# Prerequisites and compatibility {% hint style="warning" %} **Important:** The versions mentioned on the prerequisites and compatibility page apply to the WEKA system's **latest minor version** (5.0.**X**). For information on new features and supported prerequisites released with each minor version, refer to the relevant release notes available at [get.weka.io](https://get.weka.io/). Check the release notes for details about any updates or changes accompanying the latest releases. {% endhint %} {% hint style="info" %} In certain instances, WEKA collaborates with Strategic Server Partners to conduct platform qualifications alongside complementary components. If you have any inquiries, contact your designated WEKA representative. {% endhint %} ## Minimal server configuration for a WEKA cluster The minimal configuration for a new WEKA cluster installation is **8 servers**. This ensures optimal performance, resilience, and scalability for most deployments. {% hint style="info" %} For cloud-based installations, WEKA supports a minimal configuration of **6 servers** to accommodate the unique requirements of cloud environments. {% endhint %} ## CPU

CPU family/architecture	Supported on backends	Supported on clients
2013 Intel® Core™ processor family and later	👍 Dual-socket	👍 Dual-socket
AMD EPYC™ processor families 2nd (Rome), 3rd (Milan-X), and 4th (Genoa) Generations	👍 Single-socket	👍 Single-socket and dual-socket
ARM (AArch64)		👍 NVIDIA Grace

{% hint style="info" %} The following requirements must be met: * AES[^1] is enabled. * [Secure Boot](#user-content-fn-2)[^2] is disabled. * AVX2[^3] is enabled. {% endhint %} ## Memory * Sufficient memory to support the WEKA system needs as described in [memory requirements](https://docs.weka.io/4.4/bare-metal/planning-a-weka-system-installation#memory-resource-planning). * More memory support for the OS kernel or any other application. ## Operating system {% hint style="info" %} Every effort is made to support upcoming releases of the operating systems in the lists within one quarter (three months) of their respective General Availability (GA) dates. When an operating system version is deprecated, WEKA will cease to ensure its software continues to work with that operating system version. {% endhint %} {% tabs %} {% tab title="Support policy" %} #### Manage operating system and kernel lifecycle Maintain system reliability by following the WEKA support policy for Linux distributions. This policy applies to WEKA software on customer-managed Linux servers in on-premises and cloud environments. {% hint style="info" %} This policy excludes Linux distributions bundled as part of the WEKA Software Appliance (WSA). {% endhint %} **Lifecycle definitions** * **End of Support (EoS):** The date a vendor stops providing routine updates and patches. * **End of Life (EoL):** The date a vendor ceases all standard support and maintenance for a distribution or kernel version. **Lifecycle stages** * **General Availability (GA):** WEKA aims to support new GA releases within three months of the vendor release date. After addition to the supported list, these versions receive full support, including certification, ongoing validation, and defect remediation aligned to the [release-support-and-commitments](https://docs.weka.io/4.4/support/release-support-and-commitments "mention"). * **End of Support and End of Life:** After a vendor EoS date, WEKA stops active testing and validation. Field issues receive best-effort remediation. If vendor backports are unavailable, fixes may require upgrading to a supported version. Plan migrations before the vendor EoL date. **Support verification** Verify that both the kernel and operating system versions appear as supported in the backends, clients, and kernel tabs. These components require independent verification. If a custom operating system or kernel is required, contact the [Customer Success Team](https://docs.weka.io/4.4/support/getting-support-for-your-weka-system#contact-customer-success-team). {% endtab %} {% tab title="Backends" %} * **Rocky Linux:** * 9.6, 9.4, 9.3, 9.2, 9.1, 9.0 * 8.10, 8.9, 8.8, 8.7, 8.6 * **RHEL:** * 9.6, 9.5, 9.4, 9.3, 9.2, 9.1, 9.0 * 8.10, 8.9, 8.8, 8.7, 8.6, 8.5, 8.4, 8.3, 8.2, 8.1, 8.0 * **CentOS:** * 8.5, 8.4, 8.3, 8.2, 8.1, 8.0 * **Ubuntu:** * 24.04 * 22.04 * 20.04 * 18.04 * **Amazon Linux 2023** (AL2023) with x86 distribution * **Amazon Linux 2 LTS** (formerly Amazon Linux 2 LTS 17.12) with x86\_64 distribution * **Amazon Linux:** * AMI 2018.03 * AMI 2017.09 * **Oracle Linux:** * 9.6, 9 * 8.7, 8.5 {% endtab %} {% tab title="Clients" %} * **Rocky Linux:** * Supported