The hardware prerequisites are a single bootstrap node, Mesos master nodes, and Mesos agent nodes.
1 node with 2 cores, 16 GB RAM, 60 GB HDD. This is the node where DC/OS installation is run. This bootstrap node must also have:
- A high-availability (HA) TCP/Layer 3 load balancer, such as HAProxy, to balance the following TCP ports to all master nodes: 80, 443.
- An unencrypted SSH key that can be used to authenticate with the cluster nodes over SSH. Encrypted SSH keys are not supported.
The cluster nodes are designated Mesos masters and agents during installation.
The supported operating systems and environments are listed on the version policy page.
The table below shows the master node hardware requirements:
|Nodes||1*||3 or 5|
|Processor||4 cores||4 cores|
|Memory||32 GB RAM||32 GB RAM|
|Hard disk||120 GB||120 GB|
* For business critical deployments, three master nodes are required rather than one master node.
There are many mixed workloads on the masters. Workloads that are expected to be continuously available or considered business critical should only be run on a DC/OS cluster with at least 3 masters. For more information about high availability requirements see the High Availability documentation.
Examples of mixed workloads on the masters are Mesos replicated logs and ZooKeeper. Some of these require fsync()ing every so often, and this can generate a lot of very expensive random I/O. We recommend the following:
- Solid-state drive (SSD)
- RAID controllers with a BBU
- RAID controller cache configured in writeback mode
The table below shows the agent node hardware requirements.
|Nodes||1||6 or more|
|Processor||4 cores||4 cores|
|Memory||16 GB RAM||16 GB RAM|
|Hard disk||60 GB||60 GB|
The agent nodes must also have:
/vardirectory with 10 GB or more of free space. This directory is used by the sandbox for both Docker and DC/OS Universal container runtime.
The agent’s work directory,
/var/lib/mesos/slave, should be on a separate device. This protects all the other services from a task overflowing the disk.
- To maintain backwards compatibility with frameworks written before the disk resource was introduced, by default the disk resource is not enforced.
- You can enable resource enforcement by inserting the environment variable MESOS_ENFORCE_CONTAINER_DISK_QUOTA=true into one of the Mesos agent extra config files (e.g.
- Disk quotas are not supported by Docker tasks, so these can overflow the disk regardless of configuration.
Network Access to a public Docker repository or to an internal Docker registry.
On RHEL 7 and CentOS 7,
firewalldmust be stopped and disabled. It is a known Docker issue that
firewalldinteracts poorly with Docker. For more information, see the Docker CentOS firewalld documentation.
sudo systemctl stop firewalld && sudo systemctl disable firewalld
DC/OS is installed to
/opt/mesospheremust be on the same mountpoint as
/. This is required because DC/OS installs systemd unit files under
/opt/mesosphere. All systemd units must be available for enumeration during the initializing of the initial ramdisk at boot. If
/optis on a different partition or volume, systemd will fail to discover these units during the initialization of the ramdisk and DC/OS will not automatically restart upon reboot.
The Mesos master and agent persistent information of the cluster is stored in the
Important: Do not remotely mount
/var/lib/mesosor the Docker storage directory (by default
Do not mount
noexec. This will prevent Exhibitor and ZooKeeper from running.
- Secure Shell (SSH) must be enabled on all nodes.
- Internet Control Message Protocol (ICMP) must be enabled on all nodes.
- All hostnames (FQDN and short hostnames) must be resolvable in DNS; both forward and reverse lookups must succeed.
- Each node is network accessible from the bootstrap node.
- Each node has unfettered IP-to-IP connectivity from itself to all nodes in the DC/OS cluster.
- All ports should be open for communication from the master nodes to the agent nodes and vice versa.
- UDP must be open for ingress to port 53 on the masters. To attach to a cluster, the Mesos agent node service (
dcos-mesos-slave) uses this port to find
High Speed Internet Access
High speed internet access is recommended for DC/OS installation. A minimum 10 MBit per second is required for DC/OS services. The installation of some DC/OS services will fail if the artifact download time exceeds the value of MESOS_EXECUTOR_REGISTRATION_TIMEOUT within the file
/opt/mesosphere/etc/mesos-slave-common. The default value for MESOS_EXECUTOR_REGISTRATION_TIMEOUT is 10 minutes.
