Computing Requirements
Initial computing requirements are minimum and will depend on the following:
Configured resources
Requests being made from devices
Components are stateless, discarding permanent storage requirements.
Baseline
Component | CPU | Memory |
Envoy Proxy | 0.25 core (2Ghz) | 256 MB |
CloudGen Access Proxy Orchestrator | 0.1 core (2Ghz) | 128 MB |
Redis (HA only) | 0.1 core (2Ghz) | 32 MB |
Network Requirements
These are the network requirements for a secure working installation:
Internal resources (configured from the CloudGen Access Console) can only communicate with the internal leg of Envoy Proxy.
Envoy proxy has an internal leg and an internet-facing leg.
Internet-facing leg needs to expose the configured CloudGen Access Proxy port.
For High Availability mode (HA), Envoy Proxy must be placed behind a layer 3 round-robin load balancer.
โ
Firewall Configuration
All values are assumed to be default values.
โEnvoy Proxy
Description | Direction | Protocol / Port | Mode |
Access port | Inbound | Configured in Console | All |
Registered resources | Outbound | Configured in Console | All |
CloudGen Access Proxy Orchestrator | Outbound | TCP 50051 | All |
CloudGen Access Proxy Orchestrator
Description | Direction | Protocol / Port | Mode |
Envoy Proxy Cluster | Inbound | TCP 50051 | All |
CloudGen Access Console API | Outbound | TCP 443 | All |
Redis | Outbound | Configured Redis port | HA mode |
Network Diagrams
Single Mode
High Availability Mode
Redis Replication beyond the scope of this document.
Please see Redis Replication