Este contenido no está disponible en el idioma seleccionado.

Chapter 9. Preinstallation validations


9.1. Definition of preinstallation validations

The Assisted Installer aims to make cluster installation as simple, efficient, and error-free as possible. The Assisted Installer performs validation checks on the configuration and the gathered telemetry before starting an installation.

The Assisted Installer uses the information provided before installation, such as control plane topology, network configuration and hostnames. It will also use real time telemetry from the hosts you are attempting to install.

When a host boots the discovery ISO, an agent will start on the host. The agent will send information about the state of the host to the Assisted Installer.

The Assisted Installer uses all of this information to compute real time preinstallation validations. All validations are either blocking or non-blocking to the installation.

9.2. Blocking and non-blocking validations

A blocking validation will prevent progress of the installation, meaning that you will need to resolve the issue and pass the blocking validation before you can proceed.

A non-blocking validation is a warning and will tell you of things that might cause you a problem.

9.3. Validation types

The Assisted Installer performs two types of validation:

Host

Host validations ensure that the configuration of a given host is valid for installation.

Cluster

Cluster validations ensure that the configuration of the whole cluster is valid for installation.

9.4. Host validations

9.4.1. Getting host validations by using the REST API

Note

If you use the web console, many of these validations will not show up by name. To get a list of validations consistent with the labels, use the following procedure.

Prerequisites

  • You have installed the jq utility.
  • You have created an Infrastructure Environment by using the API or have created a cluster by using the web console.
  • You have hosts booted with the discovery ISO
  • You have your Cluster ID exported in your shell as CLUSTER_ID.
  • You have credentials to use when accessing the API and have exported a token as API_TOKEN in your shell.

Procedures

  1. Refresh the API token:

    $ source refresh-token
    Copy to Clipboard Toggle word wrap
  2. Get all validations for all hosts:

    $ curl \
      --silent \
      --header "Authorization: Bearer $API_TOKEN" \
      https://api.openshift.com/api/assisted-install/v2/clusters/$CLUSTER_ID/hosts \
      | jq -r .[].validations_info \
      | jq 'map(.[])'
    Copy to Clipboard Toggle word wrap
  3. Get non-passing validations for all hosts:

    $ curl \
      --silent \
      --header "Authorization: Bearer $API_TOKEN" \
      https://api.openshift.com/api/assisted-install/v2/clusters/$CLUSTER_ID/hosts \
      | jq -r .[].validations_info \
      | jq 'map(.[]) | map(select(.status=="failure" or .status=="pending")) | select(length>0)'
    Copy to Clipboard Toggle word wrap

9.4.2. Host validations in detail

Expand
ParameterValidation typeDescription

connected

non-blocking

Checks that the host has recently communicated with the Assisted Installer.

has-inventory

non-blocking

Checks that the Assisted Installer received the inventory from the host.

has-min-cpu-cores

non-blocking

Checks that the number of CPU cores meets the minimum requirements.

has-min-memory

non-blocking

Checks that the amount of memory meets the minimum requirements.

has-min-valid-disks

non-blocking

Checks that at least one available disk meets the eligibility criteria.

has-cpu-cores-for-role

blocking

Checks that the number of cores meets the minimum requirements for the host role.

has-memory-for-role

blocking

Checks that the amount of memory meets the minimum requirements for the host role.

ignition-downloadable

blocking

For Day 2 hosts, checks that the host can download ignition configuration from the Day 1 cluster.

belongs-to-majority-group

blocking

The majority group is the largest full-mesh connectivity group on the cluster, where all members can communicate with all other members. This validation checks that hosts in a multi-node, Day 1 cluster are in the majority group.

valid-platform-network-settings

blocking

Checks that the platform is valid for the network settings.

ntp-synced

non-blocking

Checks if an NTP server has been successfully used to synchronize time on the host.

container-images-available

non-blocking

Checks if container images have been successfully pulled from the image registry.

sufficient-installation-disk-speed

blocking

Checks that disk speed metrics from an earlier installation meet requirements, if they exist.

sufficient-network-latency-requirement-for-role

blocking

Checks that the average network latency between hosts in the cluster meets the requirements.

sufficient-packet-loss-requirement-for-role

blocking

Checks that the network packet loss between hosts in the cluster meets the requirements.

has-default-route

blocking

Checks that the host has a default route configured.

api-domain-name-resolved-correctly

blocking

For a multi node cluster with user managed networking. Checks that the host is able to resolve the API domain name for the cluster.

api-int-domain-name-resolved-correctly

blocking

For a multi node cluster with user managed networking. Checks that the host is able to resolve the internal API domain name for the cluster.

apps-domain-name-resolved-correctly

blocking

For a multi node cluster with user managed networking. Checks that the host is able to resolve the internal apps domain name for the cluster.

compatible-with-cluster-platform

non-blocking

Checks that the host is compatible with the cluster platform

dns-wildcard-not-configured

blocking

Checks that the wildcard DNS *.<cluster_name>.<base_domain> is not configured, because this causes known problems for OpenShift

disk-encryption-requirements-satisfied

non-blocking

Checks that the type of host and disk encryption configured meet the requirements.

non-overlapping-subnets

blocking

Checks that this host does not have any overlapping subnets.

hostname-unique

blocking

Checks that the hostname is unique in the cluster.

hostname-valid

blocking

Checks the validity of the hostname, meaning that it matches the general form of hostnames and is not forbidden.

  • The hostname must have 63 characters or less.
  • The hostname must start and end with a lowercase alphanumeric character.
  • The hostname must have only lowercase alphanumeric characters, dashes, and periods.

belongs-to-machine-cidr

blocking

Checks that the host IP is in the address range of the machine CIDR.

lso-requirements-satisfied

blocking

Validates that the host meets the requirements of the Local Storage Operator.

odf-requirements-satisfied

blocking

Validates that the host meets the requirements of the OpenShift Data Foundation Operator.

  • Each host running ODF workloads (control plane nodes in compact mode, compute nodes in standard mode) requires an eligible disk. This is a disk with at least 25GB that is not the installation disk and is of type SSD or HDD.
  • All hosts must have manually assigned roles.

cnv-requirements-satisfied

blocking

Validates that the host meets the requirements of Container Native Virtualization.

  • The BIOS of the host must have CPU virtualization enabled.
  • Host must have enough CPU cores and RAM available for Container Native Virtualization.
  • Will validate the Host Path Provisioner if necessary.

lvm-requirements-satisfied

blocking

Validates that the host meets the requirements of the Logical Volume Manager Storage Operator.

  • Host has at least one additional empty disk, not partitioned and not formatted.

vsphere-disk-uuid-enabled

non-blocking

Verifies that each valid disk sets disk.EnableUUID to TRUE. In vSphere this will result in each disk having a UUID.

compatible-agent

blocking

Checks that the discovery agent version is compatible with the agent docker image version.

no-skip-installation-disk

blocking

Checks that installation disk is not skipping disk formatting.

no-skip-missing-disk

blocking

Checks that all disks marked to skip formatting are in the inventory. A disk ID can change on reboot, and this validation prevents issues caused by that.

media-connected

blocking

Checks the connection of the installation media to the host.

machine-cidr-defined

non-blocking

Checks that the machine network definition exists for the cluster.

id-platform-network-settings

blocking

Checks that the platform is compatible with the network settings. Some platforms are only permitted when installing Single Node Openshift or when using User Managed Networking.

mtu-valid

non-blocking

Checks the maximum transmission unit (MTU) of hosts and networking devices in the cluster environment to identify compatibility issues. For more information, see Additional resources.

9.5. Cluster validations

9.5.1. Getting cluster validations by using the REST API

If you use the web console, many of these validations will not show up by name. To obtain a list of validations consistent with the labels, use the following procedure.

Prerequisites

  • You have installed the jq utility.
  • You have created an Infrastructure Environment by using the API or have created a cluster by using the web console.
  • You have your Cluster ID exported in your shell as CLUSTER_ID.
  • You have credentials to use when accessing the API and have exported a token as API_TOKEN in your shell.

