Skip to main content
Version: 1.17.0

Prerequisites for KubeSlice Installation

Before installing KubeSlice, ensure that the required clusters, tools, authentication mechanisms, and networking configurations are properly set up.

Infrastructure Requirements

KubeSlice Controller Cluster

The KubeSlice Controller acts as the central control plane for managing slices, clusters, and networking policies.

The following requirements must be met for the controller cluster to ensure proper functionality and performance of KubeSlice:

ResourceMinimum
Cluster Requirements1 Kubernetes Cluster
Node RequirementsOne node with a minimum of 2 vCPUs and 1.25 Gi of RAM available. It is recommended to create a separate NodePool for KubeSlice components to improve performance and simplify management.
Supported Kubernetes Versions1.26, 1.27, and 1.28
Supported Kubernetes ServicesAzure Kubernetes Service (AKS), AWS Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), and Rancher Kubernetes Engine (RKE)
Required Helm Version3.7.0

The controller cluster manages cluster registration, slice creation, and network configuration across all worker clusters.

Worker Clusters

Worker clusters are the Kubernetes clusters that participate in the KubeSlice network and host application workloads.

The following requirements must be met for worker clusters to ensure proper functionality and performance of KubeSlice:

ResourceMinimum
Cluster Requirements1 Kubernetes Cluster
NodePools Required2 node pools with a minimum of 2 nodes each sized with a minimum of 4 vCPUs and 16GB of RAM.
NodePools Reserved for KubeSlice Components1 NodePool - We highly recommend creating a separate NodePool for KubeSlice components to improve performance and simplify management.
Supported Kubernetes Versions1.26, 1.27, and 1.28
Supported Kubernetes ServicesAzure Kubernetes Service (AKS), AWS Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), and Rancher Kubernetes Engine (RKE)
Required Helm Version3.7.0
Required Istio Version1.16.0
Required Prometheus Version19.3.0

Worker clusters connect to the controller cluster and host application workloads within slices. They also run KubeSlice components that manage slice connectivity and enforce network policies.

Cluster Setup

Cluster Networking

To ensure the proper functioning of the KubeSlice Gateway Nodes in both public and private clusters, you must open the required UDP ports.

Kubernetes ServiceCNI with Network Policy SupportOpen UDP PortsReachability Options
Azure Kubernetes ServiceEnable Calico for Azure AKS30000-33000Public Node IP with NodePort Service
AWS Elastic Kubernetes ServiceEnable Calico for Amazon EKS30000-33000Public Node IP with NodePort Service
Google Kubernetes EngineEnable Calico for Google GKE30000-33000Public Node IP with NodePort Service
Self-managed on-premises Kubernetes clustersEnable Calico for on-premise deployments30000-33000Public Node IP reachable on the on-premise network

Cluster Authentication

Cluster authentication ensures secure communication between the installation environment, controller cluster, and worker clusters.

The following requirements must be met to ensure proper authentication and secure communication between clusters:

  • A valid kubeconfig file for each cluster must be available.
  • The user performing the installation must have cluster-admin privileges.
  • Each cluster must be configured with the correct kubeconfig context.
  • Authentication credentials such as tokens or certificates must be securely stored.

Proper authentication allows the controller to register clusters and manage resources across multiple clusters securely. For more information, see Cluster Authentication.

Label KubeSlice Gateway Nodes

Gateway nodes in worker clusters are used to run KubeSlice gateway components, which handle secure connectivity and traffic between clusters. To ensure these components are scheduled on the correct nodes, you must label the nodes designated as gateway nodes.

The following requirements must be met to ensure that gateway nodes are properly labeled and configured:

  • Select one or more nodes in each worker cluster to serve as gateway nodes.
  • Apply the required node label to identify gateway nodes.
  • KubeSlice gateway pods will be scheduled on these nodes using node selectors.

At least one gateway node per worker cluster is required. For production deployments, multiple gateway nodes are recommended for high availability. For more information, see Label KubeSlice Gateway Nodes.

Metrics and Service Mesh Requirements

Install Prometheus

Monitoring and observability are crucial for maintaining the health and performance of your KubeSlice deployment.