on ARM: 9.5, 9.3 * 9.6, 9.5, 9.4, 9.3, 9.2, 9.1, 9.0 * 8.10, 8.9, 8.8, 8.7, 8.6 * **RHEL:** * Supported on ARM: 9.3 * 9.6, 9.5, 9.4, 9.3, 9.2, 9.1, 9.0 * 8.10, 8.9, 8.8, 8.7, 8.6, 8.5, 8.4, 8.3, 8.2, 8.1, 8.0 * **CentOS:** * 8.5, 8.4, 8.3, 8.2, 8.1, 8.0 * **Ubuntu:** * 24.04 * 22.04 * 20.04 * 18.04 * **Amazon Linux 2023** (AL2023) with x86 and ARM distributions * **Amazon Linux 2 LTS** (formerly Amazon Linux 2 LTS 17.12) with x86 and ARM distributions * **Amazon Linux:** * AMI 2018.03 * AMI 2017.09 * **SLES:** * 15 SP6 * 15 SP5 * 15 SP4 * 15 SP2 * 12 SP5 * **Oracle Linux:** * 9.6, 9 * 8.9 (ARM), 8.7, 8.5 * **Debian:** * 12 (with Linux kernel 6.6) * 10 * **AlmaLinux OS:** * 9.4 * 8.10 * **Proxmox Virtual Environment**: * 8.2 * 8.14 {% endtab %} {% tab title="Supported kernels versions" %} Identify the kernel requirements for the WEKA system to ensure platform stability and data integrity across the environment. Confirm that both the kernel version and the operating system version are listed as supported. These are distinct components with their own compatibility considerations. **Kernel compatibility matrix** The following table lists the supported kernel versions for WEKA servers. The range of supported versions is inclusive.

Kernel version	Supported operating systems
6.14	All supported distributions
6.12	Amazon Linux 2023 only
6.8	All supported distributions
6.0 to 6.5	All supported distributions
5.3 to 5.19	Various distributions (see notes for Amazon Linux 2)
4.4.0-1106 to 4.19	Various distributions
3.10	Legacy distributions

{% hint style="info" %} Kernels 5.15 and higher are not supported with the Amazon Linux 2 (AL2) operating system. {% endhint %} **Kernel update requirements** Manage the server environment to maintain a validated state. Preventing unintended upgrades ensures the WEKA process remains compatible with the underlying kernel. * **Disable automatic updates:** Turn off automatic kernel updates to prevent the server from upgrading to an unsupported version. * **Verify versioning:** Ensure the kernel version and operating system version are both explicitly listed as supported before any manual upgrade. * **Exclude kernel packages:** Configure the package manager to ignore kernel-related updates by adding `exclude=kernel*` to the configuration file (for example: `/etc/dnf/dnf.conf` or `/etc/yum.conf`). * **Validate configuration:** Run a check-update command to confirm the package manager no longer targets kernel packages for installation. {% endtab %} {% tab title="Configuration" %} #### General * All WEKA servers must be synchronized in date/time (NTP recommended) * A watchdog driver should be installed in /dev/watchdog (hardware watchdog recommended); search the WEKA knowledge base in the [WEKA support portal](http://support.weka.io) for more information and how-to articles. * If using `mlocate` or alike, it's advisable to exclude `wekafs` from `updatedb` filesystems lists; search the WEKA knowledge base in the [WEKA support portal](http://support.weka.io) for more information and how-to articles. #### SELinux * SELinux is supported in both `permissive` and `enforcing` modes. * `The targeted` policy is supported. * The `mls` policy is not supported yet. {% hint style="info" %} * To set the SELinux security context for files, use the `-o acl` in the mount command, and define the `wekafs` to use extended attributes in the SELinux policy configuration (`fs_use_xattr`). * The maximum size for the Extended Attributes (xattr) is limited to 1024. This attribute is crucial in supporting Access Control Lists (ACL) and Alternate Data Streams (ADS) in SMB. Given its finite capacity, exercise caution when using ACLs and ADS on a filesystem using SELinux. {% endhint %} #### cgroups * WEKA backends and clients that serve protocols must be deployed on a supported OS with **cgroupsV1**. * **cgroupsV2** is supported on backends and clients, but not in deployments with protocol clusters. {% endtab %} {% endtabs %} {% hint style="info" %} As of version 4.3.2, RHEL 7.X and CentOS 7.X are no longer supported due to their end-of-life status. If you need assistance upgrading your operating system, contact the [Customer Success Team](https://docs.weka.io/4.4/support/getting-support-for-your-weka-system#contact-customer-success-team) for guidance. {% endhint %} ## WEKA installation directory * **WEKA installation directory**: * The WEKA installation directory must be set to `/opt/weka`. * Use a direct path; symbolic links (symlinks) are not supported. * The /`opt/weka` directory is critical for proper WEKA operation. If it resides on shared storage, the storage must be highly available. * **Boot drive minimum requirements**: * Capacity: NVMe SSD with 960 GB capacity * Durability: 1 DWPD (Drive Writes Per Day) * Write throughput: 1 GB/s * **Boot drive considerations**: * Do not share the boot drive. * Do not mount using NFS. * Do not use a RAM drive remotely. * If two boot drives are available: * It is recommended to dedicate one boot drive for the OS and the other for the `/opt/weka` directory. * Do not use software RAID to have two boot drives. * **Software required space**: * Ensure that at least 26 GB is available for the WEKA system installation. * Allocate an additional 10 GB per core used by WEKA. * **Filesystem requirement**: * Set a separate filesystem on a separate partition for `/opt/weka`. ## Networking Adhere to the following considerations when choosing the adapters: * [**LACP**](#user-content-fn-4)[^4]**:** LACP is supported when bonding ports from dual-port Mellanox NICs into a single Mellanox device but is not compatible when using Virtual Functions (VFs). * **Intel E810:** * Only supported on RHEL 8.6 and Rocky Linux 8.6. For other operating systems, consult with the [Customer Success Team](https://docs.weka.io/4.4/support/getting-support-for-your-weka-system#contacting-weka-technical-support-team). * The ice Linux Base Driver version 1.9.11 and firmware version 4.0.0 are required. * [**MTU**](#user-content-fn-5)[^5]\ It is recommended to set the MTU to at least 4k on the NICs of WEKA cluster servers and the connected switches. * [**Jumbo Frames**](#user-content-fn-6)[^6]\ If any network connection, irrespective of whether it’s InfiniBand or Ethernet, on a given backend possess the capability to transmit frames exceeding 4 KB in size, it is mandatory for all network connections used directly by WEKA on that same backend to have the ability to transmit frames of at least 4 KB. * [**IOMMU**](#user-content-fn-7)[^7] **support**\ WEKA automatically detects and enables IOMMU for the server and PCI devices. Manual enablement is not required. * **Single IP**\ Single IP (also known as shared networking) allows a single IP address to be assigned to the Physical Function (PF) and shared across multiple Virtual Functions (VFs). This means that a single IP can be shared by every WEKA process on that server, while still being available to the host operating system. * **SR-IOV VF** Single Root I/O Virtualization Virtual Functions enable direct hardware access for virtual machines, improving network performance by reducing CPU overhead. {% hint style="info" %} Shared networking configuration for NIC models: * NVIDIA NICs: When implementing Shared Networking (Single IP), Virtual Functions (VFs) are not required. * Broadcom/Intel E810 NICs: VFs must be configured when deploying Shared Networking architecture. {% endhint %} * **Mixed networks** A mixed network configuration refers to a setup where a WEKA cluster connects to both InfiniBand and Ethernet networks. Certain features and configurations are not supported in mixed network setups. Review the following limitations and supported settings: * **Non-supported features in mixed networks:** * RDMA * VLAN * IPv6 * **Supported MTU settings in mixed networks:** * Ethernet (9000) + InfiniBand (4K) * **Non-supported MTU settings in mixed networks:** * Ethernet (1500) + InfiniBand (4K) * Ethernet (9000) + InfiniBand (2K) * **Routed network** Enables communication between subnets using Layer 3 routing, allowing WEKA clusters to span multiple network segments. * **HA (High Availability)** Ensures system uptime through redundant components and automatic failover. * **RX Interrupts** Receive interrupts that notify the CPU when network packets arrive, critical for optimizing network processing performance. * **IP addressing for dataplane NICs**\ Exclusively use static IP addressing. DHCP is not supported for dataplane NICs. * **WEKA peer connectivity requires NAT-free networking** WEKA requires visibility and connectivity to all peers, without interference from networking technologies like Network Address Translation (NAT). **Related topics** [networking-in-wekaio](https://docs.weka.io/4.4/weka-system-overview/networking-in-wekaio "mention") ### Supported network adapters for backends and clients The WEKA system is compatible with various network adapters for both backend servers and clients. The following table lists these adapters, detailing their protocol type and a breakdown of both supported and unsupported features. Use this information to verify hardware compatibility and understand the specific capabilities of each adapter within a WEKA environment.

