Installation prerequisites for Portworx Backup


The minimum supported size for the Portworx Backup cluster is three worker nodes. Each node must meet the following hardware, software, and network requirements:

Hardware Requirements
CPU 4 CPU cores minimum, 8 cores recommended
RAM 4 GB minimum, 8 GB recommended
Backend drive 307 GB (In Total)
Software Requirements
  • 1.23.x and below for on-premises
  • 1.22.x and below for other cloud providers
  • Stork
  • 2.12.0 and above
  • Portworx
  • 2.12.0
  • At least 50 GB of free space on the /root file system nodes where Portworx is going to be installed
  • Network Requirements
    Network connectivity Bandwidth:
  • 10 Gbps recommended
  •      (1 Gbps minimum)

    NOTE: The above configuration holds good for 2000 backups.

    For more information, refer to Portworx Installation Prerequisites.

    • If you are using an external OIDC provider, you must use certificates signed by a trusted certificate authority.

    • Make sure helm is installed on the client machine: Helm

    • If you want to install Portworx Backup on OpenShift using the restricted SCC, then you must add the service accounts used by Portworx Backup to the restricted SCC. Execute the following oc adm policy add-scc-to-user commands, replacing <YOUR_NAMESPACE> with your namespace:

      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:default
      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:pxcentral-apiserver
      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:px-keycloak-account
      oc adm policy add-scc-to-user restricted system:serviceaccount:<YOUR_NAMESPACE>:px-backup-account

    NOTE: Portworx Backup 2.3.0 and above use MongoDB 5.x versions internally, which require Intel/AMD chipsets that support Advance Vector Extensions (AVX). If you are deploying Portworx Backup 2.3.0 and above, please ensure that your Intel/AMD chipset versions support AVX.

    Prerequisites to install Portworx Backup on Tanzu

    Tanzu Kubernetes Grid (TKG) administrators can create deployments, StatefulSets, and DaemonSet (privileged pods) in the kube-system and default namespace, but cannot create in other namespaces. For example, Portworx Backup deployment in the central namespace fails, because Tanzu Kubernetes clusters include the default PodSecurityPolicy.

    Before you deploy Portworx Backup, for example in the central namespace, you need to create a rolebinding for privileged and restricted workload deployment using the following commands:

    kubectl create ns central
    kubectl create rolebinding rolebinding-default-privileged-sa-ns_default --namespace=central --clusterrole=psp:vmware-system-privileged --group=system:serviceaccounts

    Last edited: Monday, Jan 23, 2023