System requirements and sizing
There are hardware, networking, and operating system requirements for running an HCP for cloud scale system with one or more instances.
Hardware requirements
To install HCP for cloud scale on on-premises hardware for production use, you must provision at least four instances (nodes) with sufficient CPU, RAM, disk space, and networking capabilities. This table shows the minimum and recommended hardware requirements for each instance in an HCP for cloud scale system.
Resource |
Minimum |
Recommended |
RAM |
32 GB |
128 GB |
CPU |
8-core |
24-core |
Available disk space |
500 GB 10k SAS RAID |
2000 GB 15k SAS RAID |
Network interface controller (NIC) | (1) 10 Gb Ethernet | (2) 10 Gb Ethernet |
IP addresses | (1) static | (2) static |
Firewall Port Access | Port 443 for S3 API Port 8000 for Admin App GUI Port 9084 for MAPI and Storage Management App GUI | Same |
Internal IP Ports | See Networking | Same |
Network Time | IP address of time service (NTP) | Same |
Operating system and Docker minimum requirements
Each server or virtual machine you provide must meet these requirements:
- 64-bit Linux distribution
- Docker version 1.13.1 or later installed
- IP and DNS addresses configured
Operating system and Docker qualified versions
This table shows the operating systems, Docker and SELinux configurations with which the HCP for cloud scale system has been qualified.
Operating system | Docker version | Docker storage configuration | SELinux setting |
Fedora 27 | Docker 18.03.0-ce | direct-lvm | Enforcing |
Red Hat Enterprise Linux 7.4 | Docker 18.03.0-ce | direct-lvm | Enforcing |
Ubuntu 16.04-LTS | Docker 17.03.0-ce | aufs | N/A |
CentOS 7.4 | Docker 18.03.1-ce | overlay2 | Enforcing |
Docker considerations
- The Docker installation directory on each instance must have at least 20 GB available for storing the HCP for cloud scale Docker images.
- Make sure that the Docker storage driver is configured correctly on each instance before installing HCP for cloud scale.
After installing HCP for cloud scale, changing the Docker storage driver requires a reinstallation of HCP for cloud scale.
To view the current Docker storage driver on an instance, run:
docker info
- If you want to enable SELinux on the system instances, you need to use a Docker storage driver that supports it. The storage drivers that SELinux supports differ depending on the Linux distribution you're using. For more information, see the Docker documentation.
- If you are using the Docker
devicemapper
storage driver:- Make sure that there's at least 40 GB of Docker metadata storage space available on each instance. HCP for cloud scale requires 20 GB to install successfully and an additional 20 GB to successfully update to a later version.
To view Docker metadata storage usage on an instance, run:
docker info
- On a production system, do not run
devicemapper
inloop-lvm
mode. This can cause slow performance or, on certain Linux distributions, HCP for cloud scale may not have enough space to run.
- Make sure that there's at least 40 GB of Docker metadata storage space available on each instance. HCP for cloud scale requires 20 GB to install successfully and an additional 20 GB to successfully update to a later version.
SELinux considerations
- You should decide whether you want to run SELinux on system instances and enable or disable it before installing HCP for cloud scale.
Enabling or disabling SELinux on an instance requires you to reboot the instance.
To view whether SELinux is enabled on an instance, run:
sestatus
- If you want to enable SELinux on the system instances, you need to use a Docker storage driver that supports it.
The storage drivers that SELinux supports differ depending on the Linux distribution you're using. For more information, see the Docker documentation.
Virtual machine host requirements
You can deploy HCP for cloud scale on virtual machines from a .tgz file. Instances deploying HCP for cloud scale cannot run other software, and multiple HCP for cloud scale nodes cannot be deployed on a single instance. If you want to deploy multiple instance on the same hardware, you need to use a hypervisor and guest VMs and deploy each HCP for cloud scale instance on a separate guest.
The HCP for cloud scale software has been qualified on these virtual machine host platforms:
- Hitachi Unified Compute Platform (UCP) 4.1.0
Networking
This topic describes the network usage and requirements for both system instances and services.
The HCP for cloud scale site hostname is configured during installation. This hostname is very important because it is required for access to:
- The HCP for cloud scale user interface
- The S3 API
All instance IP addresses must be static. This includes both internal and external network IP addresses, if applicable to your system.
For more information, see Handling network changes.
Each of the HCP for cloud scale services can bind to one type of network, either internal or external, for receiving incoming traffic. If your network infrastructure supports having two networks, you may want to isolate the traffic for most system services to a secured internal network that has limited access. You would then leave the following services on your external network for user access:
- Admin-App
- Metadata-Cache
- Metadata-Coordination
- Metadata-Gateway
- Metadata-Policy-Engine
- Metrics
- S3-Gateway
- Tracing-Agent
- Tracing-Collector
- Tracing-Query
- MAPI-Gateway
You can use either a single network type for all services or a mix of both types. If you want to use both types, every instance in your system must be addressable by two IP addresses; one on your internal network, and one on your external network. If you use only one network type, each instance needs only one IP address.
Regardless of whether you're using a single network type or a mix of types, you need to configure your network environment to ensure that all instances have outgoing access to the external resources you want to use, such as:
- The storage components where your object data is stored
- Identity providers for user authentication
- Email servers that you want to use for sending email notifications
Each service binds to a number of ports for receiving incoming traffic.
Before installing HCP for cloud scale, you can configure the services to use different ports, or use the default values shown in the tables below.
For information, see (Optional) Reconfigure network.config on each server or virtual machine.
The following table contains information about the service ports that users use to interact with the system.
