Home > Storage > ObjectScale and ECS > Product Documentation > Dell ObjectScale: General Best Practices > Infrastructure services preparation
The first step in getting ready for ObjectScale installation is to prepare for infrastructure services such as firewall and network, ACL (Access Control Lists), DNS, NTP, and so on. Knowledge of requirements and existing infrastructure at the site is important.
Each node in an ObjectScale cluster requires both forward and reverse DNS entries as well as access to one or more domain name servers. Each workflow might require unique DNS entries. DNS administrators must have ample time to meet with all necessary application and workflow engineering teams so that the naming requirements can be fully understood and correctly deployed.
We recommend that you:
Network Time Protocol (NTP) accessibility is essential for ObjectScale to operate correctly. Precise time is necessary for consistent clock synchronization across the nodes on an ObjectScale system, and it ensures clean log and journal entries for chunk timestamp values. A system time skew of more than 30 seconds between each node will cause errors in tenant creation. For more information, see NTP best practices.
Many people wonder how many upstream time servers they should list in their NTP configuration file. While the general rule is for 2n+1 to protect against "n" falsetickers, this actually isn't true for the case where n=1. It actually takes 2 servers to produce a "candidate" time, which is really an interval. The winner is the shortest interval for which more than half (counting the two that define the interval) have an offset (+/- the dispersion) that lies on the interval and that contains the point of greatest overlap.
In the case of four servers, the truechimer with the largest offset defines one end of the interval. The truechimer with the smallest offset defines the other end. Lastly, the third truechimer overlaps these two, with an overlap count of at least two and possibly three. The falseticker's interval will overlap few if any of these intervals (or it wouldn't be a falseticker) and will be eliminated.
With only three servers, the interval defined by the two truechimers has no overlap with any other servers. However, the interval defined by one of the truechimers and the falseticker overlaps the other truechimer, so this is the interval chosen, and thus the falseticker is still included. For more information, see NTP best practices.
We recommend that you use four and no more than seven NTP servers.
Certain ports must be open for ObjectScale traffic. Firewall rules must be modified to open the ports required for the traffic.
For a complete list of ports to open, see the latest ObjectScale Security Configuration Guide on Dell Support (Dell support login required), and define rules in your firewall accordingly.