker-images-prod.s3.dualstack.us-east-1.amazonaws.com charts.rancher.io quay.io quayio-production-s3.s3.amazonaws.com s3-1-w.amazonaws.com s3-r-w.dualstack.us-east-1.amazonaws.com s3-w.us-east-1.amazonaws.com (Custom K3s installation files) https://images.master.k3s.getvisibility.com (Private Docker registry) https://charts.master.k3s.getvisibility.com (Private Helm registry) https://prod-eu-west-1-starport-layer-bucket.s3.eu-west-1.amazonaws.com s3-r-w.eu-central-1.amazonaws.com s3-r-w.eu-west-1.amazonaws.com checkpoint-api.hashicorp.com registry.opensource.zalan.do os-registry.stups.zalan.do zalando-opensource-os-registry-eu-central-1.s3.eu-central-1.amazonaws.com lb-master-a9308935d5f9c90e.elb.eu-west-1.amazonaws.com (Docker registry AWS CDN) https://rpm.rancher.io (Rancher RPM repo for configuring SELinux packages on RHEL) https://rancher.$RESELLER_NAME.k3s.getvisibility.com (Rancher/Fleet management server) |
For more details on how to configure Rancher behind a proxy click here.