How to Install CM-Connect on Linux OS (preferred)

This article will help with a Linux system install of CM-Connect.

  1. Please make sure the server/host where you will be deploying meets the minimal requirements. *Please note that we use K3s and K3s does not natively support nftables as its default network backend; it primarily relies on iptables.
  2. Download your installer Zip from the link that was provided to you
  3. Unzip and run the installer using commands that resemble these:
    1. unzip EXAMPLE_setup_lin.zip

      Replace "EXAMPLE_setup_lin.zip" with your specific file name

    2. cd installer_lin/
    3. sudo bash common_installer_k3s.sh 2>&1 | tee installation.log
  4. You will be prompted to check your disk size. Verify which folder allows the required space (500GB minimum). Once confirmed, press "y".
  5. You will then be prompted to choose the folder that k3s will utilize. Note that the default is "/". If this is correct, type "n", and if it is not, type "y" in order to move to the next prompt.
    1. If you typed "y", enter the folder that you verified in step 4 and confirm this with a ";" when prompted.In this example, the folder that has 500GB is "/cmrad"
  6. Next, you will be prompted to verify the path of the resolv.conf file. This file configures the DNS of k3s. You must select the path that does not contain a loop back address (127.0.0.1) by typing "a" or "b".
  7. The CM-Connect will now proceed with downloading and installing all necessary components. Give your system five minutes or so to finish running the installer and get your channels running.
  8. You can now configure your PACS with the channels created in the CM-Connect. Please follow the specific instructions we have provided. However, as an example:
    1. AET: CM-EXAMPLE-1-1
    2. IP: <this host>
    3. PORT: 4242
    4. Name/Description: Collective Minds Radiology

Ongoing maintenance

  1. Please include the host server into security upgrade/patch schedules.
  2. Make sure the server restarts at least every 60 days. This will make sure it remains securely connected to our services.

Redhat/Fedora/CentOS Notes

If firewalld is enabled, the following rules need to be in place:
firewall-cmd --permanent --add-port=6443/tcp #apiserver
firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 #pods
firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16 #services
firewall-cmd --reload
You can read more in this link:

Ubuntu / Debian

It is recommended to turn off ufw (uncomplicated firewall):

ufw disable

If you wish to keep ufw enabled, by default, the following rules are required:

ufw allow 6443/tcp #apiserver
ufw allow from 10.42.0.0/16 to any #pods
ufw allow from 10.43.0.0/16 to any #services

You can read more in this link:

https://docs.k3s.io/installation/requirements?os=debian