Refer to this shell script for an example of how to install the software requirements for DC/OS masters and agents on a CentOS 7 host.
Docker must be installed on all bootstrap and cluster nodes. The supported Docker versions are listed on the version policy page.
Do not use Docker
devicemapperstorage driver in
loop-lvmmode. For more information, see Docker and the Device Mapper storage driver.
direct-lvmmode when choosing a production storage driver. For more information, see Docker’s Select a Storage Driver.
Manage Docker on CentOS with systemd. systemd handles starting Docker on boot and restarting it when it crashes.
Run Docker commands as the root user (with
sudo) or as a user in the docker user group.
Each Linux distribution requires Docker to be installed in a specific way:
- CentOS - Install Docker from Docker’s yum repository.
- RHEL - Install Docker by using a subscription channel. For more information, see Docker Formatted Container Images on Red Hat Systems.
- CoreOS - Comes with Docker pre-installed and pre-configured.
For more more information, see Docker’s distribution-specific installation instructions.
Disable sudo password prompts
Add the following line to your
/etc/sudoers file. This disables the sudo password prompt.
%wheel ALL=(ALL) NOPASSWD: ALL
Alternatively, you can SSH as the root user.
Enable Time synchronization
Time synchronization is a core requirement of DC/OS. There are various methods of ensuring time sync. NTP is the typical approach on bare-metal. Many cloud providers use hypervisors, which push time down to the VM guest operating systems. In certain circumstances, hypervisor time-sync may conflict with NTP.
You must understand how to properly configure time synchronization for your
environment. When in doubt, enable NTP and check using
Enable Check Time
You must set the
ENABLE_CHECK_TIME environment variable in order for
/opt/mesosphere/bin/check-time to function. It’s recommended
that you enable this globally. e.g. on CoreOS an entry in
export ENABLE_CHECK_TIME=true with set the appropriate variable.
Network Time Protocol (NTP) must be enabled on all nodes for clock synchronization. By default, during DC/OS startup you will receive an error if this is not enabled. You can check if NTP is enabled by running one of these commands, depending on your OS and configuration:
ntptime adjtimex -p timedatectl
Before installing DC/OS, you must ensure that your bootstrap node has the following prerequisites.
- If you specify
exhibitor_storage_backend: zookeeper, the bootstrap node is a permanent part of your cluster. With
exhibitor_storage_backend: zookeeperthe leader state and leader election of your Mesos masters is maintained in Exhibitor ZooKeeper on the bootstrap node. For more information, see the configuration parameter documentation.
- The bootstrap node must be separate from your cluster nodes.
Download and save the DC/OS setup file to your bootstrap node. This file is used to create your customized DC/OS build file. Contact your sales representative or firstname.lastname@example.org for access to this file.
Docker Nginx (advanced installer)
For advanced install only, install the Docker Nginx image with this command:
sudo docker pull nginx
For advanced install only, your cluster nodes must have the following prerequisites. The cluster nodes are designated as Mesos masters and agents during installation.
Data compression (advanced installer)
To install these utilities on CentOS7 and RHEL7:
sudo yum install -y tar xz unzip curl ipset
Cluster permissions (advanced installer)
On each of your cluster nodes, use the following command to:
Disable SELinux or set it to permissive mode.
dockerto each of your Mesos masters and agents.
Reboot your cluster for the changes to take effect.
sudo sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/selinux/config && sudo groupadd nogroup && sudo groupadd docker && sudo reboot
Note: It may take a few minutes for your node to come back online after reboot.
You must set the
LANG environment variables to
For info on setting these variables in Red Hat, see How to change system locale on RHEL
localectl set-locale LANG=en_US.utf8
- For info on setting these variable in CentOS7, see How to set up system locale on CentOS 7.
Install Docker on CentOS
Docker’s CentOS-specific installation instructions are always going to be the most up to date for the latest version of Docker. However, the following recommendations and instructions should make it easier to manage the Docker installation over time and mitigate several known issues with various other configurations.…Read More