Using the Pre-Check Script

The pre-check script performs a series of checks on the Controller host to determine whether it is ready to accept the installation. To use the script:

  1. Download the hpe-cp-prechecks-<version>.bin script, where <version> is the version number, such as 5.3.
  2. If needed, copy the .bin file to a directory on the machine that will become the Controller host.
  3. Make the .bin file executable by executing the command: 
    chmod a+x hpe-cp-prechecks-<version>.bin
  4. Run the executable binary using the format:
    hpe-cp-prechecks-<version>.bin <options>

    where <options> denotes the options and parameters you need to pass to the script. See Script Options for a complete list of options and when to use them, and Examples for examples of usage scenarios.

  5. After running the script, see Sample Pre-Check Output for a complete example of a successful pre-check as well as links to common errors and how to resolve them. In addition to the displayed output, the pre-check script generates several files that are described in Pre-Check Generated Files. If needed, remediate any issues and then re-run the pre-check script until all tests pass or until you have accounted for any warnings.
    CAUTION:

    Do not use the config file to install the controller in a production environment if the pre-check output lists one or more errors.

    For non-production environments, when you want to create a deployment that is smaller than the requirements for production environments, specify the --force option when executing the script.

  6. After you are satisfied with the results of the pre-check, you may proceed to install the Controller host using either of the following methods:
Note: Hewlett Packard Enterprise recommends using the config file generated by the pre-check script when installing HPE Ezmeral Container Platform on the Controller host as this method will most likely be faster and easier than manual installation.

Script Options

This table lists all of the Controller-specific options that can be used with the pre-check script. Not all of these options will apply in all situations. See Examples for exmaples of how this script can be used in a variety of real-world scenarios.

Option Short Option Description Notes Example 
--controller
 
-c
 Verify host meets Controller requirements. Use this option on the Controller host only. 
--int-gateway-ip
 Internal gateway IP address for virtual nodes/containers. This address cannot be used by another resource on the corporate network. See Network Requirements. Optional. If not specified, default value is 172.16.13.1 
--int-gateway-ip 172.1.1.1
 
--proxy
 
-p

Proxy URL in the format

[protocol://]
                        [username:password@]
                        proxy_address[:port]
 Skip this option if no web proxy is being used for EPIC. See Web Proxy Requirements. 
--proxy https://admin:admin123@ 172.1.1.2:8080
 
--controller-automount-root
 Auto-mount root on the Controller. 
--controller-automount-root <path>
 
--config-file-path
   Path where the configuration file (see Sample Pre-Check Output) will be written. 
--config-file-path <path>
 
SUDO_PREFIX
   Specify the actual sudo prefix to use when running privileged commands as a non-root user. Defaults to sudo -n if no other option provided. 
export SUDO_PREFIX="usr/sbin/dzdo/dzdo"
 
--ssl-cert
   SSL certificate to use for secure (https://) access to the web interface. Do not use this option if you will be using non-secured (http://) access to the web interface. 
--ssl-cert /root/bds-https.cert
 
--ssl-ca-data
 Provide the CA authentication chain data required for having an SSL client authenticate the server certificate. This must be an absolute file path that will be readable by the httpd process. The “CA data” file is used for an openssl verify -CAfile command to ensure that an SSL client (such as those used in our k8s support) can validate the certificate. 
--ssl-ca-data <path>
 
--gateway-ssl-cert
 Provide the public-key SSL certificate for SSL termination in the gateway. If this is not provided, but the server certificate and private key are, these values will now default from those server certificate values (--ssl-cert and --ssl-priv-key). This must be an absolute path. 
--gateway-ssl-cert <path>
 
--gateway-priv-key
 Provide the private key corresponding to the above. This also must be an absolute path if given. 
--gateway-priv-key <path>
 
--ssl-priv-key
   SSL private key to use for secure (https://) access to the web interface. Do not use this option if you will be using non-secured (http://) access to the web interface. 
--ssl-priv-key /root/bds-https.pem
 
--worker-agent-install
   Worker hosts must be initialized manually before installing them via the web interface. ONLY USE THIS OPTIONS WHEN YOUR ENVIRONMENT DOES NOT ALLOW KEY-BASED SSH. SEE Configuration Requirements. 
--force
 
-f
 Force pre-check validation to succeed regardless of any errors. THIS OPTION IS FOR ADVANCED USERS ONLY AND MAY RESULT IN AN UNUSABLE DEPLOYMENT. 
--dnsmasq-user
   Optional. Specifies the user that dnsmasq service will run under. If not specified, then the dnsmasq service will run under user nobody:nobody. 
--dnsmasq-user dnsmasquser
 
--dnsmasq-grp
   Optional. Specifies the group of dnsmasq users. = 
--dnsmasq-grp dnsmasqgroup

Examples

This section presents some examples of using the pre-check script.

Note: Be sure to run both the precheck script and installer as the user who will be installing HPE Ezmeral Container Platform.