Preparing your cluster for OKD Virtualization

Review this section before you install OKD Virtualization to ensure that your cluster meets the requirements.

You can use any installation method, including user-provisioned, installer-provisioned, or assisted installer, to deploy OKD. However, the installation method and the cluster topology might affect OKD Virtualization functionality, such as snapshots or live migration.

FIPS mode

If you install your cluster in FIPS mode, no additional setup is required for OKD Virtualization.

IPv6

You cannot run OKD Virtualization on a single-stack IPv6 cluster. (BZ#2193267)

Hardware and operating system requirements

Review the following hardware and operating system requirements for OKD Virtualization.

Supported platforms

CPU requirements

  • Supported by Fedora 9

  • Support for Intel 64 or AMD64 CPU extensions

  • Intel VT or AMD-V hardware virtualization extensions enabled

  • NX (no execute) flag enabled

Storage requirements

  • Supported by OKD

Operating system requirements

  • Fedora CoreOS (FCOS) installed on worker nodes

    Fedora worker nodes are not supported.

  • If your cluster uses worker nodes with different CPUs, live migration failures can occur because different CPUs have different capabilities. To avoid such failures, use CPUs with appropriate capacity for each node and set node affinity on your virtual machines to ensure successful migration. See Configuring a required node affinity rule for more information.

Additional resources

Physical resource overhead requirements

OKD Virtualization is an add-on to OKD and imposes additional overhead that you must account for when planning a cluster. Each cluster machine must accommodate the following overhead requirements in addition to the OKD requirements. Oversubscribing the physical resources in a cluster can affect performance.

The numbers noted in this documentation are based on Red Hat’s test methodology and setup. These numbers can vary based on your own individual setup and environments.

Memory overhead

Calculate the memory overhead values for OKD Virtualization by using the equations below.

Cluster memory overhead

  1. Memory overhead per infrastructure node 150 MiB
  1. Memory overhead per worker node 360 MiB

Additionally, OKD Virtualization environment resources require a total of 2179 MiB of RAM that is spread across all infrastructure nodes.

Virtual machine memory overhead

  1. Memory overhead per virtual machine (1.002 * requested memory) + 146 MiB \
  2. + 8 MiB * (number of vCPUs) \ (1)
  3. + 16 MiB * (number of graphics devices) (2)
1Number of virtual CPUs requested by the virtual machine
2Number of virtual graphics cards requested by the virtual machine

If your environment includes a Single Root I/O Virtualization (SR-IOV) network device or a Graphics Processing Unit (GPU), allocate 1 GiB additional memory overhead for each device.

CPU overhead

Calculate the cluster processor overhead requirements for OKD Virtualization by using the equation below. The CPU overhead per virtual machine depends on your individual setup.

Cluster CPU overhead

  1. CPU overhead for infrastructure nodes 4 cores

OKD Virtualization increases the overall utilization of cluster level services such as logging, routing, and monitoring. To account for this workload, ensure that nodes that host infrastructure components have capacity allocated for 4 additional cores (4000 millicores) distributed across those nodes.

  1. CPU overhead for worker nodes 2 cores + CPU overhead per virtual machine

Each worker node that hosts virtual machines must have capacity for 2 additional cores (2000 millicores) for OKD Virtualization management workloads in addition to the CPUs required for virtual machine workloads.

Virtual machine CPU overhead

If dedicated CPUs are requested, there is a 1:1 impact on the cluster CPU overhead requirement. Otherwise, there are no specific rules about how many CPUs a virtual machine requires.

Storage overhead

Use the guidelines below to estimate storage overhead requirements for your OKD Virtualization environment.

Cluster storage overhead

  1. Aggregated storage overhead per node 10 GiB

10 GiB is the estimated on-disk storage impact for each node in the cluster when you install OKD Virtualization.

Virtual machine storage overhead

Storage overhead per virtual machine depends on specific requests for resource allocation within the virtual machine. The request could be for ephemeral storage on the node or storage resources hosted elsewhere in the cluster. OKD Virtualization does not currently allocate any additional ephemeral storage for the running container itself.

Example

As a cluster administrator, if you plan to host 10 virtual machines in the cluster, each with 1 GiB of RAM and 2 vCPUs, the memory impact across the cluster is 11.68 GiB. The estimated on-disk storage impact for each node in the cluster is 10 GiB and the CPU impact for worker nodes that host virtual machine workloads is a minimum of 2 cores.

About storage volumes for virtual machine disks

If you use the storage API with known storage providers, volume and access modes are selected automatically. However, if you use a storage class that does not have a storage profile, you must select the volume and access mode.

For best results, use accessMode: ReadWriteMany and volumeMode: Block. This is important for the following reasons:

  • The ReadWriteMany (RWX) access mode is required for live migration.

  • The Block volume mode performs significantly better in comparison to the Filesystem volume mode. This is because the Filesystem volume mode uses more storage layers, including a file system layer and a disk image file. These layers are not necessary for VM disk storage.

    For example, if you use Red Hat OpenShift Data Foundation, Ceph RBD volumes are preferable to CephFS volumes.

You cannot live migrate virtual machines that use:

  • A storage volume with ReadWriteOnce (RWO) access mode

  • Passthrough features such as GPUs

Do not set the evictionStrategy field to LiveMigrate for these virtual machines.

Additional resources

Object maximums

You must consider the following tested object maximums when planning your cluster:

Restricted network environments

If you install OKD Virtualization in a restricted environment with no internet connectivity, you must configure Operator Lifecycle Manager for restricted networks.

If you have limited internet connectivity, you can configure proxy support in Operator Lifecycle Manager to access the Red Hat-provided OperatorHub.

Live migration

Live migration has the following requirements:

  • Shared storage with ReadWriteMany (RWX) access mode.

  • Sufficient RAM and network bandwidth.

  • If the virtual machine uses a host model CPU, the nodes must support the virtual machine’s host model CPU.

Cluster high-availability options

You can configure one of the following high-availability (HA) options for your cluster:

  • Automatic high availability for installer-provisioned infrastructure (IPI) is available by deploying machine health checks.

    In OKD clusters installed using installer-provisioned infrastructure and with MachineHealthCheck properly configured, if a node fails the MachineHealthCheck and becomes unavailable to the cluster, it is recycled. What happens next with VMs that ran on the failed node depends on a series of conditions. See About RunStrategies for virtual machines for more detailed information about the potential outcomes and how RunStrategies affect those outcomes.

  • Automatic high availability for both IPI and non-IPI is available by using the Node Health Check Operator on the OKD cluster to deploy the NodeHealthCheck controller. The controller identifies unhealthy nodes and uses the Self Node Remediation Operator to remediate the unhealthy nodes. For more information on remediation, fencing, and maintaining nodes, see the Workload Availability for Red Hat OpenShift documentation.

  • High availability for any platform is available by using either a monitoring system or a qualified human to monitor node availability. When a node is lost, shut it down and run oc delete node <lost_node>.

    Without an external monitoring system or a qualified human monitoring node health, virtual machines lose high availability.