文档

Installation Precautions

Kubernetes Description

  • If Kubernetes marks cluster nodes with taints due to resource restrictions such as memory, drives, and CPUs, services may fail to be deployed.
  • After Kubernetes is installed, if the master node contains taints, you need to manually set the taint tolerance policy for the master node and for the MEF Center service pod.
  • If resources such as memory, drives, and PIDs are insufficient when Kubernetes deploys and runs MEF Center, node-pressure eviction is triggered. As a result, services cannot run properly. If the service is abnormal, rectify the fault by referring to MEF Center Runs Abnormally Due to the Node-Pressure Eviction Mechanism.
  • If you configure the resources allocated by Kubernetes to the device node, MEF Center requires at least 1.5-core CPU and 1.5 GB memory in addition to the default resources occupied by Kubernetes.
  • After Kubernetes is installed, you can manually set the validity period of the Kubernetes-issued certificate interconnected with MEF Center. You are advised to modify the --cluster-signing-duration (one year by default) field in the kube-controller-manager.yaml file to 87600h (ten years).
  • If ports used Kubernetes and KubeEdge are blocked, the cloud-edge connection between MEF Center and MEF Edge fails. For details about the ports, see Table 1.

Installation Environment

  • Check whether the drive space is sufficient. If not, the software cannot be installed. For MEF Center, the available space must be greater than or equal to 750 MB.
  • If the mef-center-node label exists on the corresponding node in the current environment, the installation will fail.
  • If an image with the same name and tag as ascend-module name (for example, ascend-cert-manager: v1) exists in the current environment, the installation will fail.
  • If the node port specified in the configuration file of the nginx-manager module is occupied, the startup will fail.
  • If the specified installation path, log path, or log dump path is stored in a temporary file system, the installation will fail.
  • You are advised to select an installation path whose permission is 755. Background commands may change the permission on the path to 755.
  • If you forcibly stop the installation, the installation cannot be performed again or unknown security risks occur in the environment. You can re-install MEF Center after uninstalling it (Uninstalling MEF Center).
  • The software cannot be installed repeatedly.

MEFCenter User Description

Some running process users of MEF Center are non-root users with the user name being MEFCenter. This user cannot be used for login. You can view the user ID (uid) and group ID (gid) of the user in a process. Stopping or uninstalling the software does not delete the MEFCenter user from the system.

  • During the installation, the common user MEFCenter is created, and the default user ID and group ID are 8000. If those IDs already exist in the system, the system will assign new IDs.
  • When MEF Center software is installed, the software checks whether the MEFCenter user can log in. If yes, the installation is prohibited to reduce security risks. In this case, you need to disable the login and reinstall MEF Center.
  • If the specified account already exists in the system, the user name and group name of the existing account must be MEFCenter and be of the nologin type. Otherwise, the installation fails. In addition, the MEFCenter group cannot contain other users, and the MEFCenter user cannot have a home directory.
  • If the specified account does not exist in the system, the home directory cannot contain any files or directories with the same name as the specified account. Otherwise, the installation will fail.