Skip to content

On-Premise Demo Requirements

Please review our architecture overview for a full production setup.

Our demo requirements are very basic, we simply need two CentOS 7 virtual machines with sufficient resources, and a single public IP per server.

Role OS Memory CPU Disk Disk Layout
Controller CentOS 7 8GB 4 Cores 50GB Disk Custom partition with all storage at /
Container Node CentOS 7 8GB 4 Cores 50GB Custom partition with all storage at /, or, the bulk can be at /var/lib/docker.

We use a centralized SSH Certificate Authority to generate short-lived certificates that we will use to access your infrastructure.

Please copy/paste and run this on each server.

mkdir -p /etc/ssh/auth_principals \
    && echo "cstacks.ssh.customers" > /etc/ssh/auth_principals/root \
    && echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAamLg+Qj1Rh3ENeaVoPf0O+xWv4C1Juotqe1MkC72sU keybase@ea61b79df40c" > /etc/ssh/ \
    && echo "TrustedUserCAKeys /etc/ssh/" >> /etc/ssh/sshd_config \
    && echo "AuthorizedPrincipalsFile /etc/ssh/auth_principals/%u" >> /etc/ssh/sshd_config \
    && chmod g-w /etc && systemctl restart sshd

Additional Notes

  • Please provide a single public IP to each server
  • Ensure that SELinux remains enabled.
    • Our installation process will enable it if it’s disabled.
  • Please only have the root user configured. As part of the installation process we will lock this account down.
    • If your internal policies do not allow this, then please make sure the container node’s non-root user does not use UID/GID 1001.

Last update: 2020-07-16