Skip to main content

Parameters for Environment Detection

Take a CentOS 7.9 server as an example

User

Description: The user when running the script

Requirement: To root a user or a user with root permissions is required because docker is in use.

Selinux

Description: The security system of Linux

Requirement: Selinux should be disabled because docker is in use.

Temporarily disabled: `setenforce 0

Permanently disabled: modify SELINUX=enforcing or SELINUX=permissive to SELINUX=disabled in /etc/selinux/config

Firewalld

Note: It is a self-contained firewall tool. It is recommended to disable the firewall as it tends to conflict with iptables rules. Cloud servers can rely on security group rules for network control.

Temporarily disabled: systemctl stop firewalld (you need to restart the docker service after shutting down the firewall, otherwise the rules may be lost and lead to network anomalies)

Permanently disabled: systemctl disable firewalld

CPU

Description: Processor

Requirements: Minimum 4 cores

Memory

Description: Memory

Requirement: Minimum 32G memory capacity

docker

Description: The docker command must be available in the environment variable and can be executed successfully.

Requirement: It will be added to the PATH environment variable automatically after installation via RPM. If it is a binary installation, you need to add it to the environment variable manually.

dockerd

Note: The dockerd command must be available in the environment variable and can be executed successfully.

Requirement: It will be added to the PATH environment variable automatically after installation via RPM. If it is a binary installation, you need to add it to the environment variable manually.

MaxMapCount

Description: It limits the number of VMAs (Virtual Memory Areas) that a process can have, and the built-in Elasticsearch needs to be adjusted to start successfully.

Temporary adjustment: sysctl -w vm.max_map_count=262144

Permanent adjustment: add the file vm.max_map_count=262144 to /etc/sysctl.conf

SysFileNr

Description: OS-level file descriptor limit

Temporary adjustment: sysctl -w fs.file-max=2048000

Permanent adjustment: add the file fs.file-max=2048000 to /etc/sysctl.conf

IPv4Forward

Note: It needs to be enabled for docker to provide external services.

Temporary adjustment: sysctl -w net.ipv4.ip_forward=1

Permanent adjustment: add the file net.ipv4.ip_forward=1 to /etc/sysctl.conf

DockerCgroupDrive

Description: The limit of Cgroup file descriptors in docker containers. If docker version is 20.10.16 or newer, it defaults to cgroupfs; if it is systemd, there may be insufficient file descriptors; if dockerd is not running, you need to start dockerd (systemctl start docker).

Permanent adjustment:

  1. Upgrade Docker to version 20.10.16 or newer

  2. If the check environment is still systemd after upgrade, you need to modify or add the configuration item "exec-opts": ["native.cgroupdriver=cgroupfs"] in /etc/docker/daemon.json

DockerdFileNr

Description: The number of file descriptors in docker. If dockerd is not running, you need to start dockerd (systemctl start docker).

Permanent adjustment: For example, if you start the docker service via systemd, set LimitNOFILE=102400 in the file docker.service.