v2.25 Preview Preview release - not for production v2024.2 LTS Stable release with long-term support v2024.1 STS Stable release with standard-term support v2.20 LTS Stable release with long-term support v2.18 STS Stable release with standard-term support v2.14 LTS Stable release with long-term support Unsupported versions

Software requirements for nodes

Operating system and additional software required for YugabyteDB

The Linux OS and other software components on each database cluster node must meet the following minimum software requirements.

Depending on the provider type and permissions you grant, you may have to install all of these requirements manually, or YugabyteDB Anywhere will install it all automatically.

Using disk encryption software with YugabyteDB

If you are using third party disk encryption software (such as Vormetric or CipherTrust), the disk encryption service must be up and running on the node before starting any YugabyteDB services. If YugabyteDB processes start before the encryption service, restarting an already encrypted node can result in data corruption.

To avoid problems, pause the universe before enabling or disabling the disk encryption service on universe nodes.

Linux OS

YugabyteDB Anywhere supports deploying YugabyteDB on a variety of operating systems.

AlmaLinux OS 8 disk images are used by default, but you can specify a custom disk image and OS.

On Red Hat Enterprise Linux 8-based systems (Red Hat Enterprise Linux 8, Oracle Enterprise Linux 8.x, Amazon Linux 2), additionally, add the following line to /etc/systemd/system.conf and /etc/systemd/user.conf:

DefaultLimitNOFILE=1048576

You must reboot the system for these two settings to take effect.

Additional software

YugabyteDB Anywhere requires the following additional software to be pre-installed on nodes:

Python

Install Python 3.8 on the nodes. (If you are using Legacy on-premises provisioning, Python 3.5-3.9 is supported, and 3.6 is recommended.)

Install the Python SELinux package corresponding to your version of Python. You can use pip to do this. Ensure the version of pip matches the version of Python.

For example, you can install Python as follows:

sudo yum install python38
sudo pip3.8 install selinux
sudo ln -s /usr/bin/python3.8 /usr/bin/python
sudo rm /usr/bin/python3
sudo ln -s /usr/bin/python3.8 /usr/bin/python3
python3 -c "import selinux; import sys; print(sys.version)"

> 3.8.19 (main, Sep 11 2024, 00:00:00)
> [GCC 11.5.0 20240719 (Red Hat 11.5.0-2)]

Alternately, if you are using the default version of python3, you might be able to install the python3-libselinux package.

CA certificates

By default, YugabyteDB Anywhere can automatically generate and copy self-signed TLS certificates used for node-to-node encryption in transit to universe nodes when the universe is created.

However, if you want to use your own CA certificates, you must manually copy them to universe nodes. (CA certificates can only be used with on-premises universes.)

In your certificate authority UI (for example, Venafi), generate the following:

  • Server certificates to use for node-to-node encryption; that is, for the VMs to be used for universes.

    These certificates must be copied to each of the VMs you will use in your universes.

  • A certificate to use for client-to-node encryption; that is, for encrypting traffic between the database cluster and applications and clients.

    This certificate must also be copied to your application client.

In addition, you add the certificates to YugabyteDB Anywhere.

For more information, refer to CA certificates.

Additional software for airgapped deployment

Additionally, if not connected to the public Internet (that is, airgapped); and not connected to a local Yum repository that contains the additional software, database cluster nodes must also have the following additional software pre-installed:

  • libcgroup and libcgroup-tools (for planned future use of the cgconfig service, for cgroups; can be omitted for YBA versions earlier than v2024.1)
  • rsync, openssl (all linux)
  • semanage-utils (for Debian-based systems)
  • glibc-locale-source, glibc-langpack-en
  • libatomic (for Redhat-based aarch64)
  • libatomic1, libncurses6 (for Debian-based aarch64)
  • chrony (for time synchronization). When using a Public Cloud Provider, chrony is the only choice. When using an On-Premises provider, chrony is recommended; ntpd and systemd-timesyncd are also supported.