Adapter	Protocol	Supported features	Unsupported features
Amazon ENA	Ethernet	SR-IOV VF	Single IP HA Routed network LACP Mixed networks RX interrupts RDMA IOMMU
Intel E810 2CQDA2 Note: This adapter is not supported beyond 4.4.x version series.	Ethernet	Shared networking HA Routed network	LACP Mixed networks RX interrupts RDMA SR-IOV VF IOMMU
NVIDIA Mellanox CX-7 single-port	InfiniBand	Single IP RX interrupts RDMA HA PKEY IOMMU	Mixed networks SR-IOV VF Routed network
NVIDIA Mellanox CX-7 dual-port	InfiniBand	Single IP RX interrupts RDMA HA PKEY IOMMU	Mixed networks SR-IOV VF Routed network
NVIDIA Mellanox CX-7-ETH single-port	Ethernet	Single IP RDMA HA Routed network (ETH only) IOMMU	LACP Mixed networks SR-IOV VF RX interrupts
NVIDIA Mellanox CX-7-ETH dual-port	Ethernet	LACP Single IP RDMA HA Routed network (ETH only) IOMMU	Mixed networks SR-IOV VF RX interrupts
NVIDIA Mellanox CX-6 LX	Ethernet	Single IP RDMA RX interrupts HA Routed network (ETH only) IOMMU	LACP Mixed networks SR-IOV VF
NVIDIA Mellanox CX-6 DX	Ethernet	LACP Single IP RX interrupts RDMA HA Routed network (ETH only) IOMMU	Mixed networks SR-IOV VF
NVIDIA Mellanox CX-6	Ethernet InfiniBand	Mixed networks Single IP RX interrupts RDMA HA IOMMU	Routed network LACP SR-IOV VF PKEY
NVIDIA Mellanox CX-5 EX	Ethernet InfiniBand	Mixed networks RDMA HA PKEY (IB) IOMMU	Single IP Routed network LACP SR-IOV VF RX interrupts
NVIDIA Mellanox CX-5 BF	Ethernet	Mixed networks RDMA HA IOMMU	Single IP Routed network LACP SR-IOV VF RX interrupts
NVIDIA Mellanox CX-5	Ethernet InfiniBand	Mixed networks RX interrupts RDMA HA Routed network (ETH only) PKEY (IB only) IOMMU	Single IP LACP SR-IOV VF Routed network (IB)
NVIDIA Mellanox CX-4 LX Note: This adapter was announced to be end-of-life by the manufacturer in January 2022. Its functionality in WEKA cannot be guaranteed, due to dependencies on DPDK18, limited features, and limited availability.	Ethernet InfiniBand	Mixed networks RX interrupts HA Routed network (ETH only) IOMMU	Single IP RDMA LACP SR-IOV VF Routed network (IB) PKEY
NVIDIA Mellanox CX-4	Ethernet InfiniBand	Mixed networks RX interrupts HA Routed network (ETH only) IOMMU	Single IP RDMA LACP SR-IOV VF Routed network (IB) PKEY
VirtIO	Ethernet	HA Routed network	Single IP LACP Mixed networks RX interrupts SR-IOV VF IOMMU

### Supported network adapters for clients-only The following network adapters support Ethernet and SR-IOV VF for clients only: * Intel X540 * Intel X550-T1 (avoid using this adapter in a single client connected to multiple clusters) * Intel X710 * Intel X710-DA2 * Intel XL710 * Intel XL710-Q2 * Intel XXV710 * Intel 82599ES * Intel 82599 * Broadcom BCM957508-P2100G * Broadcom BCM957608-P2200G ### OFED drivers OFED is not required for standard Ethernet deployments. OFED is required only when using LACP on a single NIC with dual ports to enable proper load balancing between the ports. This requirement is driven by the NIC networking stack, not by WEKA. {% hint style="info" %} OFED is not a WEKA dependency. When required, it is due to NIC driver behavior needed to support LACP load balancing. {% endhint %} {% hint style="warning" %} DOCA-OFED 3.1.0 or later is incompatible with WEKA backends and clients using CX-7 NICs. Instead, use the Mellanox OFED version provided below or the OFED drivers included with your distribution. {% endhint %} ### Ethernet drivers and configurations {% tabs %} {% tab title="Ethernet drivers" %} **Supported Mellanox OFED versions for the Ethernet NICs:** * 24.10 * 24.04 * 23.10 * 23.04 * 5.9 {% hint style="info" %} Subsequent OFED minor versions are expected to be compatible with NVIDIA hardware due to NVIDIA's commitment to backward compatibility. {% endhint %} **Supported ENA drivers:** * 1.0.2 - 2.0.2 * A current driver from an official OS repository is recommended **Supported ixgbevf drivers:** * 3.2.2 - 4.1.2 * A current driver from an official OS repository is recommended **Supported Intel 40 drivers:** * 3.0.1-k - 4.1.0 * A current driver from an official OS repository is recommended **Supported ice drivers:** * 1.9.11 **Supported Broadcom drivers**: * 228: Minimum required for 100/200 Gbps 57508 NIC * 231: Minimum required for 200/400 Gbps 57608 NIC {% endtab %} {% tab title="Ethernet configurations" %} * **NICs bonding:** * Supports bonding dual ports on the same NVIDIA Mellanox NIC using mode 4 (LACP) to enhance redundancy and performance. * **Ethernet speeds:** * 400 GbE / 200 GbE / 100 GbE / 50GbE / 40 GbE / 25 GbE / 10 GbE. * **IEEE 802.1Q VLAN encapsulation:** * Supports VLAN tagging with a single VLAN tag on NVIDIA Mellanox NICs. * **VXLAN:** * Virtual Extensible LANs are not supported. * **DPDK backends and clients using NICs supporting shared networking (single IP):** * Require one IP address per client for both management and data plane. * SR-IOV enabled is not required. * **DPDK backends clients using NICs supporting non-shared networking:** * IP address for management: One per NIC (configured before WEKA installation). * IP address for data plane: One per [WEKA core](https://docs.weka.io/4.4/bare-metal/planning-a-weka-system-installation#cpu-resource-planning) in each server (applied during cluster initialization). * [Virtual Functions](https://en.wikipedia.org/wiki/Network_function_virtualization) (VFs): * Ensure the device supports a maximum number of VFs greater than the number of physical cores on the server. * Set the number of VFs to match the cores you intend to dedicate to WEKA. * Note that some BIOS configurations may be necessary. * SR-IOV: Enabled in BIOS. * **UDP clients:** * Use a single IP address for all purposes. {% hint style="info" %} When assigning a network device to the WEKA system, no other application can create VFs on that device. {% endhint %} {% endtab %} {% endtabs %} ### InfiniBand drivers and configurations {% tabs %} {% tab title="InfiniBand drivers" %} WEKA supports the following NVIDIA major OFED versions for the InfiniBand adapters: * 24.10 * 24.04 * 23.10 * 23.04 {% hint style="info" %} Subsequent OFED minor versions are expected to be compatible with NVIDIA hardware due to NVIDIA's commitment to backward compatibility. {% endhint %} {% endtab %} {% tab title="InfiniBand configurations" %} WEKA supports the following InfiniBand configurations: * InfiniBand speeds: Determined by the InfiniBand adapter supported speeds (FDR / EDR / HDR / NDR). * Subnet manager: Configured to 4092. * One WEKA system IP address for management and data plane. * PKEYs: One partition key is supported by WEKA. * Redundant InfiniBand ports can be used for both HA and higher bandwidth. {% hint style="info" %} If it is necessary to change PKEYs, contact the [Customer Success Team](https://docs.weka.io/4.4/support/getting-support-for-your-weka-system#contacting-weka-technical-support-team). {% endhint %} {% endtab %} {% endtabs %} ### Required ports When configuring firewall ingress and egress rules the following access must be allowed. {% hint style="info" %} Right-scroll the table to view all columns. {% endhint %}

Purpose	Source	Target	Target Ports	Protocol	Comments
WEKA server traffic for bare-metal deployments	All WEKA backend IPs	All WEKA backend IPs	14000-14100 (drives) 14200-14300 (frontend) 14300-14400 (compute)	TCP and UDP TCP and UDP TCP and UDP	These ports are the default for the Resources Generator for the first three containers. You can customize the ports.
