Set Up Your KVM Virtual Machine for a Cloud Server Cluster
First configure the VM on the master node, and then configure the VM on each worker node.
Follow these steps to setup and configure your VM on a cluster of servers in a cloud deployment:
Verify that your master node meets the VM requirements.
Resource Minimum Requirements Processor Four (4) virtual CPUs Memory 8 GB RAM Local disk storage 64 GB Network interface speed 1 Gb NIC Hypervisor KVM/QCOW (QEMU Copy on Write) image for servers running CentOS, Ubuntu, and RedHat operating systems
Confirm that the needed ports are open for communications.You must open the following ports on your NetQ on-premises servers:
Additionally, for internal cluster communication, you must open these ports:
Port or Protocol Number Protocol Component Access 4 IP Protocol Calico networking (IP-in-IP Protocol) 22 TCP SSH 80 TCP Nginx 179 TCP Calico networking (BGP) 443 TCP NetQ UI 2379 TCP etcd datastore 4789 UDP Calico networking (VxLAN) 5000 TCP Docker registry 6443 TCP kube-apiserver 31980 TCP NetQ Agent communication 31982 TCP NetQ Agent SSL communication 32708 TCP API Gateway Port Protocol Component Access 8080 TCP Admin API 5000 TCP Docker registry 6443 TCP Kubernetes API server 10250 TCP kubelet health probe 2379 TCP etcd 2380 TCP etcd 7072 TCP Kafka JMX monitoring 9092 TCP Kafka client 7071 TCP Cassandra JMX monitoring 7000 TCP Cassandra cluster communication 9042 TCP Cassandra client 7073 TCP Zookeeper JMX monitoring 2888 TCP Zookeeper cluster communication 3888 TCP Zookeeper cluster communication 2181 TCP Zookeeper client
Port 32666 is no longer used for the NetQ UI.
Download the NetQ Platform image.
- On the NVIDIA Application Hub, log in to your account.
- Select NVIDIA Licensing Portal.
- Select Software Downloads from the menu.
- Click Product Family and select NetQ.
- Locate the NetQ SW 4.3 KVM Cloud image and select Download.
- If prompted, agree to the license agreement and proceed with the download.
- On the NVIDIA Application Hub, log in to your account.
Setup and configure your VM.
Open your hypervisor and set up your VM. You can use this example for reference or use your own hypervisor instructions.
KVM Example Configuration
This example shows the VM setup process for a system with Libvirt and KVM/QEMU installed.
Confirm that the SHA256 checksum matches the one posted on the Cumulus Downloads website to ensure the image download has not been corrupted.
$ sha256sum ./Downloads/netq-4.0.0-ubuntu-18.04-tscloud-qemu.qcow2
$ FE353FC06D3F843F4041D74C853D38B0A56036C5886F6233A3ED1A9464AEB783 ./Downloads/netq-4.0.0-ubuntu-18.04-tscloud-qemu.qcow2
- Copy the QCOW2 image to a directory where you want to run it.
Tip: Copy, instead of moving, the original QCOW2 image that was downloaded to avoid re-downloading it again later should you need to perform this process again.
$ sudo mkdir /vms
$ sudo cp ./Downloads/netq-4.0.0-ubuntu-18.04-tscloud-qemu.qcow2 /vms/ts.qcow2
- Create the VM.
For a Direct VM, where the VM uses a MACVLAN interface to sit on the host interface for its connectivity:
$ virt-install --name=netq_ts --vcpus=4 --memory=8192 --os-type=linux --os-variant=generic --disk path=/vms/ts.qcow2,format=qcow2,bus=virtio,cache=none --network=type=direct,source=eth0,model=virtio --import --noautoconsole
Replace the disk path value with the location where the QCOW2 image is to reside. Replace network model value (eth0 in the above example) with the name of the interface where the VM is connected to the external network.
Or, for a Bridged VM, where the VM attaches to a bridge which has already been setup to allow for external access:
$ virt-install --name=netq_ts --vcpus=4 --memory=8192 --os-type=linux --os-variant=generic \ --disk path=/vms/ts.qcow2,format=qcow2,bus=virtio,cache=none --network=bridge=br0,model=virtio --import --noautoconsole
Replace network bridge value (br0 in the above example) with the name of the (pre-existing) bridge interface where the VM is connected to the external network.
Make note of the name used during install as this is needed in a later step.
- Watch the boot process in another terminal window.
$ virsh console netq_ts
Log in to the VM and change the password.
