Hardware Requirements: General Concepts

The Jelastic cluster structure can be shown with the following image:

hardware requirements illustration
It consists of:
  • infrastructure hardware nodes (infra nodes) - servers with Jelastic services running
  • user hardware nodes (user nodes) - servers with user applications
  • external network, which usually should be accessible from the Internet, with one or more ranges of public IP addresses, routable in this network
  • isolated internal network, entirely devoted to Jelastic cluster, with private IP addresses
  • DNS zone, which will be controlled by Jelastic (i.e. infra-domain.hosterdomain.com and user-domain.hosterdomain.com)
  • wildcard SSL certificate(s) for infrastructure and end-user domains (i.e. covering also *.infra-domain.hosterdomain.com and *.user-domain.hosterdomain.com)

Note: When choosing the hardware provider, please, consider the HW/VM Vendors Limitations.

High-Level Requirements

According to the general concepts, to have a Jelastic platform installed, you need to provide:

1. Bare-metal servers or virtual machines - hardware nodes. The hardware requirements depend on a particular installation scenario.

2. External network, which usually should be accessible for platform users (customers/visitors).
  • one or more public IP ranges, routable in this network

3. Internal network, isolated for Jelastic use only.
  • one or more private IP ranges, routable in this network (a single network of /8 or /16 addresses is preferred)

4. DNS subdomains, which will be controlled by Jelastic:
  • *.infra-domain.hosterdomain.com
  • *.user-domain.hosterdomain.com
Tip: Instead of using subdomains of a single domain, any dedicated domain names can be used. If you have any concerns, please consult TAM (Technical Account Manager) for assistance.

You will have to configure the proper DNS delegation for the domains used on the platform.

5. Multi-domain Wildcard SSL certificate for this DNS subdomain, covering the following DNS names:
  • *.infra-domain.hosterdomain.com (added as SAN)
  • *.user-domain.hosterdomain.com (added as CN)

6. Storage for the user-uploaded content (Uploader Storage), can be shared with Docker templates cache storage.
  • external NFS mount (or SCSI LUN shared over infrastructure nodes) is recommended

7. Storage for Docker templates cache (Docker Storage), can be shared with uploader storage.
  • external SCSI LUN shared over infrastructure nodes is recommended

Installation Scenarios

For the public beta and commercial launch, there are two possible scenarios of the Jelastic Platform installation:

Please refer to the appropriate linked page to see the specific scenario-depended requirements on hardware, network, and OS configurations.

Note: In case of following the latter scenario, the next additional high-level requirements are added:

  • Virtuozzo Storage cluster components installed
  • Internal network, dedicated to the Virtuozzo Storage - 2 or more NICs per server for VZStorage might be required (please see the sizing guidelines within the document, linked above)

System Settings

The following OS settings are configured on the servers during the Jelastic PaaS Installation. They must not be changed or removed after the installation. Please, review the list below for possible contradictions with your operations and maintenance practices:
  • Changes to the system configuration files are prohibited.
  • Jelastic PaaS installation updates additional system configuration files; these changes must not be removed or overwritten after the installation.
  • Specific kernel modules are configured for pre-loading during the Jelastic PaaS installation, and these settings must not be altered after the installation.
  • TCP stack settings are modified during the Jelastic PaaS installation and must not be altered after the installation.
  • The Jelastic PaaS installation adds certain iptables rules, which must not be removed or overwritten after the installation.
  • The list of IP addresses, used by Jelastic infrastructure, should be allowed by the firewall.
  • For the Jelastic Operations team to have the ability to access the required hardware node in case of emergency, the appropriate SSH keys should be added to each of them.
  • Server timezone is set to UTC during the Jelastic PaaS installation, and must not be updated after the installation.
  • SELinux module is switched OFF during the Jelastic PaaS installation and must not be turned ON after the installation.

Contact Jelastic Support or Operations in case any of these points represent a potential conflict.

Tip: For more details on maintaining Jelastic PaaS, please, refer to the Jelastic Operations Guide.