WEKA client traffic	Client host IPs	All WEKA backend IPs	14000-14100 (drives) 14300-14400 (compute)	TCP and UDP TCP and UDP	These ports are the default. You can customize the ports.
WEKA backend to client traffic	All WEKA backend IPs	Client host IPs	14000-14100 (frontend)	TCP and UDP	These ports are the default. You can customize the ports.
WEKA SSH management traffic	All WEKA backend IPs	All WEKA backend IPs	22	TCP
WEKA server traffic for cloud deployments	All WEKA backend IPs	All WEKA backend IPs	14000-14100 (drives) 15000-15100 (compute) 16000-16100 (frontend)	TCP and UDP TCP and UDP TCP and UDP	These ports are the default. You can customize the ports.
WEKA client traffic (on cloud)	Client host IPs	All WEKA backend IPs	14000-14100 (drives) 15000-15100 (compute)	TCP and UDP TCP and UDP	These ports are the default. You can customize the ports.
WEKA backend to client traffic (on cloud)	All WEKA backend IPs	Client host IPs	14000-14100 (frontend)	TCP and UDP	These ports are the default. You can customize the ports.
WEKA GUI access	Admin workstation IPs	All WEKA management IPs	14000	TCP	User web browser IP
NFS	NFS client IPs	WEKA NFS backend IPs	2049 <mountd port>	TCP and UDP TCP and UDP	You can set the `mountd` port using the command: `weka nfs global-config set --mountd-port`
NFSv3 (used for locking)	NFS client IPs	WEKA NFS backend IPs	46999 (status monitor) 47000 (lock manager)	TCP and UDP
SMB/SMB-W	SMB client IPs	WEKA SMB backend IPs	139 445	TCP TCP
SMB-W	All WEKA SMB-W backend IPs	All WEKA SMB-W backend IPs	2224	TCP	This port is required for internal clustering processes.
SMB/SMB-W	WEKA SMB backend IPs	All Domain Controllers for the selected Active Directory Domain	88 389 464 636 3268 3269	TCP and UDP TCP and UDP TCP and UDP TCP and UDP TCP and UDP TCP and UDP	These ports are required for SMB/SMB-W to use Active Directory as the identity source. Furthermore, every Domain Controller within the selected AD domain must be accessible from the WEKA SMB servers.
SMB/SMB-W	WEKA SMB backend IPs	DNS servers	53	TCP and UDP
S3	S3 client IPs	WEKA S3 backend IPs	9000	TCP	This port is the default. You can customize the port.
wekatester	All WEKA backend IPs	All WEKA backend IPs	8501 9090	TCP TCP	Port 8501 is used by wekanetperf.
WEKA Management Station	User web browser IP	WEKA Management Station IP	80 <LWH> 443 <LWH> 3000 <mon> 7860 <admin UI> 8760 <deploy> 8090 <snap> 8501 <mgmt> 9090 <mgmt> 9091 <mon> 9093 <alerts>	HTTP HTTPS TCP TCP TCP TCP TCP TCP TCP
Cloud WEKA Home, Local WEKA Home	All WEKA backend IPs	Cloud WEKA Home or Local WEKA Home	80 443	HTTP HTTPS	Open according to the directions in the deployment scenario: - WEKA server IPs to CWH or LWH. - LWH to CWH (if forwarding data from LWH to CWH)
Client telemetry and statistics	WEKA client	Cloud WEKA Home or Local WEKA Home	80 443	HTTP HTTPS	Lack of connectivity prevents client-related statistics from being reported.
