Flow Enterprise Server 2021.1.1 System Requirements

These system requirements apply to Flow Enterprise Server version 2021.1.1.

System requirements

Flow uses Kubernetes for orchestration. It is required that the Flow stack run in its own instance.

Cluster setup

Flow strongly recommends using three or more nodes to ensure proper disk quorum (opens in new tab) and system stability.

This is a new recommendation beginning with Flow Enterprise Server 2021.1.1. The Flow software will show a warning message on the KOTS admin console if you have fewer than three nodes, but installation will proceed to support customers who currently have fewer than three nodes.

The minimum requirements for each node are listed below:

Computing resources

  • CPU: Minimum of 16 CPU cores per node. 32 cores recommended.
  • Memory: Minimum of 32 GB per node. 64 GB recommended.

Storage requirements:

Unless otherwise noted, the storage requirements apply to all nodes in the cluster, both primary and worker.

  • Installation cache (/tmp): 15 GB
    • This is used only during installation.
  • Raw block storage device: 50 GB (optional for upgrades)
    • If you aren't using block storage, this space must be allocated to /opt/replicated.
    • This storage is expected to expand in the future as new technology is added to the Flow stack.
  • Infrastructure Directories: Allocate 115 GB for infrastructure required by Flow. This includes a 30% buffer for future growth. Specific directories are subject to change, but are currently:
    • Containerd (/var/lib/containerd): ~60 GB
    • Container logs (/var/log/pods): ~10 GB
    • Kubernetes (/var/lib/kubelet): ~10 GB
    • Add-on packages (/var/lib/kurl): ~10 GB
  • Application directories
    • Replicated (/opt/replicated): 5 GB
      Note: If you are not using block storage, this should be 50 GB)
    • Application directory (default /opt/flow)
      Note: The application directory is configurable via settings. [app_dir] is used as a placeholder.
      • Repository cache (default [app_dir]/repository_cache):
        • Worker node(s): 100 GB or the sum of the total sizes of your code repositories, multiplied by 2.5. Choose whichever is greater.
      • Application logs (default [app_dir]/logs): 10 GB
      • Embedded database (optional; default [app_dir]/database): 2 GB

Additional storage requirement details

It is recommended to use solid state drive (SSD) type storage with high IOPS for the volumes used for Flow Enterprise. Having separate disks for volumes like /var/lib/containerd and /var/lib/kubelet increases performance during report generation and data processing.

back to top

Operating system

Flow Enterprise Server can be run on compatible operating systems, including:

  • Ubuntu 18.04, 20.04
  • RHEL 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3
    • For RHEL-based distributions, the file system and storage drive must support the overlay2 storage driver for Containerd services.

Operating systems with hardened kernel images containing PAM (privilege access manager agents), SELINUX policies may interfere with Flow installation and normal operation of the software stack. Those agents and policies may need to be disabled for Flow to be installed or functioning normally. Support for such hardened operating systems are provided on a "best effort" basis.

back to top

Database requirements

Flow Enterprise requires a PostgreSQL database server with solid state drives (SSDs). The size of your database server will vary greatly depending on the size of your repositories. We recommend a minimum of:

  • PostgreSQL Version 12 with minor version 12.1 or greater
  • 4 CPU cores or more
  • 16 GB of RAM or more
  • disk space of approximately 25% of the space calculated for the Repository cache (default [app_dir]/repository_cache), as defined above

Installations with hundreds of thousands of repositories have required very large servers with 64 cores and 512 GB RAM.

The database performance greatly impacts the performance of the overall Flow application. Proactive monitoring of the CPU, memory, and IOPS health are key. Engage your Database team to monitor and tune your database.

Note: It is possible to use an embedded database for small trial installations, but you should use a standalone database server for your production installation. Your installation consultant can provide more information.

back to top

Network Requirements

You can implement Flow Enterprise without access to the Internet. However, we recommend that it be able to connect to the web for access to software packages during the installation and for future updates. This can be scheduled to coincide with your regular maintenance. If you require the system to have no external internet access, you can implement and maintain an airgapped installation.

IPV6 must be enabled. This ensures compatibility with the underlying network virtualization layers of the Flow product stack.

For data analysis, your Flow Enterprise system must have access to your Git repositories and ticketing systems. The following ports should be allowed to these instances:

  • HTTP/80 and HTTPS/443: These should be the standard ports for your Git repository and ticket system server data for both Git data and API information.
  • SSH/22 (usually): Most Git vendors allow for SSH download of repositories they serve.
  • TCP/6443 for KOTS admin API
  • TCP/6783 and UDP/6783-6784 for the Weave application service

For access to the system by your users, the following ports should be open to internal users:

  • HTTP/80: This must be open for internal health-check pings.
  • HTTPS/443: This must be open for users to use the interface.
  • HTTPS/8800: This port is used to reach the admin interface with a web browser. It does not have to be open to general users, but must be available to system administrators.
  • SSH/22: System administrators will need access to SSH on the server instance running Flow Enterprise for occasional updates and maintenance.

Additionally, the following ports are used by the application:

  • 5432: between the Flow server and the Postgres database
  • 25, 587, 465: between the Flow server and email relay
  • 53: TCP/UDP: the application must be able to resolve itself against a DNS server

Note: Host file entries or other workarounds will not work.

  • All ports from the Flow server to itself (usually implicit)

Additional information and limitations

  • Only Password Authentication Mode is supported for the KOTS admin console.
  • It is possible to install Flow behind an AWS load balancer and a proper security group.
  • Installation with an AWS auto-scaling group is not supported.

Airgap infrastructure diagram

back to top

If you need help, please contact Pluralsight Support.