Prerequisites
OtterScale Control Node
Section titled “OtterScale Control Node”The Control Node serves as the central management hub for your OtterScale deployment. Before proceeding with installation, verify that your designated control node machine meets the following requirements.
Operating System
Section titled “Operating System”Install Ubuntu 24.04 LTS on your control node. If your machine runs a different OS, perform a clean installation of Ubuntu 24.04 LTS first.
| Component | Requirement |
|---|---|
| OS | Ubuntu 24.04 LTS (Required) |
Hardware Requirements
Section titled “Hardware Requirements”Ensure your control node hardware meets or exceeds these minimum specifications. Higher resources will improve performance and stability.
| Resource | Minimum Requirement |
|---|---|
| CPU | 8 Cores |
| Memory | 16 GB RAM |
| Disk Space | 100 GB available storage |
Network Configuration
Section titled “Network Configuration”The OtterScale installer will automatically configure networking, but confirm the following prerequisites:
- Connectivity: Ensure at least one network interface has external internet access.
- Bridge Configuration: The installer checks for a network bridge named
br-otters.- If it exists, the installer will use it.
- If not, you will be prompted to select an existing bridge or allow the installer to create one automatically.
K8S Nodes (Server Nodes)
Section titled “K8S Nodes (Server Nodes)”K8S nodes are the servers that will form your Kubernetes cluster. These nodes must be commissioned via the OtterScale web interface after creating a Scope, and then provisioned. Ensure each server host is configured as follows before commissioning.
BIOS Configuration
Section titled “BIOS Configuration”Access your server’s BIOS settings (typically by pressing F2, F10, or Del during boot) and configure the following settings:
- BMC Settings:
- BMC Static IP: Assign a static IP address to the BMC for reliable remote management access.
- Boot Order: Enable network boot via BMC and set it as the highest priority in the boot order.
- Boot Options:
- Boot Mode: Set to UEFI (recommended for modern deployments).
- Avoid Legacy mode, as it limits drive size to 2TB, lacks security features, and does not support GPT partitioning.
- Fast Boot: Disable Fast Boot to allow complete hardware initialization.
- Boot Mode: Set to UEFI (recommended for modern deployments).
- CPU Virtualization:
- Intel CPUs: Enable
VMX,VT-d, orVT-x. - AMD CPUs: Enable
SVMorAMD-V.
- Intel CPUs: Enable
Hardware Requirements
Section titled “Hardware Requirements”Verify that each K8S node meets these storage requirements for optimal performance.
| Resource | Minimum Requirement |
|---|---|
| Storage | At least 2 Block disks or 2 Physical drives |
Network IP Requirement
Section titled “Network IP Requirement”Plan your network IP allocation carefully to prevent conflicts. Ensure your subnet has sufficient available IP addresses for the OtterScale deployment.
| Usage | Quantity | Description |
|---|---|---|
| OS System | 1 | Reserved for the ingress controller. |
| OtterScale | 1 | Required from user. A second IP in the same subnet for OtterScale services. |
| Juju Controller | 1 | Used by the Canonical Juju controller. |
| MAAS (DHCP) | 2 | Used for MAAS dynamic IP allocation. |
| Kubernetes and Ceph | 9 + N | Used for Kubernetes and Ceph services (N = number of K8S nodes). |
Total Estimated IPs: 14 + N (where N is the number of K8S nodes)
Firewall Configuration
Section titled “Firewall Configuration”The OtterScale installation process requires outbound internet access to various external services. Configure your firewall to allow outbound connections to the following domains and ports on all nodes (Control Node and K8S nodes).