Use the default credentials to log in the first time:
- Username: cumulus
- Password: cumulus
$ ssh cumulus@<ipaddr> Warning: Permanently added '<ipaddr>' (ECDSA) to the list of known hosts. Ubuntu 18.04.5 LTS cumulus@<ipaddr>'s password: You are required to change your password immediately (root enforced) System information as of Thu Dec 3 21:35:42 UTC 2020 System load: 0.09 Processes: 120 Usage of /: 8.1% of 61.86GB Users logged in: 0 Memory usage: 5% IP address for eth0: <ipaddr> Swap usage: 0% WARNING: Your password has expired. You must change your password now and login again! Changing password for cumulus. (current) UNIX password: cumulus Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Connection to <ipaddr> closed.
Log in again with your new password.
$ ssh cumulus@<ipaddr> Warning: Permanently added '<ipaddr>' (ECDSA) to the list of known hosts. Ubuntu 18.04.5 LTS cumulus@<ipaddr>'s password: System information as of Thu Dec 3 21:35:59 UTC 2020 System load: 0.07 Processes: 121 Usage of /: 8.1% of 61.86GB Users logged in: 0 Memory usage: 5% IP address for eth0: <ipaddr> Swap usage: 0% Last login: Thu Dec 3 21:35:43 2020 from <local-ipaddr> cumulus@ubuntu:~$
Verify the master node is ready for installation. Fix any errors indicated before installing the NetQ software.
cumulus@hostname:~$ sudo opta-check-cloud
Change the hostname for the VM from the default value.
The default hostname for the NetQ Virtual Machines is ubuntu. Change the hostname to fit your naming conventions while meeting Internet and Kubernetes naming standards.
Kubernetes requires that hostnames are composed of a sequence of labels concatenated with dots. For example, “en.wikipedia.org” is a hostname. Each label must be from 1 to 63 characters long. The entire hostname, including the delimiting dots, has a maximum of 253 ASCII characters.
The Internet standards (RFCs) for protocols specify that labels may contain only the ASCII letters a through z (in lower case), the digits 0 through 9, and the hyphen-minus character ('-').
Use the following command:
cumulus@hostname:~$ sudo hostnamectl set-hostname NEW_HOSTNAME
Add the same NEW_HOSTNAME value to /etc/hosts on your VM for the localhost entry. Example:
127.0.0.1 localhost NEW_HOSTNAME
Verify that your first worker node meets the VM requirements, as described in Step 1.
Confirm that the needed ports are open for communications, as described in Step 2.
Open your hypervisor and set up the VM in the same manner as for the master node.
Make a note of the private IP address you assign to the worker node. You need it for later installation steps.
Verify the worker node is ready for installation. Fix any errors indicated before installing the NetQ software.
cumulus@hostname:~$ sudo opta-check-cloud
Repeat Steps 8 through 11 for each additional worker node you want in your cluster.
The final step is to install and activate the NetQ software using the CLI:
Run the following command on your master node to initialize the cluster. Copy the output of the command to use on your worker nodes:
cumulus@<hostname>:~$ netq install cluster master-init Please run the following command on all worker nodes: netq install cluster worker-init c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDM2NjTTZPdVVUWWJ5c2Q3NlJ4SHdseHBsOHQ4N2VMRWVGR05LSWFWVnVNcy94OEE4RFNMQVhKOHVKRjVLUXBnVjdKM2lnMGJpL2hDMVhmSVVjU3l3ZmhvVDVZM3dQN1oySVZVT29ZTi8vR1lOek5nVlNocWZQMDNDRW0xNnNmSzVvUWRQTzQzRFhxQ3NjbndIT3dwZmhRYy9MWTU1a
netq install cluster worker-init <ssh-key> on each of your worker nodes.
Run the following command on your NetQ Cloud Appliance with the
config-key obtained from the email you received from NVIDIA titled NetQ Access Link. You can also obtain the configuration key through the NetQ UI in the premise management configuration.
cumulus@<hostname>:~$ netq install opta cluster full interface eth0 bundle /mnt/installables/NetQ-4.3.0-opta.tgz config-key <your-config-key> workers <worker-1-ip> <worker-2-ip> [proxy-host <proxy-hostname> proxy-port <proxy-port>]
You can specify the IP address instead of the interface name here: use
ip-addr <IP address> in place of
interface <ifname> above.
