Hardware Requirements
The hardware requirements pertain to the Kubernetes-based infrastructure required to house OpenG2P modules. The number of VMs and configuration are subjected to scaled-down if only specific modules are being installed.
For sandbox
| Purpose | Configuration | VMs | Notes |
|---|---|---|---|
4vCPU/16 GB RAM/64 GB storage | 1 | For HA at least 2 nodes are recommended | |
8 vCPU/32 GB RAM/128 GB storage | 2 | Start with 2 nodes and if required add another one | |
4vCPU/16 GB RAM/64 GB storage | 1 |
OS for all nodes: Ubuntu 20.04 Server
To save costs, on AWS recommended EC2 instance type for cluster nodes is t3a.2xlarge.
For pilot and limited rollout
| Purpose | Configuration | VMs | Notes |
|---|---|---|---|
8 vCPU/32 GB RAM/128 GB storage | 3 | Required for master, etc, work loads of Kubernetes cluster | |
4 vCPU/8 GB RAM/64 GB storage | 1 | One VM for Wireguard is sufficient for all the environments/setups in your network. This is used to facilitate VPN access to the pilot environments | |
4 vCPU/16 GB RAM/128 GB storage | 1 | For HA at least 2 nodes are recommended | |
Nginx load balancer | 4 vCPU/16 GB RAM/64 GB storage | 1 | This VM is not required if using a Cloud Provider - the LB of Cloud Provider is recommended in that case |
4 vCPU/16 GB RAM/500 GB storage | 1 | Used for persistence of all components in the K8s cluster. The actual size of storage required will vary from setup to setup. |
OS for all nodes: Ubuntu 20.04 Server
Networking requirements
All the machines in the same network
Public IP assigned to the Wireguard machine
DNS requirements
The following domain names and mappings will be required. The suggested domain name convention is as follows
<module>.<environment>.<organisation>.<tld>
Example:
spar.dev.openg2p.org
socialregistry.uat.openg2p.org
Domain mapping
| Requirement Description | Domain Name (examples) | Mapped to |
|---|---|---|
Domain mapping to sandbox |
| "A" Record mapped to Load Balancer IP (For sandbox, where LB is not used, this can be mapped directly tonodes of the K8s cluster, at least 3 nodes). |
Wild card mapping to modules |
| "CNAME" Record mapped to the domain of the above "A" record. (This is a wildcard DNS mapping) |
The domain name mapping needs to be done on your domain service provider. For example on AWS this is configured on Route 53.
Certificate requirements
One wildcard certificate is required at least, depending on the above domain names used. This can also be generated using Letsencrypt. See guide here.
Last updated