Procedures

  1. Refresh the API token:

    $ source refresh-token
    Copy to Clipboard Toggle word wrap
  2. Get all cluster validations:

    $ curl \
      --silent \
      --header "Authorization: Bearer $API_TOKEN" \
      https://api.openshift.com/api/assisted-install/v2/clusters/$CLUSTER_ID \
      | jq -r .validations_info \
      | jq 'map(.[])'
    Copy to Clipboard Toggle word wrap
  3. Get non-passing cluster validations:

    $ curl \
      --silent \
      --header "Authorization: Bearer $API_TOKEN" \
      https://api.openshift.com/api/assisted-install/v2/clusters/$CLUSTER_ID \
      | jq -r .validations_info \
      | jq '. | map(.[] | select(.status=="failure" or .status=="pending")) | select(length>0)'
    Copy to Clipboard Toggle word wrap

9.5.2. Cluster validations in detail

Expand
ParameterValidation typeDescription

machine-cidr-defined

non-blocking

Checks that the machine network definition exists for the cluster.

cluster-cidr-defined

non-blocking

Checks that the cluster network definition exists for the cluster.

service-cidr-defined

non-blocking

Checks that the service network definition exists for the cluster.

no-cidrs-overlapping

blocking

Checks that the defined networks do not overlap.

networks-same-address-families

blocking

Checks that the defined networks share the same address families (valid address families are IPv4, IPv6)

network-prefix-valid

blocking

Checks the cluster network prefix to ensure that it is valid and allows enough address space for all hosts.

machine-cidr-equals-to-calculated-cidr

blocking

For a non user managed networking cluster. Checks that apiVIPs or ingressVIPs are members of the machine CIDR if they exist.

api-vips-defined

non-blocking

For a non user managed networking cluster. Checks that apiVIPs exist.

api-vips-valid

blocking

For a non user managed networking cluster. Checks if the apiVIPs belong to the machine CIDR and are not in use.

ingress-vips-defined

blocking

For a non user managed networking cluster. Checks that ingressVIPs exist.

ingress-vips-valid

non-blocking

For a non user managed networking cluster. Checks if the ingressVIPs belong to the machine CIDR and are not in use.

all-hosts-are-ready-to-install

blocking

Checks that all hosts in the cluster are in the "ready to install" status.

sufficient-masters-count

blocking

  • For a multi-node OpenShift Container Platform installation, checks that the current number of hosts in the cluster designated either manually or automatically to be control plane (master) nodes equals the number that the user defined for the cluster as the control_plane_count value.
  • For a single-node OpenShift installation, checks that there is exactly one control plane (master) node and no compute (worker) nodes.

dns-domain-defined

non-blocking

Checks that the base DNS domain exists for the cluster.

pull-secret-set

non-blocking

Checks that the pull secret exists. Does not check that the pull secret is valid or authorized.

ntp-server-configured

blocking

Checks that each of the host clocks are no more than 4 minutes out of sync with each other.

lso-requirements-satisfied

blocking

Validates that the cluster meets the requirements of the Local Storage Operator.

odf-requirements-satisfied

blocking

Validates that the cluster meets the requirements of the OpenShift Data Foundation Operator.

  • The cluster has either at least three control plane (master) nodes and no compute (worker) nodes at all (compact mode), or at least three control plane (master) nodes and at least three compute (worker) nodes (standard mode).
  • Each host running ODF workloads (control plane nodes in compact mode, compute nodes in standard mode) requires a non-installation disk of type SSD` or HDD and with at least 25GB of storage.
  • All hosts must have manually assigned roles.

cnv-requirements-satisfied

blocking

Validates that the cluster meets the requirements of Container Native Virtualization.

  • The CPU architecture for the cluster is x86

lvm-requirements-satisfied

blocking

Validates that the cluster meets the requirements of the Logical Volume Manager Storage Operator.

  • The cluster must be single node.
  • The cluster must be running Openshift >= 4.11.0.

network-type-valid

blocking

Checks the validity of the network type if it exists.

  • The network type must be OpenshiftSDN (OpenShift Container Platform 4.14 or earlier) or OVNKubernetes.
  • OpenshiftSDN does not support IPv6 or Single Node Openshift. OpenshiftSDN is not supported for OpenShift Container Platform 4.15 and later releases.
  • OVNKubernetes does not support VIP DHCP allocation.
Volver arriba
Red Hat logoGithubredditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar. Explore nuestras recientes actualizaciones.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

Theme

© 2025 Red Hat