If you have changed the IP address or hostname of the NetQ OPTA after this step, you need to re-register this address with NetQ as follows:
Reset the VM:
cumulus@hostname:~$ netq bootstrap reset
Re-run the install CLI on the appliance. This example uses interface eth0. Replace this with your updated IP address, hostname or interface using the interface or ip-addr option.
cumulus@hostname:~$ netq install opta standalone full interface eth0 bundle /mnt/installables/NetQ-4.3.0-opta.tgz config-key <your-config-key> [proxy-host
If this step fails for any reason, you can run
netq bootstrap reset and then try again.
Consider the following for container environments, and make adjustments as needed.
Flannel Virtual Networks
If you are using Flannel with a container environment on your network, you may need to change its default IP address ranges if they conflict with other addresses on your network. This can only be done one time during the first installation.
The address range is 10.244.0.0/16. NetQ overrides the original Flannel default, which is 10.1.0.0/16.
To change the default address range, use the install CLI with the
pod-ip-range option. For example:
cumulus@hostname:~$ netq install opta standalone full interface eth0 bundle /mnt/installables/NetQ-4.3.0-opta.tgz config-key <your-config-key> pod-ip-range 10.255.0.0/16
Docker Default Bridge Interface
The default Docker bridge interface is disabled in NetQ. If you need to reenable the interface, contact support.
Verify Installation Status
To view the status of the installation, use the
netq show status [verbose] command. The following example shows a successful on-premise installation:
State: Active Version: 4.3.0 Installer Version: 4.3.0 Installation Type: Standalone Activation Key: PKrgipMGEhVuZXRxLWVuZHBvaW50LWdhdGV3YXkYsagDIixUQmFLTUhzZU80RUdTL3pOT01uQ2lnRnrrUhTbXNPUGRXdnUwTVo5SEpBPTIHZGVmYXVsdDoHbmV0cWRldgz= Master SSH Public Key: a3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFEazliekZDblJUajkvQVhOZ0hteXByTzZIb3Y2cVZBWFdsNVNtKzVrTXo3dmMrcFNZTGlOdWl1bEhZeUZZVDhSNmU3bFdqS3NrSE10bzArNFJsQVd6cnRvbVVzLzlLMzQ4M3pUMjVZQXpIU2N1ZVhBSE1TdTZHZ0JyUkpXYUpTNjJ2RTkzcHBDVjBxWWJvUFo3aGpCY3ozb0VVWnRsU1lqQlZVdjhsVjBNN3JEWW52TXNGSURWLzJ2eks3K0x2N01XTG5aT054S09hdWZKZnVOT0R4YjFLbk1mN0JWK3hURUpLWW1mbTY1ckoyS1ArOEtFUllrr5TkF3bFVRTUdmT3daVHF2RWNoZnpQajMwQ29CWDZZMzVST2hDNmhVVnN5OEkwdjVSV0tCbktrWk81MWlMSDAyZUpJbXJHUGdQa2s1SzhJdGRrQXZISVlTZ0RwRlpRb3Igcm9vdEBucXRzLTEwLTE4OC00NC0xNDc= Is Cloud: False Cluster Status: IP Address Hostname Role Status ------------- ------------- ------ -------- 10.188.44.147 10.188.44.147 Role Ready NetQ... Active
netq show opta-health command to verify all applications are operating properly. Allow 10-15 minutes for all applications to come up and report their status.
cumulus@hostname:~$ netq show opta-health Application Status Namespace Restarts Timestamp ----------------------------------------------------- -------- ------------- ---------- ------------------------ cassandra-rc-0-w7h4z READY default 0 Fri Apr 10 16:08:38 2020 cp-schema-registry-deploy-6bf5cbc8cc-vwcsx READY default 0 Fri Apr 10 16:08:38 2020 kafka-broker-rc-0-p9r2l READY default 0 Fri Apr 10 16:08:38 2020 kafka-connect-deploy-7799bcb7b4-xdm5l READY default 0 Fri Apr 10 16:08:38 2020 netq-api-gateway-deploy-55996ff7c8-w4hrs READY default 0 Fri Apr 10 16:08:38 2020 netq-app-address-deploy-66776ccc67-phpqk READY default 0 Fri Apr 10 16:08:38 2020 netq-app-admin-oob-mgmt-server READY default 0 Fri Apr 10 16:08:38 2020 netq-app-bgp-deploy-7dd4c9d45b-j9bfr READY default 0 Fri Apr 10 16:08:38 2020 netq-app-clagsession-deploy-69564895b4-qhcpr READY default 0 Fri Apr 10 16:08:38 2020 netq-app-configdiff-deploy-ff54c4cc4-7rz66 READY default 0 Fri Apr 10 16:08:38 2020 ...
If any of the applications or services display Status as DOWN after 30 minutes, open a support ticket and attach the output of the