Installation prerequisites for PX-Backup


Prerequisites

The minimum supported size for the PX-Backup cluster is three worker nodes. Each node must meet the following hardware, software, and network requirements:

Hardware Requirements
CPU 4 CPU cores minimum, 8 cores recommended
RAM 4 GB minimum, 8 GB recommended
Backend drive 307 GB (In Total)
Software Requirements
Kubernetes
  • 1.23.x and below for on-premises
  • 1.22.x and below for other cloud providers
  • Stork
  • 2.11.4 and above
  • Portworx
  • 2.11.4
  • At least 50 GB of free space on the /root file system nodes where Portworx is going to be installed
  • Network Requirements
    Network connectivity Bandwidth:
  • 10 Gbps recommended
  • (1 Gbps minimum)
  • NOTE: The above configuration holds good for 2000 backups.

    For more information, refer to Portworx Installation Prerequisites.

    • If you are using an external OIDC provider, you must use certificates signed by a trusted certificate authority.

    • Make sure helm is installed on the client machine: Helm

    • If you want to install PX-Backup on OpenShift using the restricted SCC, then you must add the service accounts used by PX-Backup to the restricted SCC. Execute the following oc adm policy add-scc-to-user commands, replacing <YOUR_NAMESPACE> with your namespace:

      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:default
      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:pxcentral-apiserver
      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:px-keycloak-account
      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:px-backup-account

    Prerequisites to install PX-Backup on Tanzu

    Tanzu Kubernetes Grid (TKG) administrators can create deployments, StatefulSets, and DaemonSet (privileged pods) in the kube-system and default namespace, but cannot create in other namespaces. For example, PX-Backup deployment in the central namespace fails, because Tanzu Kubernetes clusters include the default PodSecurityPolicy.

    Before you deploy PX-Backup, for example in the central namespace, you need to create a rolebinding for privileged and restricted workload deployment using the following commands:

    kubectl create ns central
    kubectl create rolebinding rolebinding-default-privileged-sa-ns_default --namespace=central --clusterrole=psp:vmware-system-privileged --group=system:serviceaccounts

    Last edited: Wednesday, Oct 19, 2022