VNClagoon On Premise Deployment Requirements
State: 2024-09
VNClagoon is presently deployed in a hybrid environment, where containerized applications run within a Kubernetes cluster, while components that are either stateful or not yet containerized are deployed on traditional virtual machines (VMs). If the Kubernetes environment lacks autoscaling capabilities, meaning it operates on a cluster with fixed hardware resources, the minimum resource requirements for VNClagoon, based on the number of supported accounts, are outlined in the table below:
Hardware requirements for on premise deployments¶
| Number of Accounts to support | Amount of nodes (VMs) | Node usage | Hardware Requirements |
|---|---|---|---|
| up to 250 | 5 | k8s deployment cluster | CPU: (Intel/AMD 64-bit CPU 2 GHz): 8 cores RAM: 32 GB Storage: 60 GB free space OS: Ubuntu-Server 20.04 |
| 1 | database-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 8 GB Storage: 40 GB free space (preferable SSD-storage) OS: Ubuntu-Server 20.04 |
|
| 1 | storage-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 2 cores RAM: 4 GB Storage: 100 GB free space OS: Ubuntu-Server 20.04 |
|
| 250 - 2500 | 7 | k8s deployment cluster | CPU: (Intel/AMD 64-bit CPU 2 GHz): 8 cores RAM: 32 GB Storage: 60 GB free space OS: Ubuntu-Server 20.04 |
| 3 | database-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 8 GB Storage: 40 GB free space (preferable SSD-storage) OS: Ubuntu-Server 20.04 |
|
| 1 | storage-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 2 cores RAM: 4 GB Storage: 100 GB free space OS: Ubuntu-Server 20.04 |
|
| 2500 - 10000 | 11 | k8s deployment cluster | CPU: (Intel/AMD 64-bit CPU 2 GHz): 8 cores RAM: 32 GB Storage: 60 GB free space OS: Ubuntu-Server 20.04 |
| 3 | database-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 8 GB Storage: 40 GB free space (preferable SSD-storage) OS: Ubuntu-Server 20.04 |
|
| 2 | storage-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 2 cores RAM: 4 GB Storage: 100 GB free space OS: Ubuntu-Server 20.04 |
|
| 10000 - 15000 | 15 | k8s deployment cluster | CPU: (Intel/AMD 64-bit CPU 2 GHz): 8 cores RAM: 32 GB Storage: - 60 GB (HDD) free space - 125 GB SSD storage OS: Ubuntu-Server 20.04 |
| 3 | database-backend | CPU: (Intel/AMD 64-bit CPU 2 GHz): 8 cores RAM: 32 GB Storage: - 20 GB (HDD) free space - 100 GB SSD storage OS: Ubuntu-Server 20.04 |
|
| 2 | NFS share | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 8 GB Storage: 300 GB free space OS: Ubuntu-Server 20.04 |
Additional hardware requirements for VNCmail support¶
To include the VNCmail product and functionality in your VNClagoon deployment, an additional set of virtual machines is needed to host the VNCmail backend nodes:
| Number of Accounts to support | Amount of nodes (VMs) | Node usage | Hardware Requirements |
|---|---|---|---|
| up to 250 | 1 | VNCmail backend node | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB* free space OS: Ubuntu-Server 20.04 |
| 250 - 2500 | 2 | VNCmail mailboxd nodes | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB* free space OS: Ubuntu-Server 20.04 |
| 1 | VNCmail proxy/ mta | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB free space OS: Ubuntu-Server 20.04 |
|
| 2 | VNCmail ldap (master/replica) | CPU: (Intel/AMD 64-bit CPU 2 GHz): 2 cores RAM: 8 GB Storage: 40 GB free space OS: Ubuntu-Server 20.04 |
|
| 2500 - 10000 | 3 | VNCmail mailboxd nodes | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB* free space OS: Ubuntu-Server 20.04 |
| 1 | VNCmail proxy/ mta | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB free space OS: Ubuntu-Server 20.04 |
|
| 1 | VNCmail mta | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB free space OS: Ubuntu-Server 20.04 |
|
| 2 | VNCmail ldap (master/replica) | CPU: (Intel/AMD 64-bit CPU 2 GHz): 2 cores RAM: 8 GB Storage: 40 GB free space OS: Ubuntu-Server 20.04 |
|
| 10000 - 15000 | 4 | VNCmail mailboxd nodes | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB* free space OS: Ubuntu-Server 20.04 |
| 1 | VNCmail proxy/ mta | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB free space OS: Ubuntu-Server 20.04 |
|
| 1 | VNCmail mta | CPU: (Intel/AMD 64-bit CPU 2 GHz): 4 cores RAM: 16 GB Storage: 50 GB free space OS: Ubuntu-Server 20.04 |
|
| 2 | VNCmail ldap (master/replica) | CPU: (Intel/AMD 64-bit CPU 2 GHz): 2 cores RAM: 8 GB Storage: 40 GB free space OS: Ubuntu-Server 20.04 |
(*) Available space needs to be adjusted depending on the expected eMail data of the hosted accounts.
