As an HCI solution on bare metal servers, Harvester has some minimum requirements as outlined below.
To get the Harvester server up and running the following minimum hardware is required:
|CPU||x86_64 only. Hardware-assisted virtualization is required. 8-core processor minimum; 16-core or above preferred|
|Memory||32 GB minimum, 64 GB or above preferred|
|Disk Capacity||140 GB minimum for testing, 500 GB or above preferred for production|
|Disk Performance||5,000+ random IOPS per disk(SSD/NVMe). Management nodes (first 3 nodes) must be fast enough for Etcd|
|Network Card||1 Gbps Ethernet minimum for testing, 10Gbps Ethernet recommended for production|
|Network Switch||Trunking of ports required for VLAN support|
We recommend server-class hardware for best results. Laptops and nested virtualization are not officially supported.
Harvester Hosts Inbound Rules¶
|TCP||2379||Harvester management nodes||Etcd client port|
|TCP||2381||Harvester management nodes||Etcd health checks|
|TCP||2380||Harvester management nodes||Etcd peer port|
|TCP||10010||Harvester management and compute nodes||Containerd|
|TCP||6443||Harvester management nodes||Kubernetes API|
|TCP||9345||Harvester management nodes||Kubernetes API|
|TCP||10252||Harvester management nodes||Kube-controller-manager health checks|
|TCP||10257||Harvester management nodes||Kube-controller-manager secure port|
|TCP||10251||Harvester management nodes||Kube-scheduler health checks|
|TCP||10259||Harvester management nodes||Kube-scheduler secure port|
|TCP||10250||Harvester management and compute nodes||Kubelet|
|TCP||10256||Harvester management and compute nodes||Kube-proxy health checks|
|TCP||10258||Harvester management nodes||Cloud-controller-manager|
|TCP||9091||Harvester management and compute nodes||Canal calico-node felix|
|TCP||9099||Harvester management and compute nodes||Canal CNI health checks|
|UDP||8472||Harvester management and compute nodes||Canal CNI with VxLAN|
|TCP||2112||Harvester management nodes||Kube-vip|
|TCP||6444||Harvester management and compute nodes||RKE2 agent|
|TCP||6060||Harvester management and compute nodes||Node-disk-manager|
|TCP||10246/10247/10248/10249||Harvester management and compute nodes||Nginx worker process|
|TCP||8181||Harvester management and compute nodes||Nginx-ingress-controller|
|TCP||8444||Harvester management and compute nodes||Nginx-ingress-controller|
|TCP||10245||Harvester management and compute nodes||Nginx-ingress-controller|
|TCP||80||Harvester management and compute nodes||Nginx|
|TCP||9796||Harvester management and compute nodes||Node-exporter|
|TCP||30000-32767||Harvester management and compute nodes||NodePort port range|
|TCP||22||Harvester management and compute nodes||sshd|
|UDP||68||Harvester management and compute nodes||Wicked|
|TCP||3260||Harvester management and compute nodes||iscsid|
Typically, all outbound traffic will be allowed.
Integrating Harvester with Rancher¶
If you want to integrate Harvester with Rancher, you need to make sure, that all Harvester nodes can connect to TCP port 443 of the Rancher load balancer.
The VMs of Kubernetes clusters, that are provisioned from Rancher into Harvester, also need to be able to connect to TCP port 443 of the Rancher load balancer. Otherwise the cluster won't be manageable by Rancher. For more information see also Rancher Architecture.
As for the port requirements for the guest clusters deployed inside Harvester virtual machines, refer to the following links.