System requirements#

NethServer 8 can be deployed on a single machine or on more nodes in a cluster scenario. NS8 is currently available only for x86-64 architecture.

Minimum hardware requirements for a single node installation:

  • 2 vCPU/cores

  • 2GB RAM

  • 20GB disk

More nodes can be added later. When adding a new node, you should use similar hardware and the same distribution installed on the leader node.

Always install NethServer 8 on a clean server machine, do not install it on a desktop.

Linux distribution#

Supported GNU/Linux distributions and versions:

Static IP address#

Assign a static IP address to the server. DHCP and any other dynamic IP discovery protocols are not allowed.

DNS configuration#

As you are configuring a server, network clients must resolve its fully qualified domain name (FQDN) to a routable IP address with the DNS. This is a requirement to connect with the server.

A correct FQDN and DNS setup is also a requirement for TLS encryption to work properly. Once connected with the server, network clients check if the TLS certificate is valid for the given FQDN.

  1. Depending on your server purpose, DNS can be provided by a public internet service, a private network appliance, or even both of them. Read carefully and understand their documentation.

  2. Decide the FQDN of your server and register it in the DNS with the server public IP address. A FQDN is composed by the host name prefix (a single word) and the DNS domain suffix. For instance, host name can be jupiter and domain suffix the resulting FQDN is

Worker node requirements#

Among network clients, a worker node has some special requirements to be installed and configured.

The worker node reaches the leader during the join procedure at the following URL:


Ensure the following requirements are met:

  1. the worker node must resolve the leader FQDN to the correct routable address

  2. the HTTPS server (TCP port 443) at that address must handle the API request

  3. the API server response contains the leader VPN endpoint: it is a host address with a UDP port number used to set up a Wireguard VPN. The VPN endpoint is configured during the cluster creation procedure. Ensure it is not blocked by other network appliances.