================================================= Packages, Requirements, Planning, and Preparation ================================================= .. _nuc_planning_install_methodology: Install Methodology =================== Enterprise Nucleus Server ships as a series of :code:`docker-compose` stack and configuration files. A user is expected to configure the underlying infrastructure, adjust configuration as required, and deploy one or more compose stacks. Compose files will pick up various containers for :ref:`Nucleus components ` from a Docker container registry. **Please contact your NVIDIA representative to obtain access to the above artifacts.** Stack Details ------------- Within your package, you will find a number of setups - combinations of compose files, and settings (:code:`.env`) files. Each compose setup has at least two parts to it - :code:`.yml` (the actual compose file) and :code:`.env` (which contains common settings for the compose file). Some advanced features may require modifying the compose (:code:`.yml`) files themselves - details are contained within them for reference. .. warning:: These compose files are designed for docker-compose environments only and will not run on Swarms. Command reference for starting and managing :code:`docker-compose` environments: * :code:`docker-compose --env-file <.env file path> -f <.yml file path> pull` downloads images * :code:`docker-compose --env-file <.env file path> -f <.yml file path> up` starts the stack in the foreground, with logs streamed to your terminal * :code:`docker-compose --env-file <.env file path> -f <.yml file path> up -d` starts the stack in the background, 'daemonizing' it * :code:`docker-compose --env-file <.env file path> -f <.yml file path> down` stop the stack System and Infrastructure Requirements ====================================== Hardware -------- Nucleus does not require any special hardware. From an operational and resource utilization standpoint, it can be considered a sophisticated file server. We recommend: * 12+ cores (3.0 GHz or better) * 32 gigabytes of RAM - and the more RAM the better due to OS filesystem level caching * Network and storage based on desired IO performance and capacity .. FIXME add scaling LFT link The above configuration will work well for up to 500 total users and 10 *concurrent* downloads. If more concurrent downloads are expected, we recommend adding one LFT instance per 10 concurrent downloads. Each one of those will require an additional core and an additional gigabyte of RAM. .. FIXME add livesync link One instance of Nucleus can support up to 25 simultaneous live editing sessions. If more are desired, multiple instances of Nucleus should be deployed. Resource usage will highly depend on load and mileage may vary. Ultimately, we recommend monitoring the installation, and adding resources and scaling services as required. .. note:: The resources recommended above are sized for a production instance. For evaluation, 4 CPU cores and 8 gigabytes of RAM is suggested. Network ------- Aside from basic considerations of making sure network matches and balances other IO bottlenecks, for production instances, policies may dictate isolating Nucleus Servers in a separate, controlled, subnet, and following other security and network architecture best practices. With SSL/TLS, the latter becomes a necessity (having Nucleus on an open network will negate all benefits of SSL/TLS because Nucleus keeps its service ports open regardless of SSL/TLS). Refer to this page for additional information on :doc:`TLS/SSL `. Additional advisement --------------------- In addition to basics, an installation of Nucleus requires keys and may require SSL/TLS certificates, depending on your implementation. In general, requirements for key generation and handling can be summarized as: * Ability to generate and manage symmetric keys of varying lengths * Ability to generate and manage RSA key pairs Preparation =========== Host ---- Host operating system can be any flavor of Linux with the requirement of running a modern version of Docker. Docker and Compose ------------------ Docker 18.x and Docker 19.x are well supported; newer versions of Docker should also work as well. **Do not use your distribution's default packages, or any other packages coming from a package manager (i.e., snap).** They may be incorrectly packaged and not function as expected. Refer to the Nucleus :doc:`Quick Start Tips ` guide for comprehensive installation instructions. Firewalls --------- We recommend against running a firewall on Docker hosts. It's been observed that enabled firewalls (i.e., :code:`ufw`) cause problems including inaccessible services and service crash loops.