Anthos private mode requirements

This page outlines the prerequisites for Anthos private mode, and how they differ from Anthos on bare metal. The prerequisites are similar to the connected version of Anthos on bare metal.

Hardware

Anthos private mode has the same hardware requirements as Anthos on bare metal. However, in Anthos private mode, the admin cluster hosts more components than in Anthos on bare metal. For example, in Anthos private mode, the admin cluster hosts:

  • The logging system
  • The monitoring system
  • The management center

For this reason, Google strongly recommends that you use the recommended hardware resources for Anthos on bare metal, and not the minimum ones.

Installation

Anthos private mode has the same installation requirements as Anthos on bare metal, except that you don't need an internet connection or a Google service account.

Read the following sections of the Anthos on bare metal installation requirements:

Anthos private mode does not include any hypervisor or Preboot Execution Environment (PXE) integration, so you must go through the configuration process of your chosen operating system:

Ensure that NTP is configured on all nodes.

SSH keys

An SSH private key is used to access the machines during the installation. The corresponding SSH public key must be distributed to all the machines (add the public key contents to /home/USER/.ssh/authorized_keys) that are going to be part of a cluster.

Networking requirements

See the official Network requirements for Anthos on bare metal and the Overview of load balancers for more information on load balancing. For a proof-of-concept, we recommend using the bundled load balancer that is based on MetalLB.

Internet access

Unlike Anthos on bare metal in connected mode, you do not need access to the internet for Anthos private mode. The only exception to this rule is to download the Anthos private mode release from Cloud Storage. If your admin workstation is not connected to the internet, you can download the release on any internet-connected computer, and copy it to the admin workstation with a method of your choice.

You also do not need to enable any Google Cloud APIs or to create any Google Cloud service account for Anthos private mode.

DNS

DNS must be available for any production scenario to help with operating the platform and the applications. A DNS system without any external connectivity (and unable to resolve public DNS records) should be sufficient.

Default gateway

A default gateway is required.

What's next