#Node Preprocessing

Before installing the global cluster, all nodes (control plane nodes and worker nodes) must complete preprocessing.

#Execute the Quick Configuration Script

The installation package provides a script for quickly configuring nodes.

Unzip the installation package to obtain the init.sh script file in the res directory. Copy the script file to the nodes and ensure that you have root privileges.

Execute the script:

bash init.sh

#Node Checks

The following lists all the checks that must be completed on the nodes. Depending on the node's role, the required checks will vary. For example, some checks apply only to control plane nodes.

Checks are divided into two categories:

• ✅ Indicates a check that must pass.
• ⚠️ Indicates a check that must be met in specific scenarios. Please determine whether the corresponding conditions are met according to the instructions. If they are, you must resolve them.

The following is the list of checks:

• OS and Kernel

  • ✅ The machine's grub boot configuration must have the transparent_hugepage=never parameter.
  • ✅ CentOS 7.x system machine's grub boot configuration must have the cgroup.memory=nokmem parameter.
  • ✅ Check whether the kernel modules ip_vs, ip_vs_rr, ip_vs_wrr, and ip_vs_sh are enabled.
  • ⚠️ When the kernel version is lower than 4.19.0 (or RHEL is lower than 4.18.0), check whether the kernel modules nf_conntrack_ipv4 and (for IPv6) nf_conntrack_ipv6 are enabled.
  • ⚠️ If the global cluster plans to use Kube-OVN CNI, the kernel modules geneve and openvswitch must be enabled.
  • ✅ Disable apparmor/selinux and firewall.
  • ✅ Disable swap .

• Users and Permissions

  • ✅ The node's SSH user has root privileges and can use sudo without the password.
  • ✅ The UseDNS and UsePAM parameters in /etc/ssh/sshd_config must be set to no.
  • ✅ Executing systemctl show --property=DefaultTasksMax returns infinity or a very large value; otherwise, adjust /etc/systemd/system.conf.

• Node Network

  • ✅ hostname must comply with the following rules:
    • No more than 36 characters.
    • Starts and ends with a letter or number.
    • Contains only lowercase letters, numbers, -, and ., but cannot contain .-, .., or -..
  • ✅ localhost in /etc/hosts must resolve to 127.0.0.1.
  • ✅ The /etc/resolv.conf file must exist and contain nameserver configurations, but must not contain addresses starting with 172 (disable systemd-resolved).
  • ⚠️ The /etc/resolv.conf file should not configure search domains (if you must configure them, see Configure Search Domain).
  • ✅ The machine's IP address cannot be a loopback, multicast, link-local, all-0, or broadcast address.
  • ✅ Executing ip route must return a default route or a route pointing to 0.0.0.0.
  • ✅ The nodes must not occupy the following ports:
    • Control plane nodes: 2379, 2380, 6443, 10249 ~ 10256
    • Node where the installer is located: 8080, 12080, 12443, 16443, 2379, 2380, 6443, 10249 ~ 10256
    • Worker nodes: 10249 ~ 10256
  • ✅ If the global cluster uses Kube-OVN or Calico, ensure that the following ports are not occupied:
    • Kube-OVN: 6641, 6642
    • Calico: 179
  • ⚠️ Ensure that the IP addresses in the network segment 172.16.x.x ~ 172.32.x.x required by Docker are not occupied. If the IPs in this network segment are occupied and cannot be changed, please contact technical support.

• Software and Directory Requirements:

  • ✅ Must have the following installed: ip, ss, tar, swapoff, modprobe, sysctl, md5sum, and scp or sftp.
  • ⚠️ If you plan to use local storage TopoLVM or Rook, you need to install lvm2.
  • ✅ The /etc/systemd/system/kubelet.service file is not allowed to exist.
  • ✅ /tmp mount parameters must not contain noexec.
  • ✅ Remove packages that conflict with global cluster components (see Remove Conflicting Packages).
  • ✅ The following files must be deleted if they exist:
    • /var/lib/docker
    • /var/lib/containerd
    • /var/log/pods
    • /var/lib/kubelet/pki

• Cross-Node Checks

  • ✅ There must be no network firewall restrictions between nodes in the global cluster.
  • ✅ The hostname of each node in the cluster must be unique.
  • ✅ The time zones of all nodes must be unified, and the time synchronization error must be ≤ 10 seconds.

#Appendix

#Remove Conflicting Packages

Before installation, applications may already be running in the docker/containerd environment on the nodes, or software conflicting with the global cluster may have been installed. Therefore, it is necessary to check and uninstall conflicting packages.

The following commands can be used for reference.

for x in \
    docker docker-client docker-common docker-latest \
    podman-docker podman \
    runc \
    containernetworking-plugins \
    apptainer \
    kubernetes kubernetes-master kubernetes-node kubernetes-client \
    ; do
    rpm -qa | grep -F "$x"
done

for x in \
    docker docker-client docker-common docker-latest \
    podman-docker podman \
    runc \
    containernetworking-plugins \
    apptainer \
    kubernetes kubernetes-master kubernetes-node kubernetes-client \
    ; do
    yum remove "$x"
done

#Configure Search Domain

In Linux OS, the /etc/resolv.conf file is used to configure DNS client domain name resolution settings. The search line specifies the domain search path for DNS queries.

Configuration Requirements

• Number of Domains: The number of domains in the search line should be less than domainCountLimit - 3 (default domainCountLimit is 32).
• Length of Single Domain: Each domain name must not exceed 253 characters.
• Total Character Length: The total character count of all domain names and spaces must not exceed MaxDNSSearchListChar (default is 2048).

Example

search domain1.com domain2.com domain3.com

• The total number of domains is 3.
• The length of a single domain, such as domain1.com, is 11.
• The total character length is 35, i.e., 11 + 11 + 11 + 2 (two spaces).