Installation Environment Setup
Prepare the dependencies required in the installation environment.
Preparing a Base Image
- Log in to the device environment where MEF Center is to be installed.
- Obtain the base image.
docker pull ubuntu:22.04
Manual deletion of this image leads to container boot failure.
Preparing an Open Source System
- For open-source and third-party software integrated by users, track the vulnerabilities and issues in the corresponding community and fix them in a timely manner. You can confirm the known vulnerabilities of the corresponding open-source software version on the CVE official website, and fix the vulnerabilities through version upgrade or patch package update.
- Open-source and third-party software supports insecure items, such as cryptographic algorithm suites (e.g. cipher suite that contains the CBC symmetric cryptographic algorithm), protocols (e.g. TLS 1.0 and TLS 1.1), and all-zero listening. Before using them, perform strict security hardening and fix related issues.
The following open-source systems must be installed in the environment.
- Kubernetes V1.19 to V1.22. For details about how to install Kubernetes, visit the Kubernetes official website.
- KubeEdge and CloudCore V 1.12.2. The CloudCore on which MEF Center depends must run as a systemd service. For details about the installation operations, visit the KubeEdge official website.
After CloudCore is installed, run the following commands to manually delete the original CloudCore root certificate and service certificate. After CloudCore is restarted, new certificates are automatically generated.
rm -rf /etc/kubeedge/ca /etc/kubeedge/certs kubectl delete secret casecret cloudcoresecret -n kubeedge systemctl restart cloudcore
If you do not use the KubeEdge with recommended CloudCore, the MEF Center functions may be unavailable.
- The Docker version is later than 18.09. For details about how to install Docker, visit the Docker official website. Track Docker vulnerabilities and issues based on the official website and community in a timely manner to ensure that Docker has been installed with related patches.
Preparing Command Dependencies
The following dependencies must exist in the environment. For details about some installation modes, see Installing Command Dependencies.
For open-source and third-party software integrated by users, track the vulnerabilities and issues in the corresponding community and fix them in a timely manner through version upgrade or patch package update.
Dependency |
Description |
Check Method |
|---|---|---|
sh |
Executes the sh command. |
A built-in system command. If this command is damaged, manually replace the binary file to ensure that it is available. |
cp |
Copies files or directories. |
A built-in system command. If this command is damaged, manually replace the binary file to ensure that it is available. |
uname |
Displays the system information. |
Run the uname command to check whether uname has been installed. If the uname command exists, uname has been installed. |
grep |
Searches for character strings that meet the requirements in a file. |
Run the grep command to check whether grep has been installed. If the grep command exists, grep has been installed. |
useradd |
Creates a user account. |
Run the useradd command to check whether useradd has been installed. If the useradd command exists, useradd has been installed. |
(Optional) haveged |
KMC encryption depends on random numbers. To prevent exhaustion of random numbers, you are advised to install haveged. |
Run the ps -axu | grep haveged command to check whether haveged has been installed. If havaged is displayed in the command output, it has been installed and you do not need to install it again. |