Revision 8a1c65a6
Added by Alexis Mousset almost 7 years ago
10_installation/05_requirements/05_requirements.txt | ||
---|---|---|
|
||
===== Mandatory flows
|
||
|
||
The following flows from the Nodes to the Rudder Root Server have to be allowed:
|
||
The following flows from the Nodes to the Rudder Root Server (or Relay Server) have to be allowed:
|
||
|
||
====
|
||
|
||
... | ... | |
|
||
// include::../glossary/big-red-button.txt[]
|
||
|
||
include::../../glossary/port-5309-node.txt[]
|
||
|
||
include::../../glossary/cfengine-enterprise.txt[]
|
||
|
||
====
|
||
|
||
===== DNS - Name resolution
|
||
|
||
By default, Rudder relies on the Node declared hostnames to identify them, for
|
||
security reasons. It is required that each Node hostname can be resolved to its
|
||
IP address that will be used to contact the Rudder Server.
|
||
|
||
If you can not make every node resolution consistent, it is possible to remove
|
||
this constraint by unticking "Use reverse DNS lookups on nodes to reinforce
|
||
authentication to policy server:" in the Administration - Settings tab of the
|
||
Rudder web interface.
|
||
If you want to be able to trigger agent runs from the Root Server (without
|
||
having to wait for regular automated run),
|
||
you will need your Root Server (or Relay Server) to be able to resolve your nodes
|
||
using the provided hostname.
|
||
|
10_installation/05_requirements/22_architecture_root_server.txt | ||
---|---|---|
|
||
* Ubuntu 14.04 LTS (Trusty), 16.04 LTS (Xenial)
|
||
|
||
==== Hardware specifications for Rudder Agent
|
||
|
||
Rudder agent has a very small footprint, and only consumes:
|
||
|
||
* 10 to 20 MB of RAM during an agent run
|
||
* a few kB on the network to check or update its policies
|
||
* a few kB on the network to report
|
||
* around 100 MB of disk space for the installed files and the workspace
|
||
|
||
These figures will vary depending on your configuration (backup retention,
|
||
number of configured components to check, etc...).
|
||
|
||
==== Hardware specifications and sizing for Rudder Root Server
|
||
|
glossary/port-443-user.txt | ||
---|---|---|
Port 443, TCP, for users::
|
||
|
||
HTTP/S communication port, used to access the Rudder web interface.
|
||
HTTPS communication port, used to access the Rudder web interface or API.
|
||
|
glossary/port-5309-node.txt | ||
---|---|---|
Port 5309, TCP::
|
||
|
||
Agent communication port, used to trigger an agent run on a node from its policy server.
|
||
|
glossary/port-5309.txt | ||
---|---|---|
Port 5309, TCP::
|
||
|
||
CFEngine communication port, used to communicate the policies to the rudder
|
||
nodes.
|
||
Agent communication port, used to fetch policy and shared files from the policy server.
|
||
|
glossary/port-5310.txt | ||
---|---|---|
Port 5310, TCP::
|
||
|
||
CFEngine communication port, used to communicate the policies to the Rudder
|
||
Agent communication port, used to communicate the policies to the Rudder
|
||
nodes when debugging communication between a Node and a policy server
|
||
with the `rudder server debug` command.
|
||
|
Also available in: Unified diff
Fixes #10674: Add relay content for requirements section