Versions Compared

Old Version 6

changes.mady.by.user Alena Kniazeva

Saved on

compared with

New Version 7

changes.mady.by.user Alena Kniazeva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
Column
width50%
Panel
borderColor#CCCCCC
bgColor#FFFFFF
titleBGColor#F0F0F0
borderStylesolid
titleOn the page:

Table of Contents

 

Column



General information

This page describes the minimum hardware and software requirements necessary for deploying Axxon Datacenter operation. The full list of requirements is created final configuration (number of servers, performance, and storage capacity) is calculated individually for each customer, depending on their needs (see project based on its tasks and scale. These requirements serve as the technical basis for infrastructure planning. This page describes the baseline requirements. A complete list of checkpoints for infrastructure preparation is available in Checklist of requirements for configuring Axxon Datacenter).

Hardware

Requirements for server hardware

You can use several types of servers for deployment, each performing different roles in the architecture:

Server role
Servers
Minimum requirementsFunction and purpose
Axxon One (one or three servers)
  • OS: Linux
OS
  • Ubuntu LTS
:
  • 22.04
,
  • /20.04
  • CPU:
4x
  • 4 cores (
4vCPU
  • vCPU), ~2.
5GHz
  • 5 GHz (x86-64)
  • RAM:
16GB
  • 16 GB
  • SSD:
256GB
  • 256 GB for OS and additional software
  • SSH access
    • Network: SSH, open ports 80 (HTTP), 443 (HTTPS)
    		Peripheral servers for video processing and on-site analytics. The number is determined by the required fault tolerance
    Incoming/outgoing connections are allowed on ports 80 and 443
    AxxonNet (one or three servers)
    • OS: Linux
    OS
    • Ubuntu LTS
    :
    • 22.04
    ,
    • /20.04
    • CPU:
    4x
    • 4 cores (
    4vCPU
    • vCPU), ~2.
    5GHz
    • 5 GHz (x86-64)
    • RAM:
    16GB
    • 16 GB
    • SSD:
    300GB
    • 300 GB for OS and additional software
  • SSH access
    • Network: SSH, open ports 80443

    Control center. Provides a unified interface, user management, and integration

    Incoming/outgoing connections are allowed on ports 80 and 443

    Service domain (optional)
    • OS: Linux
    OS
    • Ubuntu LTS
    :
    • 22.04
    ,
    • /20.04
    • CPU:
    4x сores
    •  4 cores (
    4vCPU
    • vCPU), ~2.
    5GHz
    • 5 GHz (x86-64)
    • RAM:
    8GB
    • 8 GB
    • SSD:
    256GB
    • 256 GB for OS and additional software
  • SSH access
    • Databases
    • Network: SSH
    		Hosting of supporting services (for example, portal, documentation)
    Database servers
    • OS: Linux Ubuntu LTS
    Linux OS Ubuntu LTS:
    • 22.04
    ,
    • /20.04
    • CPU:
    4x сores
    • 4 cores (
    4vCPU
    • vCPU), ~2.
    5GHz
    • 5 GHz (x86-64)
    • RAM:
    32GB
    • 32 GB
    • SSD:
    500GB
    • 500 GB for OS and additional software
  • SSH access

    • License server, if hosted by the customer

  • Possibility to connect a USB dongle
    • Network: SSH
    		For deploying PostgreSQL, ClickHouse, and other DBMSs. Disk requirements depend on the archive size

    License Server (if hosted locally, see Private License Server)

    • OS: Linux Ubuntu LTS 22.04/
    Linux OS Ubuntu LTS: 22.04,
    • 20.04
    • CPU:
    4x сores
    • 4 cores (
    4vCPU
    • vCPU), ~2.
    5GHz
    • 5 GHz (x86-64)
    • RAM:
    8GB
    • 8 GB
    • SSD:
    150GB
    • 150 GB for OS and additional software
    • USB port for hardware key
    • Network: SSH
    access

    Storage

    		Alternatively, you can use AxxonSoft’s corporate cloud license server (see Public License Server)

    Requirements for video archive storage systems

    Storage typeRequirements and supported solutions

    Object storage (S3-compatible)

    Direct integration with cloud and local S3 solutions to create a horizontally scalable archive.

    Public cloud services:

    Block storage
    • NAS
    • Shared partition available for all Axxon One servers
    • NFS/SMB
    • Network path
    Object storage

    Wasabi
  • MiniIO

    • Host system settings

    Note
    titleAttention!

    When using virtualization systems, the security of the host system is the responsibility of the customer.

    ...

    Private/Hybrid solutions:

    • MinIO for deployment in private infrastructure
    Network-attached storage (NAS)

    Usage of classic network storage devices using standard protocols.

    • NAS system with a shared network partition
    • Access via a network path (UNC) for all Axxon One servers
    • Supported protocols: NFS (Linux/Unix OS), SMB/CIFS (Windows OS)

    Required settings of the host system and network

    These settings are critical for the correct deployment and operation of the platform:

    ParameterRequirements
    Security and access
    ResponsibilitySecurity of host systems (including hypervisors) is provided by the customer
    Interserver traffic

    All network connections must be allowed between all project servers (without firewall restrictions):

    • All traffic between the hosts is allowed

    • All servers are accessible to each other over the network

    • There are no port restrictions between servers

    • There is no firewall between the servers

    SSH accessRequired for installation and administration on Linux servers
    FirewallUFW is not supported and must be disabled in the OS. If necessary, you can configure the rules via iptables
    Network configuration
    Open ports

    The following ports are open and added to the Firewall permissions:

    • Incoming/Outgoing: 22 (SSH), 80 (HTTP), 443 (HTTPS)
    • Outgoing: Access from monitoring proxy hosts (from hosts running Zabbix proxy) to port 10051 of the external AxxonSoft monitoring service based on Zabbix (m.itdep.net)

    ...

    • Incoming

    ...

    • : on the local network to port 10051 of the host running Zabbix

    ...

    • Proxy

    ...

    Internet access

    ...

    All

    ...

    Full Internet access from the servers is provided.

    ...

    UFW isn't supported and must be disabled in OS. Optional port configuration must be done with Iptables.

    ...

    servers must have full internet access (for installing updates, licenses, certificates, and others)
    Time synchronization (NTP)All servers must have an NTP server configured and functioning correctly
    Time zoneAll servers must have the required time zone set
    Infrastructure services (delivery options)
    License Server

    ...

    • AxxonSoft provides access to

    ...

    • a corporate license server. This server must be accessible from all

    ...

    • Axxon One

    ...

    • servers

    ...

    • License

    ...

    • Server is deployed on the customer's premises

    ...

    Domain name

    ...

    • AxxonSoft provides a name like <clientname>-

    ...

    ...

    ...

    • The customer provides

    ...

    • a domain name

    ...

    • with an A/CNAME DNS record that links to the IP address of

    ...

    • the AxxonNet server

    ...

    SSL certificate for

    ...

    a domain

    ...

    name
    • AxxonSoft provides a Let's Encrypt certificate. Ports 443 and 80 must

    ...

    • be

    ...

    • open for the Let's Encrypt servers. No action on the part of the customer is required.

    ...

    • The customer provides a valid SSL certificate and

    ...

    • private key for the domain name

    ...

    • used
    Mail server

    ...

    ...

    1. The customer provides the SMTP mail server and its data:
      • IP address of the SMTP server,
      • connection port,
      • login and password,

    ...

      • email that will send

    ...

      • emails as AxxonNet,
      • access from the AxxonNet server to the mail server (no port restriction).

    ...

    1. The customer provides a Mailjet account (if there is no SMTP mail server):
      • the customer registers

    ...

      • Mailjet account with any pricing plan and provides login/password,

      • the customer adds SPF/DKIM records to the DNS zone

    ...

      • for AxxonNet,

      • the customer adds the TXT login record to the DNS zone for AxxonNet.

        Info
        titleNote

        AxxonSoft can help with Mailjet setup, but it is necessary to have access to the DNS settings.

    2. AxxonSoft provides a Mailjet account only for demo installations. In this case, the customer provides access to the Mailjet servers via ports 25 and 587

    ...

    Remote access

    ...

    Procedure of remote access for support

    For deployment and support work, AxxonSoft engineers require remote access to servers. The following methods are supported (in order of priority):

    1. Direct SSH access to servers (preferred).
    2. SSH access via VPN to the customer's network.
    3. RDP connection to

    ...

    1. a dedicated host on the customer's network, followed by SSH access to the servers.
    2. VPN connection to the RDP host

    ...

    1. , then SSH to the servers

    ...

    Note
    titleAttention!

    TeamViewer,

    ...

    AnyDesk and other similar remote access options aren't supported.

    ...

    See also:

    Types of permissions

    ...