System requirements
Basic pre-requisites
Ensure the following items are in place and configured properly:
- Domain Name Service (DNS) with public name resolution enabled.
- Network Time Protocol (NTP)
- Software Update Service- access to a network-based repository for software update packages.
- Fixed private IPv4 address
- Unique static host name
Operating System
The commands have been tested on Ubuntu Server 20.04 LTS, SUSE Linux Enterprise Server 15 SP4 and RHEL 8.6.
Also, firewalld
nm-cloud-setup.service
and nm-cloud-setup.timer
must be disabled and the server restarted before the installation, click here for more information.
Hardware requirements
The minimum requirement for the a single node Kubernetes cluster is one virtual machine with the following specs:
FDC | Forcepoint DSPM | Ultimate | |
---|---|---|---|
CPU cores | 8 | 16 | 20 |
Memory | 32GB | 64GB | 80GB |
Storage | 500GB min 32M inodes |
600GB min 39M inodes |
700GB min 32M inodes |
Networking Specifications
Outbound internet access with 100 Mbps downloads speed. The cluster needs a public internet connection to download Docker images, binaries, updates, and configuration files.
K3s needs port 443 open so clients can access the Forcepoint DSPM UI and API.
Your network should be configured to allow the following public URLs to be accessible over port 443 (HTTPS) and HTTPS traffic is bypassed (NOT intercepted):
https://assets.master.k3s.getvisibility.com (Custom K3s installation files)
https://images.master.k3s.getvisibility.com (Private Docker registry)
https://charts.master.k3s.getvisibility.com (Private Helm registry)
https://prod-eu-west-1-starport-layer-bucket.s3.eu-west-1.amazonaws.com (Docker registry AWS CDN)
https://rpm.rancher.io (Rancher RPM repo for configuring SELinux packages on RHEL or CentOS)
https://api.master.k3s.getvisibility.com (Private API server)
https://rancher.master.k3s.getvisibility.com (Rancher management server)
https://rancher.$RESELLER_NAME.k3s.getvisibility.com (Rancher management server, where $RESELLER_NAME is Getvisibility for direct customers)
Downloads
Download following file sets:
- Custom K3s installation files: https://assets.master.k3s.getvisibility.com
- Private Docker registry: https://images.master.k3s.getvisibility.com
- Private Helm registry: https://charts.master.k3s.getvisibility.com
- Docker registry AWS CDN: https://prod-eu-west-1-starport-layer-bucket.s3.eu-west-1.amazonaws.com
- Rancher RPM repo for configuring SELinux packages on RHEL or CentOS: https://rpm.rancher.io
- Private API server: https://api.master.k3s.getvisibility.com
- Rancher management server: https://rancher.master.k3s.getvisibility.com
- Forcepoint locations:
K3s and Antivirus
Should we recommend disabling antivirus software?