Previous page
Next page
This page describes the minimum requirements necessary for Axxon Datacenter operation. The full list of requirements is created individually for each customer, depending on their needs (see Checklist of requirements for configuring Axxon Datacenter).
Hardware
| Servers | Minimum requirements |
|---|---|
| Axxon One (one or three servers) |
|
| AxxonNet (one or three servers) |
|
| Service domain (optional) |
|
| Databases |
|
License server, if hosted by the customer |
|
Storage
| Block storage |
|
| Object storage |
Host system settings
Attention!
When using virtualization systems, the security of the host system is the responsibility of the customer.
- All Linux patches necessary for the project deployment are installed.
- The following ports are opened and added to Firewall permissions:
- Incoming and outgoing traffic to/from ports 80, 443, 22.
- Outgoing traffic (from hosts running Zabbix proxy) to port 10051 of AxxonSoft monitoring service based on Zabbix (m.itdep.net).
- Incoming traffic in the local network to port 10051 of the host running Zabbix proxy.
Permissions for access and traffic:
- All traffic between the used hosts is allowed.
- All servers are available to each other over the network.
- No port restrictions between servers.
- No network firewall between servers.
Full Internet access from the servers is provided.
- SSH access to Linux servers.
UFW isn't supported and must be disabled in OS. Optional port configuration must be done with Iptables.
- NTP server is configured.
- The required time zone is set on all servers.
- License server—two options:
- AxxonSoft provides access to the corporate license server. This server must be accessible from all Axxon One servers.
- License server is deployed on the customer's premises.
- Domain name—two options:
- AxxonSoft provides a name like <clientname>-demo1.axxoncloud.com.
- Customer provides the domain name. The domain name must be transformed by the DNS service to the IP address of the AxxonNet server.
- SSL certificate for the domain name—two options:
AxxonSoft provides a Let's Encrypt certificate. Ports 443 and 80 must not be blocked for the Let's Encrypt servers. No action on the part of the customer is required.
- Customer provides a certificate and a secret key for the domain name.
- Mail server—three options:
- Сustomer provides the SMTP mail server and its data:
- IP address of the SMTP server,
- connection port,
- login and password,
- e-mail that will send e-mails as AxxonNet,
- access from the AxxonNet server to the mail server (no port restriction).
- Customer provides a Mailjet account (if there is no SMTP mail server):
- customer registers a Mailjet account with any pricing plan and provides login/password,
customer adds SPF/DKIM records to the DNS zone for AxxonNet,
customer adds TXT login record to the DNS zone for AxxonNet.
Note
AxxonSoft can help with Mailjet setup, but it is necessary to have access to the DNS settings.
- AxxonSoft provides a Mailjet account only for demo installations. In this case, customer provides access to the Mailjet servers via ports 25 and 587.
- Сustomer provides the SMTP mail server and its data:
Remote access
From the best option to the least convenient:
- Direct SSH access.
- SSH access via VPN.
- RDP connection to the host and SSH to the servers.
- VPN to RDP host and SSH to servers.
Attention!
TeamViewer, Anydesk and other similar remote access options aren't supported.