Skip to main content
Version: 2.7

Install Portworx Central on-premises

You can install Portworx Central on-premises on any Kubernetes cluster using Helm charts, as long as your cluster meets the prerequisites.

Prerequisites

A Kubernetes cluster consisting of 3 worker nodes, each node meeting the following hardware, software, and network requirements:

Hardware Requirements
CPU4 CPU cores minimum, 8 cores recommended
RAM4 GB minimum, 8 GB recommended
Backend drive307 GB (In Total)
Software Requirements
Kubernetes
  • 1.29.x and below for on-premises and for other cloud providers
  • Stork
  • 24.3.0 and above
  • Portworx
  • 3.1.0
  • At least 50 GB of free space on the /root file system nodes where Portworx is going to be installed
  • Network Requirements
    Network connectivityBandwidth:
  • 10 Gbps recommended
  •      (1 Gbps minimum)

    For more information, refer to Portworx Installation prerequisites and Portworx Backup prerequisites.

    • If you are using an external OIDC provider, you must use certificates signed by a trusted certificate authority.

    • Make sure helm is installed on the client machine: Helm

    • For internet-connected clusters, ensure the following ports are open:

    Network Port Requirements
    ServiceSource InterfacePortProtocolFlow DirectionDescription
    License serverdata7070TCPUnidirectionalFor communication between License server and Portworx clusters. Traffic source is Portworx cluster, target is license server.
    Keycloakdata8080TCPUnidirectionalTo talk to external Keycloak/OIDC
    management8443TCPUnidirectionalTo talk to external Keycloak/OIDC
    note
    • If you install Portworx Central on Kubernetes version 1.18.2 or below, then Kubernetes does not proxy the service name to the pod resulting in service reachability errors.
    • You can install Portworx Central on a Kubernetes cluster that is already running Portworx, or on a fresh Kubernetes cluster that does not contain Portworx.
    • If you want to install the monitoring service component, in addition, you need at least 8 CPU cores and 16 GB of memory.

    Install Portworx Central on air-gapped clusters

    If your cluster is air-gapped, then refer to the Install Portworx Central in air-gapped environment topic for more information about preparing your air-gapped environment and pushing Docker images to an internal registry.

    Install stand-alone Portworx Central on-premises

    1. If you install Portworx Central alone -- without Portworx Enterprise -- skip this step. If you do want to install Portworx Central with Portworx Enterprise, then Install Portworx and create the following storage class on your Kubernetes cluster.

      kind: StorageClass
      apiVersion: storage.k8s.io/v1
      metadata:
      name: portworx-sc
      provisioner: kubernetes.io/portworx-volume
      parameters:
      repl: "3"
    2. Generate the install spec using the License Server and Monitoring spec generator.

      If you use Portworx to install Portworx Central alone, select the Use storage class checkbox under the Configuration section of the Spec Details tab. In the Storage Class Name text box, enter the name of the storage class you created in the previous step.

      If your cluster is air-gapped, select the Use custom registry checkbox under the *Custom Registry section, and enter the following information:

      • Custom Registry: The hostname of your custom registry
      • Image Repository: The path to the required Docker images
      • Image Pull Secret(s) (optional): A comma-separated list of your image pull secrets.
    3. Using Helm, add the Portworx Enterprise repository to your cluster and update it.

      helm repo add <repo-name> portworx http://charts.portworx.io/ && helm repo update
    4. Install Portworx Central alone using either the --set flag or the values.yml file provided in the Step 2 section of the Complete tab of the spec generator.

    5. Monitor the installation status.

      kubectl get po --namespace px-backup -ljob-name=pxcentral-post-install-hook  -o wide | awk '{print $1, $3}' | grep -iv error
      note

      If you use your Kubernetes master IP as the Keycloak endpoint, then run the following command on all worker nodes:

      sudo iptables -P FORWARD ACCEPT

    This enables port forwarding using iptables, making the NodePort service accessible through the master endpoint.

    Configure external OIDC endpoints

    If you enabled an external OIDC during Portworx Central installation, then manually configure the redirect URI in your OIDC provider. For the configuration procedure, refer Set up login redirects.

    Was this page helpful?