Version 1.11. This version is no longer supported. For information about how to upgrade to version 1.12, see Upgrading Anthos on bare metal in the 1.12 documentation. For more information about supported and unsupported versions, see the Version history page in the latest documentation.
You must configure the base operating system of your node machines to use
Google Distributed Cloud. This page contains the steps you need to take to complete the
needed configuration.
For more information about troubleshooting Google Distributed Cloud requirements,
see the known issues.
Before you begin
Ensure you are using a supported version of your operating system.
Google Distributed Cloud supports the following versions for Ubuntu:
18.04
20.04
Validate package manager:
sudo apt-get check
The output should show no errors and look similar to the following example:
Compare your output with the following example to ensure the Client and Server versions are 19.03+ :
Client: Docker Engine - Community
Version: 19.03.13
...
Server: Docker Engine - Community
Engine:
Version: 19.03.13
Set up time synchronization
Time synchronization consists of setting the clocks on your node machines, using
a designated external time reference. Time synchronization is important for
time-sentive cluster activities, such as event logging and metrics collection.
The kernel of your node machine controls the clock in containers that run on the
node. To ensure proper time synchronization, install a network time protocol
(NTP) service on your machines, using any of the available services:
chrony, systemd-timesyncd,
ntp, or ntpdate. Run timedatectl to verify the system clock is
synchronized. The output of timedatectl should contain the following status:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud requires specific configurations for the base operating system of node machines, including using supported Ubuntu versions 18.04 or 20.04, and ensuring the proper package manager is implemented.\u003c/p\u003e\n"],["\u003cp\u003eUncomplicated Firewall (UFW) must be disabled on node machines for proper functionality, which can be confirmed with \u003ccode\u003esudo ufw status\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eDocker 19.03 or later is required, and Google Distributed Cloud can automatically install or upgrade Docker if necessary, and the workstation running \u003ccode\u003ebmctl\u003c/code\u003e needs non-root user access to Docker.\u003c/p\u003e\n"],["\u003cp\u003eTime synchronization using a network time protocol (NTP) service like \u003ccode\u003echrony\u003c/code\u003e, \u003ccode\u003esystemd-timesyncd\u003c/code\u003e, \u003ccode\u003entp\u003c/code\u003e, or \u003ccode\u003entpdate\u003c/code\u003e is crucial for time-sensitive activities, and the \u003ccode\u003etimedatectl\u003c/code\u003e command can be used to verify synchronization.\u003c/p\u003e\n"],["\u003cp\u003eUbuntu version 18.04.6 with kernel versions from \u003ccode\u003e4.15.0-144-generic\u003c/code\u003e to \u003ccode\u003e4.15.0-176-generic\u003c/code\u003e is not compatible with Google Distributed Cloud 1.11, and it is suggested to upgrade to Ubuntu 18.04.2 LTS (v4.18) or above.\u003c/p\u003e\n"]]],[],null,["# Configure Ubuntu\n\n\u003cbr /\u003e\n\nYou must configure the base operating system of your node machines to use\nGoogle Distributed Cloud. This page contains the steps you need to take to complete the\nneeded configuration.\nFor more information about troubleshooting Google Distributed Cloud requirements,\nsee the [known issues](/anthos/clusters/docs/bare-metal/1.11/troubleshooting/known-issues).\n\nBefore you begin\n----------------\n\nEnsure you are using a supported version of your operating system.\nGoogle Distributed Cloud supports the following versions for Ubuntu:\n| **Caution:** Ubuntu version 18.04.6 running the GA kernel versions from `4.15.0-144-generic` to `4.15.0-176-generic` isn't compatible with Google Distributed Cloud version 1.11 (see [Known Issues](/anthos/clusters/docs/bare-metal/1.11/troubleshooting/known-issues#ubuntu-18-04-6) for details). To ensure compatibility, we recommend that you install the [Ubuntu Hardware Enablement (HWE) kernel](https://ubuntu.com/kernel/lifecycle#installation-18-04) and upgrade it to the latest supported HWE version for Ubuntu 18.04. We specifically suggest Ubuntu 18.04.2 LTS (v4.18) or above.\n\n- 18.04\n- 20.04\n\nValidate package manager: \n\n sudo apt-get check\n\nThe output should show no errors and look similar to the following example: \n\n # Reading package lists... Done\n # Building dependency tree\n # Reading state information... Done\n\n| **Note:** Starting with Google Distributed Cloud 1.8.2, you aren't required to disable AppArmor. If you are deploying clusters using an earlier Google Distributed Cloud release, see the [instructions to disable AppArmor](/anthos/clusters/docs/bare-metal/1.7/installing/configure-os/ubuntu#disabling_apparmor).\n\nDisable Uncomplicated Firewall (UFW)\n------------------------------------\n\n1. Disable `ufw`:\n\n sudo ufw disable\n\n2. Check that `ufw` is disabled:\n\n sudo ufw status\n # Status: inactive\n\nConfigure Docker 19.03+ on your workstation\n-------------------------------------------\n\nGoogle Distributed Cloud helps you install Docker on your bare metal machines in the\nfollowing scenarios:\n\n- If your bare metal machines don't have Docker installed, `bmctl` installs 19.03.13 or later.\n- If your bare metal machines have Docker 19.03.5 or earlier installed, `bmctl` upgrades Docker to version 19.03.13 or later.\n\n| **Note:** The workstation running `bmctl` needs non-root user access to Docker to start the temporary bootstrap (kind) cluster during installation. To enable non-root user access to Docker, go to [Manage Docker as a non-root user](https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user).\n\nFollow these steps to manually install Docker:\n\n1. Remove any previous Docker version:\n\n sudo apt-get remove docker docker-engine docker.io containerd runc\n\n2. Update your package manager:\n\n sudo apt-get update\n\n3. Install Docker 19.03+:\n\n sudo apt-get install \\\n apt-transport-https \\\n ca-certificates \\\n curl \\\n gnupg-agent \\\n software-properties-common \\\n docker.io\n\n4. Verify you are now running version 19.03+:\n\n sudo docker version\n\n5. Compare your output with the following example to ensure the Client and Server versions are 19.03+ :\n\n Client: Docker Engine - Community\n Version: 19.03.13\n ...\n Server: Docker Engine - Community\n Engine:\n Version: 19.03.13\n\nSet up time synchronization\n---------------------------\n\nTime synchronization consists of setting the clocks on your node machines, using\na designated external time reference. Time synchronization is important for\ntime-sentive cluster activities, such as event logging and metrics collection.\nThe kernel of your node machine controls the clock in containers that run on the\nnode. To ensure proper time synchronization, install a network time protocol\n(NTP) service on your machines, using any of the available services:\n[`chrony`](https://chrony.tuxfamily.org/), `systemd-timesyncd`,\n`ntp`, or `ntpdate`. Run `timedatectl` to verify the system clock is\nsynchronized. The output of `timedatectl` should contain the following status: \n\n System clock synchronized: yes"]]