Troubleshooting by the Customer Success Team (CST)	All WEKA backend IPs	CST remote access	4000 4001	TCP TCP
Traces remote viewer	All WEKA backend IPs	CST remote access	443	TCP
KMS: Hashicorp Vault	All WEKA backend IPs	Hashicorp Vault server	8200 8201	TCP TCP	Default vault ports: 8200 is configurable for client requests, while 8201 (base_port+1) handles internal cluster communication.
KMS: KMIP	All WEKA backend IPs	KMIP server	5696	TCP	The default KMIP port, 5696, is configurable. Per the KMIP specification, servers must use this port when operating with the TTLV encoding format.

## HA See [#high-availability](https://docs.weka.io/4.4/weka-system-overview/networking-in-wekaio#high-availability "mention") ## SSDs * The SSDs must support PLP (Power Loss Protection). * WEKA system storage must be dedicated, and partitioning is not supported. * The supported drive capacity is up to 30 TB. * The ratio between the cluster's smallest and the largest SSD capacity must not exceed 8:1. {% hint style="info" %} To get the best performance, ensure [TRIM](https://en.wikipedia.org/wiki/Trim_\(computing\)) is supported by the device and enabled in the operating system. {% endhint %} ## Object store WEKA integrates with object stores for two primary purposes: extending the filesystem capacity with a lower-cost tier and creating remote backups for disaster recovery. Support for these functions varies by the object store provider and its specific configuration. * **Tiering:** Moves inactive data from the high-performance SSD tier to a designated object store bucket. This frees up SSD capacity while keeping the data accessible within the unified filesystem namespace. Tiering requires high performance and consistency from the object store. * **Snap-to-Object:** Sends immutable snapshots of a filesystem to a remote object store. This provides an efficient and secure method for remote backup and disaster recovery. ### Certified object stores and support status The following table details the support status for certified object store solutions.

Object Store	Storage Class / Version	Supportability notes
Amazon S3	S3 Standard S3 Intelligent-Tiering	Tiering and snap-to-object
	S3 Standard-IA S3 One Zone-IA S3 Glacier Instant Retrieval	Snap-to-object supported; tiering not recommended (slow retrieval, storage period, access costs). Best for backups/DR. Use Intelligent-Tiering if unsure.
Azure Blob Storage		Tiering and snap-to-object
Cloudian HyperStore	7.3	Tiering and snap-to-object
CoreWeave AI Object Storage (CAIOS)		Snap-to-object; tiering not supported
Google Cloud Storage (GCS)		Tiering and snap-to-object
Dell EMC ECS	3.5	Tiering and snap-to-object
Dell PowerScale S3	9.8.0.0	Tiering and snap-to-object (all-flash models only)
HCP Classic	9.2+ (versioned buckets)	Tiering and snap-to-object
HCP for Cloud-Scale	2.x	Tiering and snap-to-object
IBM Cloud Object Storage	3.14.7	Tiering and snap-to-object
Lenovo MagnaScale	3	Tiering and snap-to-object
Quantum ActiveScale	5.5.1	Tiering and snap-to-object
Red Hat Ceph Storage	5	Tiering and snap-to-object
Scality Artesca	1.5.2	Tiering and snap-to-object
Scality RING S3 Connector	8.5	Tiering and snap-to-object
Scality RING WEKA Connector	9.5	Tiering and snap-to-object
SwiftStack	6.3	Tiering and snap-to-object
WEKA S3		Tiering and snap-to-object

### S3-Compatible object store requirements To ensure stability, performance, and data integrity, any S3-compatible object store used with WEKA must meet the following minimum requirements. **API requirements** The object store must provide a fully S3-compatible API that supports the following operations: * **GET**: Must include support for byte-range requests to allow for efficient fetching of partial objects. * **PUT**: Must support uploads of any object size up to 65 MiB. * **DELETE**: Must support standard object deletion. **Data consistency requirements** The object store must adhere to the [Amazon S3 data consistency model](https://docs.aws.amazon.com/AmazonS3/latest/dev/Introduction.html#ConsistencyModel): * **Strong read-after-write consistency:** A `GET` request for an object that occurs after a successful `PUT` request has created that object must immediately return the new object's data. * **Eventual consistency:** `PUT` requests that overwrite existing objects, or `DELETE` requests, are eventually consistent. This means that a subsequent `GET` request might temporarily return the older version of the data before the update or deletion has fully propagated across the system. ## Virtual Machines This section outlines the use of virtual machines (VMs) with