The following requirements must be met to ensure that Prometheus is properly installed and configured on your worker clusters:

  • Install and configure Prometheus for metrics collection.
  • Install and configure Grafana for metrics visualization.
  • Ensure that Prometheus is configured to scrape metrics from KubeSlice components and application workloads.
  • Set up alerting rules in Prometheus to notify you of any issues or anomalies in your KubeSlice deployment.

For more information, see Install Prometheus.

Install Istio

Istio provides advanced traffic management, security, and observability features for your KubeSlice deployment.

The following requirements must be met to ensure that Istio is properly installed and configured on your worker clusters:

  • Install and configure Istio on each worker cluster.
  • Ensure that Istio is configured to manage traffic between services within and across clusters.
  • Configure Istio ingress and egress gateways for inter-cluster communication.

For more information, see Install Istio.

Setup your Local Environment

You need to set up your local environment with the necessary command-line tools and credentials to manage your Kubernetes clusters and install KubeSlice.

Install Command-Line Tools

Verify that the following command-line tools are installed and configured:

Obtain KubeSlice Enterprise Credentials

To access KubeSlice Enterprise features, you must register and obtain the required credentials. Visit the KubeSlice Enterprise registration page and complete the registration process to receive your credentials. The credentials are also referred to as the image pull secrets.

To register for KubeSlice Enterprise:

  1. Go to https://avesha.io/kubeslice-registration/.
  2. On the registration page, for Full Name, enter your name.
  3. For Company, enter the name of your company.
  4. For Title/Position/Role, enter your designation in the company.
  5. For Office Email, enter your official email address.
  6. For Select Cloud Type, select the cloud location from the drop-down list.
  7. Read Terms and Conditions and select its checkbox.
  8. Click Register to get access to the enterprise helm charts.
    A username and a password will be emailed to you. After you receive them, you are all set to start the install procedure.
  9. The information you receive in the email is to add the helm repository in your local system while preparing your clusters.

Configure the Helm Repository

Use the credentials to add the KubeSlice Enterprise Helm repository to your local Helm configuration:

helm repo add kubeslice https://kubeslice.github.io/charts/
helm repo update

Verify that the repository is added successfully by searching for KubeSlice charts:

helm search repo kubeslice

Example Output:

NAME                                         CHART VERSION  APP VERSION DESCRIPTION                                       
kubeslice/botkube                            v1.0.0         v1.0.0      Controller for the Kubeslice Botkube Slack app ...
kubeslice/cert-manager                       v1.7.0         v1.7.0      A Helm chart for cert-manager                     
kubeslice/efk-logging-bundle                 0.1.1          0.1.0       A Helm chart for efk stack logging bundle         
kubeslice/elasticsearch                      0.1.1                      A Helm chart for elasticsearch Kubernetes         
kubeslice/fluentd                            0.1.3                      A Helm chart for fluentd Kubernetes               
kubeslice/istio-base                         1.16.0         1.16.0     	Helm chart for deploying Istio cluster resource...
kubeslice/istio-discovery                    1.16.0         1.16.0      Helm chart for istio control plane                
kubeslice/kibana                             0.1.1                    	A Helm chart for kibana Kubernetes                
kubeslice/kubeslice-controller               1.17.0         1.17.0      Kubernetes multi-cluster/cloud fleet management...
kubeslice/kubeslice-ui                       1.17.0         1.17.0      Kubernetes manager for kubeslice
kubeslice/kubeslice-worker                   1.17.0         1.17.0      KubeSlice operator - A Helm chart for managing ...                
kubeslice-helm-ent-prod/prometheus           19.3.1         v2.41.0     Prometheus is a monitoring system and time seri...

OIDC Token Authentication

Configure OIDC-based authentication to integrate KubeSlice Manager with your identity provider (Okta, GitHub, Azure AD, and so on).Its optional but highly recommended to set up OIDC authentication for secure access to the KubeSlice Manager and API.

For more information, see Configure OIDC Token Authentication

Copyright © Avesha 2026. All rights reserved.  Terms and Conditions  and  Privacy Policy