latest
Community
Blog
License

Resource Requirements

Various resources required for deployment

The resource requirements pertain to the provisioning of resources for Kubernetes-based infrastructure required to house OpenG2P modules. See deployment architecture.

Virtual machines (VMs)

The table below specifies typical requirements for V4 deployment architecture. These configurations are recommended for both internal organisation deployment as well as for pilot/production/rollouts.

For high availability and greater resilience refer to the production guide.

PurposeCompute/Memory/StorageNotes

Wireguard Bastion

2vCPU/4 GB RAM/32 GB storage (Minimum 8 GB of storage is required for a setup.)

Multiple Wireguard servers can run on a single node

NFS Server

2 vCPU/8 GB RAM/128 GB storage (Minimum 64 GB of storage is required for a setup.)

Used for persistence both Rancher and OpenG2P clusters. The actual size of storage will depend on usage.

Rancher cluster

4vCPU/16 GB RAM/128 GB storage (Minimum 32 GB of storage is required for a setup.)

For high-availability refer to production guide.

OpenG2P cluster

16 vCPU/64 GB RAM/256 GB storage

This is the minimum requirement. The requirement may increase based on number of modules installed and need for higher resilience and availability. Refer to the production guide.

You may provision these resources on more than one VMs with minimum configuration of each VM being 8 vCPU/32 GB RAM/128 GB storage.

Nginx

2 vCPU/8 GB RAM/64 GB storage (Minimum 8 GB of storage is required for a setup.)

Multiple Nginx servers can run on a single node.

Note:

OS for all nodes: Ubuntu 22.04 Server

Networking

  • All the machines in the same network

  • Public IP assigned to the Wireguard machine

Domain names

To access resources on cluster, domain names and mappings are required. The suggested domain name convention is as follows:

<module>.<environment>.<organisation>.<tld>

Example:

  • spar.dev.openg2p.org

  • socialregistry.uat.openg2p.org

Domain mapping

Requirement DescriptionDomain Name (examples)Mapped to

Domain mapping to sandbox

  • dev.openg2p.net

  • uat.openg2p.net

  • staging.openg2p.org

"A" Record mapped to Load Balancer IP (For sandbox, where LB is not used, this can be mapped directly to nodes of the K8s cluster, at least 3 nodes).

Wild card mapping to modules

  • *.dev.openg2p.net

  • *.uat.openg2p.net

  • *.staging.openg2p.org

"CNAME" Record mapped to the domain of the above "A" record. (This is a wildcard DNS mapping)

The domain name mapping needs to be done on your domain service provider. For example, on AWS this is configured on Route 53.

Local DNS

If your DNS is not publicly available the same has to be accessed with Wireguard.

TBD - configuration

Certificates

At least one wildcard certificate is required depending on the above domain names used. This can also be generated using Letsencrypt. See guide here.

PreviousAWSNextHelm Charts

Last updated

Logo

Copyright © 2024 OpenG2P. This work is licensed under Creative Commons Attribution International LicenseCC-BY-4.0 unless otherwise noted.