System requirements and sizing
This module describes the hardware, networking, and operating system requirements for running an HCP for cloud scale system with one or more instances.
Hardware requirements
To install HCP for cloud scale on on-premises hardware for production use, you must provision at least four instances (nodes) with sufficient CPU, RAM, disk space, and networking capabilities. This table shows the minimum and best-practice hardware requirements for each instance in an HCP for cloud scale system.
Resource |
Minimum |
Best |
RAM |
32 GB |
128 GB |
CPU |
8-core |
24-core |
Available disk space |
500 GB 10k SAS RAID |
(4) 2000 GB 15k SAS RAID |
Network interface controller (NIC) | (1) 10 Gb Ethernet | (2) 10 Gb Ethernet |
IP addresses | (1) static | (2) static |
Firewall Port Access |
Port 443 for S3 API and S3 Console application Port 8000 for System Management application GUI Port 8443 for S3 Gateway API Port 9084 for MAPI and Object Storage Management application GUI | Same |
Internal IP Ports | See Networking | Same |
Network Time | IP address of time service (NTP) | Same |
Operating system and Docker minimum requirements
Each server or virtual machine you provide must have the following:
- 64-bit Linux distribution
- Docker version installed: Docker Community Edition 18.09.0 or later
- IP and DNS addresses configured
Additionally, you should install all relevant patches on the operating system and perform appropriate security hardening tasks.
To execute scripts provided with the product on RHEL, you should install Python.
Operating system and Docker qualified versions
This table shows the operating system, Docker, and SELinux configurations with which the HCP for cloud scale system has been qualified.
Operating system | Docker version | Docker storage configuration | SELinux setting |
Red Hat or CentOS Enterprise Linux 8.1 | Docker Community Edition 19.03.12 or later Note: Technical support not available for Docker Community Edition | overlay2 | Enforcing |
If you are installing on Amazon Linux, before deployment, edit the file /etc/security/limits.conf on every node to add the following two lines:
* hard nofile 65535 * soft nofile 65535
Docker considerations
The Docker installation folder on each instance must have at least 20 GB available for storing the Docker images.
Make sure that the Docker storage driver is configured correctly on each instance before installing the product. After you install the product, to change the Docker storage driver you must reinstall the product. To view the current Docker storage driver on an instance, run:
docker info
Core dumps can fill a host's file system, which can result in host or container instability. Also, if your system uses the data at rest encryption (DARE) feature, encryption keys are written to the dump file. It's best to disable core dumps.
To enable SELinux on the system instances, you need to use a Docker storage driver that SELinux supports. The storage drivers that SELinux supports differ depending on the Linux distribution you're using. For more information, see the Docker documentation.
If you are using the Docker devicemapper
storage driver:
- Make sure that there's at least 40 GB of Docker metadata storage space available on each instance. The product needs 20 GB to install successfully and an additional 20 GB to successfully update to a later version.
To view Docker metadata storage usage on an instance, run:
docker info
- On a production system, do not run
devicemapper
inloop-lvm
mode. This can cause slow performance or, on certain Linux distributions, the product might not have enough space to run.
SELinux considerations
- You should decide whether you want to run SELinux on system instances and enable or disable it before installing additional software on the instance.
Enabling or disabling SELinux on an instance needs a restart of the instance.
To view whether SELinux is enabled on an instance, run:
sestatus
- To enable SELinux on the system instances, you need to use a Docker storage driver that SELinux supports.
The storage drivers that SELinux supports differ depending on the Linux distribution you're using. For more information, see the Docker documentation.
Virtual machine host requirements
You can deploy HCP for cloud scale on virtual machines from a .tgz file. Instances deploying HCP for cloud scale cannot run other software and multiple HCP for cloud scale nodes cannot be deployed on a single instance. To deploy multiple instance on the same hardware, use a hypervisor and guest VMs and deploy each HCP for cloud scale instance on a separate guest.
The HCP for cloud scale software has been qualified on these virtual machine host platforms:
- Hitachi Unified Compute Platform (UCP) 4.1.0
Networking
This topic describes the network usage by, and requirements for, both system instances and services.
- You can configure the network settings for each service when you install the system. You cannot change these settings after the system is up and running.
- If the networking environment changes such that the system can no longer function with its current networking configuration, you must reinstall the system.
The HCP for cloud scale cluster host name is configured during installation. The cluster host name is required because it's needed for access to both the HCP for cloud scale user interface and the S3 API.
All instance IP addresses must be static, including both internal and external network IP addresses if applicable to the system. If you replace an instance, you can reuse its IP address. By doing so you don't have to change DNS entries and you conserve the address.
Each of the HCP for cloud scale services can bind to one type of network, either internal or external, for receiving incoming traffic. If the network infrastructure supports having two networks, you might want to isolate the traffic for most system services to a secured internal network that has limited access. You can then leave the following services on the external network for user access:
- Admin-App
- Message Queue
- Metadata-Cache
- Metadata-Coordination
- Metadata-Gateway
- Policy-Engine
- Metrics
- S3-Gateway
- Tracing-Agent
- Tracing-Collector
- Tracing-Query
- MAPI-Gateway
You can use either a single network type for all services or a mix of both types. To use both types, every instance in the system must be addressable by two IP addresses, one on the internal network and one on the external network. If you use only one network type, each instance needs only one IP address.
Regardless of whether you're using a single network type or a mix of types, you must configure the network environment to ensure that all instances have outgoing access to the external resources you want to use, such as:
- The storage components where the object data is stored
- Identity providers for user authentication
- Email servers that you want to use for sending email notifications
Each service binds to a number of ports for receiving incoming traffic. Port mapping is visible from the Network tab for each service.
Before installing HCP for cloud scale, you can configure services to use different ports, or use the default values shown in the following tables.
The following services must be deployed with their default port values:
- Message Queue
- Metadata Cache
- Tracing Agent
- Tracing Collector
- Tracing Query
The following table contains information about the service ports that users use to interact with the system.
On every instance in the system, each of these ports:
- Must be accessible from any network that needs administrative or data access to the system
- Must be accessible from every other instance in the system
Default Port Value | Used by Service | Purpose |
80 (S3 HTTP port, if enabled) | S3 Gateway | Object persistence and access |
443 (S3 HTTPS port) | S3 Gateway S3 Console application | Object persistence and access Proxied by Network Proxy |
8000 | Admin App | System Management application GUI |
8443 (S3 HTTPS port) | S3 Gateway | Object persistence and access Not proxied by Network Proxy, used by external load balancer |
9099 | MAPI Gateway |
Object Storage Management application GUI |
Time source
If you are installing a multi-instance system, each instance should run NTP (network time protocol) and use the same external time source. For information, see support.ntp.org.
Supported browsers
The HCP for cloud scale web applications support these web browsers:
- Google Chrome latest
- Mozilla Firefox latest