On every instance in the system, each of these ports:
- Must be accessible from any network that requires administrative or data access to the system
- Must be accessible from every other instance in the system
debug
is set to true
in install_path/hcpcs/config/cluster.config
Default Port Value | Used by Service | Purpose |
80 (S3 HTTP port, if enabled) | S3 Gateway | Object persistence and access |
443 (S3 HTTPS port) |
S3 Gateway |
Object persistence and access |
8000 | Admin App | System Management application GUI |
9099 | MAPI Gateway |
Object Storage Management application GUI |
This table lists the ports used for intrasystem communication by the services. On every instance in the system, each of these ports:
- Must be accessible from every other instance in the system
- Should not be accessible from outside the system
You can find more information about how these ports are used in the documentation for the third-party software underlying each service
See also Services.
Default Port Value | Used By | Purpose |
2181 | Synchronization | Primary port used to communicate with the service |
2888 | Synchronization | Server-server communication |
3888 | Synchronization | Leader elections |
5000 | Synchronization | Debugging |
5001 | Admin App | Debugging |
5004 | Watchdog | Debugging |
5007 | Sentinel | Debugging |
5050 | Cluster Coordination | Primary port used to communicate with the master service |
5051 | Cluster Worker | Primary port used to communicate with the worker service |
5555 | Watchdog | Primary port used for JMX inter-service communication |
5778 | Tracing Agent | Agent HTTP port |
6831 | Tracing Agent | UDP port |
7000 | Cassandra | TCP port for database commands and data |
7199 | Cassandra | Used for database JMX connections |
7203 | Kafka | Used for message queue JMX connections |
8005 | Admin App | Tomcat shutdown port |
8007 | Sentinel | Tomcat shutdown port |
8022 | Watchdog | SSH |
8080 | Service Deployment | Primary port used to communicate with the service |
8081 | Chronos | Primary port used to communicate with the scheduling service |
8889 | Sentinel | Primary port used to communicate with the service |
9042 | Cassandra | Primary port used to communicate with the database service |
9091 | Network Proxy | Primary port used to communicate with the HA proxy service |
9092 | Kafka | Primary port used to communicate with the message queue service |
9190 | OAuth | OAuth port |
9191 | Metrics | Primary port used to communicate with the service |
9200 | Elasticsearch | Used to communicate with Elasticsearch cluster |
9201 | Elasticsearch | Used to communicate with Elasticsearch nodes |
9301 | Elasticsearch | Elasticsearch intercluster communication |
9600 | Logstash | Primary port used to communicate with the logging service |
9601 | Logstash | Port used to listen for syslog connections |
9750 | S3 Gateway | Support |
9751 | Metadata Gateway | Support |
9752 | MAPI Gateway | Support |
9753 | Metadata Cache | Support |
9758 | Metadata Policy Engine | Support |
9760 | Metadata Coordination | Support |
9990 | S3 Gateway | Remote monitoring |
9991 | Metadata Gateway | Monitoring |
9992 | MAPI Gateway | Monitoring |
9993 | Metadata Cache | Monitoring |
9998 | Metadata Policy Engine | Monitoring |
10000 | Metadata Coordination | Monitoring |
12000 | S3 Gateway | Debugging |
12001 | Metadata Gateway | Debugging |
12002 | MAPI Gateway | Debugging |
12003 | Metadata Cache | Debugging |
12004 | Metrics | Debugging |
12005 | Tracing Collector | Debugging |
12006 | Tracing Query | Debugging |
12007 | Tracing Agent | Debugging |
12008 | Metadata Policy Engine | Debugging |
12010 | Metadata Coordination | Debugging |
12500 | Metadata Gateway | Raft RPC Communication |
12501 | Metadata Gateway | Metadata RPC Communication |
12510 | Metadata Coordination | RPC communication |
12520 | Metadata Policy Engine | RPC communication |
13300 | Metadata Cache | Cache TCP discovery |
13370 | S3 Gateway | Cache TCP communication |
13371 | Metadata Gateway | Cache TCP communication |
13372 | MAPI Gateway | Cache TCP communication |
13373 | Metadata Cache | Cache TCP communication |
13378 | Metadata Policy Engine | Cache TCP communication |
13380 | Metadata Coordination | Cache TCP communication |
13453 | Metadata Cache | Cache TCP communication |
13500 | S3 Gateway | Cache client connector |
13501 | Metadata Gateway | Cache client connector |
13502 | MAPI Gateway | Cache client connector |
13503 | Metadata Cache | Cache client connector |
13508 | Metadata Policy Engine | Cache client connector |
13510 | Metadata Coordination | Cache client connector |
14267 | Tracing Collector | Collecting thrift spans from tracing agents |
14268 | Tracing Collector | HTTP port |
15050 | Cluster Coordination | Local port to which the service directly binds |
16686 | Tracing Query | HTTP port (APIs and user interface) |
18000 | Admin App | Local port to which the service directly binds |
18080 | Service Deployment | Local port to which the service directly binds |
18889 | Sentinel | Local port to which the service directly binds |
31000 to 34000 | Service Deployment | Port range used by both Service Deployment and Docker for running containers |
47000 | Cache | TCP cache communication |
47008 | Metadata Policy Engine | TCP cache communication |
47500 | Cache | TCP cache discovery |
48000 | Cache | TCP connector |
48500 | Cache | Client connector |
48508 | Metadata Policy Engine | Client connector |
Time source requirements
If you are installing a multi-instance system, each instance should run NTP (network time protocol) and use the same external time source. For information, see support.ntp.org.
Supported browsers
The HCP for cloud scale web applications support these web browsers:
- Google Chrome latest
- Mozilla Firefox latest