Canonical
| Domains | Port(s) |
|---|---|
api.charmhub.io | TCP 443 (HTTPS) |
api.jujucharms.com | TCP 443 (HTTPS) |
changelogs.ubuntu.com | TCP 443 (HTTPS) |
charmhub.io | TCP 443 (HTTPS) |
cloud-images.ubuntu.com | TCP 443 (HTTPS) |
maas.ubuntu.com | TCP 443 (HTTPS) |
images.maas.io | TCP 443 (HTTPS) |
juju.is | TCP 443 (HTTPS) |
jaas.ai | TCP 443 (HTTPS) |
streams.canonical.com | TCP 443 (HTTPS) |
objects.githubusercontent.com | TCP 443 (HTTPS) |
contracts.canonical.com | TCP 443 (HTTPS) |
images.maas.io | TCP 80 (HTTP) |
Snap Package
| Domains | Port(s) |
|---|---|
snapcraft.io | TCP 443 (HTTPS) |
api.snapcraft.io | TCP 443 (HTTPS) |
storage.snapcraftcontent.com | TCP 443 (HTTPS) |
canonical-lgw01.cdn.snapcraftcontent.com | TCP 443 (HTTPS) |
canonical-lcy01.cdn.snapcraftcontent.com | TCP 443 (HTTPS) |
canonical-lcy02.cdn.snapcraftcontent.com | TCP 443 (HTTPS) |
canonical-bos01.cdn.snapcraftcontent.com | TCP 443 (HTTPS) |
Ubuntu Repositories
| Domains | Port(s) |
|---|---|
tw.archive.ubuntu.com | TCP 443 (HTTPS) TCP 80 (HTTP) |
archive.ubuntu.com | TCP 443 (HTTPS) TCP 80 (HTTP) |
ports.ubuntu.com | TCP 443 (HTTPS) TCP 80 (HTTP) |
security.ubuntu.com | TCP 443 (HTTPS) TCP 80 (HTTP) |
esm.ubuntu.com | TCP 443 (HTTPS) TCP 80 (HTTP) |
GitHub
| Domains | Port(s) |
|---|---|
github.com | TCP 443 (HTTPS) |
raw.githubusercontent.com | TCP 443 (HTTPS) |
release-assets.githubusercontent.com | TCP 443 (HTTPS) |
Kubernetes
| Domains | Port(s) |
|---|---|
registry.k8s.io | TCP 443 (HTTPS) |
k8s.gcr.io | TCP 443 (HTTPS) |
ghcr.io | TCP 443 (HTTPS) |
coredns | TCP 443 (HTTPS) |
d39mqg4b1dx9z1.cloudfront.net | TCP 443 (HTTPS) |
storage.googleapis.com | TCP 443 (HTTPS) |
nvcr.io | TCP 443 (HTTPS) |
auth.docker.io | TCP 443 (HTTPS) |
auth.docker.com | TCP 443 (HTTPS) |
login.docker.com | TCP 443 (HTTPS) |
cdn.auth0.com | TCP 443 (HTTPS) |
docker.io | TCP 443 (HTTPS) |
hub.docker.com | TCP 443 (HTTPS) |
registry-1.docker.io | TCP 443 (HTTPS) |
index.docker.io | TCP 443 (HTTPS) |
production.cloudflare.docker.com | TCP 443 (HTTPS) |
docker-images-prod.6aa30f8b08e16409b46e0173d6de2f56.r2.cloudflarestorage.com | TCP 443 (HTTPS) |
registry.cn-hangzhou.aliyuncs.com | TCP 443 (HTTPS) |
HuggingFace
| Domains | Port(s) |
|---|---|
huggingface.co | TCP 443 (HTTPS) |
cdn-lfs.huggingface.co | TCP 443 (HTTPS) |
cdn.huggingface.co | TCP 443 (HTTPS) |
RedHat Models
| Domains | Port(s) |
|---|---|
registry.redhat.io | TCP 443 (HTTPS) |
quay.io | TCP 443 (HTTPS) |
registry.access.redhat.com | TCP 443 (HTTPS) |
HELM Charts
| Domains | Port(s) | Description |
|---|---|---|
otterscale.github.io | TCP 443 (HTTPS) | #OtterScale |
charts.jetstack.io | TCP 443 (HTTPS) | #Cert-manager |
open-feature.github.io | TCP 443 (HTTPS) | #Open-feature |
istio-release.storage.googleapis.com | TCP 443 (HTTPS) | #Istio |
prometheus-community.github.io | TCP 443 (HTTPS) | #prometheus |
project-hami.github.io | TCP 443 (HTTPS) | #HAMi |
helm.ngc.nvidia.com | TCP 443 (HTTPS) | #Nvidia |
cloudnative-pg.github.io/charts | TCP 443 (HTTPS) | #CloudNative |
llm-d.ai | TCP 443 (HTTPS) | #llm-d |
codecentric.github.io | TCP 443 (HTTPS) | #KeyCloak |
charts.bitnami.com | TCP 443 (HTTPS) | #Bitnami |