WEKA, covering backends, clients, VMware platforms, and cloud environments. While VMs can be used in certain configurations, there are specific limitations and best practices to follow. ### Backends Virtual machines may be used as backends for internal training purposes only and are not recommended for production environments. WEKA provides best-effort support for backends deployed on virtual machines, but full support is not guaranteed. Additionally, WEKA does not guarantee support for components or configurations outside of our documented and supported cloud environments, and performance may vary. ### Clients Virtual Machines (VMs) can be used as clients. Ensure the following prerequisites are met for each client type: * **UDP clients**: * Reserve CPU resources and dedicate a core to the client to prevent CPU starvation of the WEKA process. * Ensure the root filesystem supports a 3K IOPS load for the WEKA client. * **DPDK clients**: * Meet all the requirements for UDP clients. * Additionally, verify that the virtual platform (hypervisor, NICs, CPUs, and their respective versions) fully supports DPDK and the required virtual network drivers. ### **VMware platform (**client only) When using **vmxnet3** devices, do not enable the SR-IOV feature, because it disables the vMotion functionality. Each frontend process requires a dedicated **vmxnet3** device and IP address, with an additional device and IP for each client VM to support the management process. Core dedication is required when using **vmxnet3** devices. ### VMs and instances on cloud environments Refer to the cloud deployment sections for the most up-to-date list of supported virtual machines and instances in various cloud environments. **Related topics** AWS: [supported-ec2-instance-types](https://docs.weka.io/4.4/planning-and-installation/aws/weka-installation-on-aws-using-terraform/supported-ec2-instance-types "mention") Azure: [supported-virtual-machine-types](https://docs.weka.io/4.4/planning-and-installation/weka-installation-on-azure/supported-virtual-machine-types "mention") GCP: [supported-machine-types-and-storage](https://docs.weka.io/4.4/planning-and-installation/weka-installation-on-gcp/supported-machine-types-and-storage "mention") \ **Related information** For additional information and how-to articles, search the WEKA Knowledge Base in the [WEKA support portal](http://support.weka.io) or contact the [Customer Success Team](https://docs.weka.io/4.4/support/getting-support-for-your-weka-system#contacting-weka-technical-support-team). ## KMS **Supported KMS types:** * [**KMIP-compliant KMS**](http://docs.oasis-open.org/kmip/spec/v1.2/os/kmip-spec-v1.2-os.html)**:** Supports protocol versions 1.2+ and 2.x. Only TTLV[^8] is supported as the messaging protocol. Supports commercial solutions such as Thales CipherTrust Manager. * [**HashiCorp Vault**](https://www.hashicorp.com/products/vault/)**:** Supports versions 1.1.5 to 1.x. [^1]: **AES (Advanced Encryption Standard)** in BIOS settings refers to hardware acceleration for AES encryption. Enabled by default, it speeds up encryption tasks using AES-NI. Disabling it may affect performance in encryption-heavy applications. [^2]: **Secure Boot** is a BIOS/UEFI feature that ensures only trusted software is loaded during startup. If Secure Boot is disabled, the system allows any software to run. [^3]: **AVX2 (Advanced Vector Extensions 2)** is a CPU instruction set that enhances performance on floating-point and integer operations. It is enabled by default on supported hardware, but can be disabled in virtual machines, depending on the hypervisor configuration. Ensure your VM settings allow AVX2. [^4]: LACP stands for "Link Aggregation Control Protocol." It is a networking protocol that enables the bundling of multiple network connections in parallel to increase bandwidth and provide redundancy. [^5]: MTU (Maximum Transmission Unit) represents the maximum size of a data packet that can be transmitted over a network. [^6]: Jumbo Frames refer to network frames that exceed the standard Maximum Transmission Unit (MTU) size, allowing for larger data packets to be transmitted over a network. [^7]: The IOMMU (Input/Output Memory Management Unit) is a hardware component that manages and controls data transfers between devices (like graphics cards) and a computer's main memory, enhancing system security and performance. [^8]: **TTLV (Tag-Length-Value)** is a binary encoding format used in KMIP for structured and efficient messaging between a KMS and its clients. It consists of a tag (data type), length (size), and value (data).