This article will help with a Linux system install of CM-Connect.
- Please make sure the server/host where you will be deploying meets the minimal requirements. *Please note that we use K3s and K3s does not natively support nftables as its default network backend; it primarily relies on iptables.
- Download your installer Zip from the link that was provided to you
- Unzip and run the installer using commands that resemble these:
-
unzip EXAMPLE_setup_lin.zip
Replace "EXAMPLE_setup_lin.zip" with your specific file name
-
cd installer_lin/
-
sudo bash common_installer_k3s.sh 2>&1 | tee installation.log
-
- You will be prompted to check your disk size. Verify which folder allows the required space (500GB minimum). Once confirmed, press "y".
- You will then be prompted to choose the folder that k3s will utilize. Note that the default is "/". If this is correct, type "n", and if it is not, type "y" in order to move to the next prompt.
- If you typed "y", enter the folder that you verified in step 4 and confirm this with a ";" when prompted.In this example, the folder that has 500GB is "/cmrad"
- If you typed "y", enter the folder that you verified in step 4 and confirm this with a ";" when prompted.In this example, the folder that has 500GB is "/cmrad"
- Next, you will be prompted to verify the path of the resolv.conf file. This file configures the DNS of k3s. You must select the path that does not contain a loop back address (127.0.0.1) by typing "a" or "b".
- The CM-Connect will now proceed with downloading and installing all necessary components. Give your system five minutes or so to finish running the installer and get your channels running.
- You can now configure your PACS with the channels created in the CM-Connect. Please follow the specific instructions we have provided. However, as an example:
- AET: CM-EXAMPLE-1-1
- IP: <this host>
- PORT: 4242
- Name/Description: Collective Minds Radiology
Ongoing maintenance
- Please include the host server into security upgrade/patch schedules.
- Make sure the server restarts at least every 60 days. This will make sure it remains securely connected to our services.
Redhat/Fedora/CentOS Notes
If firewalld is enabled, the following rules need to be in place:
firewall-cmd --permanent --add-port=6443/tcp #apiserver
firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 #pods
firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16 #services
firewall-cmd --reload
You can read more in this link:
Ubuntu / Debian
It is recommended to turn off ufw (uncomplicated firewall):
ufw disable
If you wish to keep ufw enabled, by default, the following rules are required:
ufw allow 6443/tcp #apiserver
ufw allow from 10.42.0.0/16 to any #pods
ufw allow from 10.43.0.0/16 to any #services
You can read more in this link: