CN-Series Prerequisites

Review the system requirements for deploying the CN-Series within a cluster.

System Requirements for the Kubernetes Cluster

System requirements for the cluster in which you are deploying the CN-Series firewall.
While the CPU, memory and disk storage will depend on your needs, here are some guidelines:
Resource
CN-MGMT (StatefulSet Pod for Fault Tolerance)
CN-NGFW (DaemonSet Pod)
CN-NFGW(Service Pod)
Memory (min)
2Gi
2Gi
4Gi
Memory (max)
4Gi
2.5Gi
None.
CPU (Min)
2
1
1
CPU (Max)
None
None
None
Disk
52GiB
N.A.
N.A.
For 5G-Native Security, the guidelines are:
Resource
CN-MGMT (StatefulSet Pod for Fault Tolerance)
CN-NGFW (DaemonSet Pod)
Memory
16Gi
48Gi
CPU
4
12
Disk
52GiB
N.A.
  • Kubernetes cluster running supported Kubernetes version. See CN-Series Deployment—Supported Environments
    If your cluster is on GKE, make sure to enable the Kubernetes Network Policy API to allow the cluster administrator to specify which pods are allowed to communicate with each other. This API is required for the CN-NGFW and CN-MGMT Pods to communicate.
  • Panorama OS version 10.1.0 (minimum version)
    Panorama must be able to establish network connectivity with the Kubernetes cluster API server endpoint. In addition, you must add the ports that Panorama uses to fetch updates and communicate with the managed devices to an allow list, see Ports Used on Panorama.
  • Kubernetes plugin on Panorama version 1.0.0 (minimum version). Kubernetes plugin on Panorama version 2.0.0 (minimum version) is required to deploy the CN-Series as a Kubernetes service.

System Requirements for On-Premises Kubernetes Deployments

Review the following prerequisites for your on-premises deployments:
  • Ensure that the container images are accessible to all nodes in the Kubernetes cluster.
  • Set up a persistent volume within the cluster for both the CN-MGMT pods. Because the CN-MGMT pods are deployed as a StatefulSet, which actively manage the CN-NGFW pods, both instances must have access to the persistent volume.

Recommended For You