In case of needed remote support during the installation and setup process your implementation partner or VNC might require ssh-access, directly or via jumphost(for which VNC can provide an IP if required).
DNS-settings and IP requirements¶
Assuming the domain for your VNClagoon installation is yourdomain.tld, the following settings are required:
- a TLS certificate covering the hostnames listed in the Public Hostname column. Ideally, this should be a wildcard TLS certificate for *.yourdomain.tld, if possible.
- the mapping of local to public IP addresses as specified in the table below.
| Service | Public Hostname | Local IP | Public IP |
|---|---|---|---|
| VNCcalendar | vnccalendar.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCchannels | wss-vncdirectory.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCcontacts | vnccontacts.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCdirectory (user management) |
vncdirectory.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCdirectory | wss-vncdirectory.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCidp | vncidp.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCmail | vncmail.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCpad | etherpad.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCproject | vncproject.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCproject | wss-vncproject.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCsafe (owncloud) | vncsafe.yourdomain.tld (owncloud.yourdomain.tld) |
Local IP1 | Public-IP1 |
| VNCtalk | vnctalk.yourdomain.tld | Local-IP1 | Public-IP1 |
| VNCtask | vnctask.yourdomain.tld | Local-IP1 | Public-IP1 |
| XMPP (prosody) |
xmpp.yourdomain.tld | Local IP1 | Public-IP1 |
| XMPP (prosody) |
xmpprest.yourdomain.tld | Local IP1 | Public-IP1 |
| Avatar | avatar.yourdomain.tld | Local IP1 | Public-IP1 |
| Fileshare | files.yourdomain.tld | Local-IP1 | Public-IP1 |
| Jitsi | meet.yourdomain.tld | Local IP2 | Public-IP2 |
| Stun | stun.yourdomain.tld | Local IP3 | Public-IP3 |
| Videobridge | - | Local IP4 | Public-IP4 |
| VNCmail-backend | zcs.yourdomain.tld | Local IP5 | Public-IP6 |
For the VNCmail component, an MX-record is required for yourdomain.tld:
yourdomain.tld IN MX 5 zcs.yourdomain.tld
In addition, for video conferencing, these two SRV-records are required as well:
_xmpp-server._tcp.yourdomain.tld in SRV 0 10 5269 xmpp.yourdomain.tld
_xmpp-server._tcp.conference.yourdomain.tld in SRV 0 10 5269 xmpp.yourdomain.tld
Mailrelay¶
If the VNCmail backend is unavailable - such as when the VNCmail component is not part of the setup or when the VNCmail backend is not permitted to send emails for the domain yourdomain.tld, for example, in a GCP environment or for other reasons - a properly configured mail relay is required to send emails, notifications and meeting invitations to external users. This mail relay must be configured for the domain yourdomain.tld, and we can then integrate it with the VNClagoon applications.
Firewall settings¶
| Host | Protocol | Ports |
|---|---|---|
| k0s (Ingress) | TCP | 80 |
| TCP | 81 | |
| TCP | 443 | |
| XMPP | TCP | 80 |
| TCP | 443 | |
| TCP | 5222 | |
| TCP | 5269 | |
| Jitsi Frontend | TCP | 80 |
| TCP | 443 | |
| Jitsi Signal | TCP | 80 |
| TCP | 443 | |
| TCP | 5222 | |
| TCP | 5269 | |
| TCP | 5280 | |
| TCP | 5281 | |
| Jitsi Stun | TCP | 443 |
| TCP | 3478 | |
| UDP | 3478 | |
| UDP | 5349 | |
| Jitsi Videobridge | TCP | 9090 |
| UDP | 4096 | |
| UDP | 10000 | |
| VNCmail-backend | TCP | 22 |
| TCP | 25 | |
| TCP | 465 |