Sign inTry Free

Set System Requirements

Each Kubernetes worker node (host system) must meet the system requirements as specified in the System Requirements and Recommendations documentation. The recommended method for configuring these settings is to do so directly on each Kubernetes node where SingleStore will be scheduled to run.

As manually configuring a multitude of worker nodes to conform to SingleStore’s system requirements can be time-consuming, a DaemonSet can be employed to make this configuration easier.

One key benefit to using a DaemonSet is that, as you scale your cluster with additional worker nodes, the DaemonSet will automatically configure each worker node with the required settings.

The following DaemonSet template must run with elevated privileges in order to perform the required system-level updates to a worker node.

Note: The value of sysctl -w vm.min_free_kbytes must be updated to either 1% of system RAM or 4 GB, whichever is smaller:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: singlestore-sysreq
  labels:
    "app.kubernetes.io/name": "singlestore-sysreq"
spec:
  selector:
    matchLabels:
      "app.kubernetes.io/name": "singlestore-sysreq"
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        "app.kubernetes.io/name": "singlestore-sysreq"
    spec:
      hostPID: true
      volumes:
      - name: sys
        hostPath:
          path: /sys


      initContainers:
      - name: sysreq
        image: busybox
        securityContext:
          privileged: true
        volumeMounts:
        - name: sys
          mountPath: /rootfs/sys
        command:
        - "/bin/sh"
        - "-c"
        - |
          set -euxo pipefail
          sysctl -w vm.max_map_count=1000000000
          sysctl -w vm.min_free_kbytes=<set this value to either 1% of system RAM or 4 GB, whichever is smaller>
          echo never > /rootfs/sys/kernel/mm/transparent_hugepage/enabled
          echo never > /rootfs/sys/kernel/mm/transparent_hugepage/defrag
          echo 0 > /rootfs/sys/kernel/mm/transparent_hugepage/khugepaged/defrag
      containers:
      - name: pause
        image: gcr.io/google_containers/pause

Last modified: July 20, 2023

Was this article helpful?

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK