Version 1.6. This version is no longer supported. For information about how to upgrade to version 1.7, seeUpgrading Anthos on bare metalin the 1.7 documentation. For more information about supported and unsupported versions, see theVersion historypage in the latest documentation.
You must configure the base operating system of your node machines to use Google Distributed Cloud. This page contains the steps you need to take to complete the needed configuration. For more information about troubleshooting Google Distributed Cloud requirements, see thetroubleshooting guides.
Before you begin
Ensure you are using a supported version of your operating system. Anthos on bare metal supports the following versions for CentOS:
CentOS 8.1
CentOS 8.2
Ensure you have root access to the machines you are configuring.Validate Package manager with the following steps:
Check for updates:
sudodnfcheck-update
Ensure the output has no errors and the last metadata expiration check, for example:
Compare your output with the following example to ensure the Client and Server versions are 19.03+ :
Client: Docker Engine - Community
Version: 19.03.13
...
Server: Docker Engine - Community
Engine:
Version: 19.03.13
Setting up time synchronization
To ensure proper time synchronization, install an NTP service on your machines using any of the available services:chrony,systemd-timesyncd, ntp, or ntpdate. Runtimedatectlto verify the system clock is synchronized. The output oftimedatectlshould contain the following status:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis guide provides the necessary steps to configure the base operating system of node machines for Google Distributed Cloud, focusing on CentOS 8.1 and 8.2.\u003c/p\u003e\n"],["\u003cp\u003eEnsure that the package manager is up-to-date by running \u003ccode\u003esudo dnf check-update\u003c/code\u003e and checking for errors and metadata expiration.\u003c/p\u003e\n"],["\u003cp\u003eSet SELinux to \u003ccode\u003epermissive\u003c/code\u003e mode using \u003ccode\u003esudo setenforce 0\u003c/code\u003e (temporary) and \u003ccode\u003esudo sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config\u003c/code\u003e (persistent), and verify with \u003ccode\u003esudo sestatus | grep "Current mode"\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eDisable the \u003ccode\u003efirewalld\u003c/code\u003e service by running \u003ccode\u003esudo systemctl stop firewalld\u003c/code\u003e and \u003ccode\u003esudo systemctl disable firewalld\u003c/code\u003e, and confirm it is inactive with \u003ccode\u003esudo systemctl status firewalld | grep "Active"\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eInstall or upgrade Docker to version 19.03 or later, including removing previous versions, and verify the installation with \u003ccode\u003esudo docker version\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eEnsure that the System clock is synchronized using an NTP service and verify with the \u003ccode\u003etimedatectl\u003c/code\u003e command.\u003c/p\u003e\n"]]],[],null,["# Configuring CentOS\n\n\u003cbr /\u003e\n\nYou must configure the base operating system of your node machines to use Google Distributed Cloud. This page contains the steps you need to take to complete the needed configuration. \n\nFor more information about troubleshooting Google Distributed Cloud requirements, see the [troubleshooting guides](/anthos/clusters/docs/bare-metal/1.6/troubleshooting/known-issues).\n\nBefore you begin\n----------------\n\nEnsure you are using a supported version of your operating system. Anthos on bare metal supports the following versions for CentOS:\n\n- CentOS 8.1\n- CentOS 8.2\n\nEnsure you have root access to the machines you are configuring. \n\nValidate Package manager with the following steps:\n\n1. Check for updates:\n\n sudo dnf check-update\n\n2. Ensure the output has no errors and the last metadata expiration check, for example:\n\n # Last metadata expiration check: ...\n ...\n google-cloud-sdk.x86_64 ...\n\nSetting SELinux to `permissive`\n-------------------------------\n\n1. Set SELinux to permissive:\n\n sudo setenforce 0 # temporary\n sudo sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config # persistent - requires reboot\n\n2. Verify SELinux is set to permissive:\n\n sudo sestatus | grep \"Current mode\"\n # Output\n # Current mode: permissive\n\nDisabling `firewalld`\n---------------------\n\n1. Disable `firewalld`:\n\n sudo systemctl stop firewalld\n sudo systemctl disable firewalld\n\n2. Check the status of `firewalld` to ensure it is disabled:\n\n sudo systemctl status firewalld | grep \"Active\"\n # Output\n # Active: inactive (dead)\n\nConfiguring Docker 19.03+ on your workstation\n---------------------------------------------\n\nGoogle Distributed Cloud helps you install Docker on your bare metal machines in the\nfollowing scenarios:\n\n- If your bare metal machines don't have Docker installed, `bmctl` installs 19.03.13 or later.\n- If your bare metal machines have Docker 19.03.5 or earlier installed, `bmctl` upgrades Docker to version 19.03.13 or later.\n\n| **Note:** The workstation running `bmctl` needs non-root user access to Docker to start the temporary bootstrap (kind) cluster during installation. To enable non-root user access to Docker, go to [Manage Docker as a non-root user](https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user).\n\nFollow these steps to manually install Docker:\n\n1. Remove any previous Docker version:\n\n sudo dnf remove docker \\\n docker-client \\\n docker-client-latest \\\n docker-common \\\n docker-latest \\\n docker-latest-logrotate \\\n docker-logrotate \\\n docker-engine\n\n2. Install Docker 19.03+:\n\n sudo dnf install -y yum-utils\n sudo yum-config-manager \\\n --add-repo \\\n https://download.docker.com/linux/centos/docker-ce.repo\n sudo dnf install -y docker-ce docker-ce-cli containerd.io\n sudo systemctl start docker\n\n3. Verify you are now running version 19.03+:\n\n sudo docker version\n\n4. Compare your output with the following example to ensure the Client and Server versions are 19.03+ :\n\n Client: Docker Engine - Community\n Version: 19.03.13\n ...\n Server: Docker Engine - Community\n Engine:\n Version: 19.03.13\n\nSetting up time synchronization\n-------------------------------\n\nTo ensure proper time synchronization, install an NTP service on your machines using any of the available services: [chrony](https://chrony.tuxfamily.org/), [systemd-timesyncd](https://wiki.archlinux.org/index.php/systemd-timesyncd), ntp, or ntpdate. Run `timedatectl` to verify the system clock is synchronized. The output of `timedatectl`should contain the following status: \n\n System clock synchronized: yes"]]
