System Requirements

this topic provides minimum requirements for running litmus edge, describes the three most common configurations, and explains firewall port requirements minimum requirements a litmus edge instance is designed to collect, analyze, and forward data these data operations may require heavy computing resources to manage the day to day processes that a litmus edge instance executes while you can run litmus edge on a wide range of devices, ensure that you have sufficient computing resources to avoid performance issues consider the following factors when deciding on the hardware your litmus edge instance what is the amount of data that will be processed? what is your hardware budget? how many devices will you connect to litmus edge? how many flows, analytics, applications, and integrations will you need? what programming language and frameworks will you use? will you need frequent litmus edge manager litmus edge interactions (for example, in the case of automatic backups) as well? to address some of these questions, we recommend you first install litmus edge on a test virtual machine (vm) then, run a partial execution of all your possible workloads to see how it performs this will provide you with a better idea whether you need less, about the same, or a multiplying factor of your test vm's computing resources see below for setting up this vm recommended configurations a litmus edge instance is typically configured in one of three ways data pass through reading and passing data executed externally exclusively on integrations minimal data processing and storage performed on the litmus edge instance most computing resources consumed by only devicehub and data storage/forwarding to integrations in stream processing low volume in stream processing of data using flows and/or analytics (for example, value change or anomaly detection) data stored in influxdb for local visualization using a container running the grafana or python application computing resources consumed by influxdb, flows, analytics, containers, and devicehub heavy in stream processing and application usage high volume in stream processing of all collected data involving complex flows and analytics multiple flows are configured with the maximum allowed ram in analytics, many groups operate, each including multiple processors several containers may be run for further data processing, traceability, downtime recording, and so on influxdb requires additional cpu and ram resources if a large number of devices and tags are configured each device becomes its own influxdb data table (measurement) computing resources consumed by user defined code within flows, applications, and analytics flows the following table summarizes parameters for the three starting configurations when sizing a litmus edge instance data pass through in stream processing heavy in stream processing and application usage devices 1 5 5 10 10+ average tags per device 10 20 20 100 100+ flows instances 0 4 1 4 1 4 average flow nodes < 10 10 50 50+ analytics 0 5 5 25 25+ applications/ containers 0 1 2 2+ integrations 1 2 1 5 5+ influxdb usage optional mandatory mandatory opc ua server usage cannot function with opc ua server can function with opc ua server can function with opc ua server cores 4 8 12+ memory(ram) 8 16 gb 16 32 gb 32+ gb storage (disc) 100 250 gb 250 500 gb 500+ gb nic (network interface) typically at least two one for it network (users, litmus edge manager, integrations) one for ot network (plc connectivity) typically at least two one for it network (users, litmus edge manager, integrations) one for ot network (plc connectivity) typically at least two one for it network (users, litmus edge manager, integrations) one for ot network (plc connectivity) firewall port configuration requirements note you have the option of managing ports in litmus edge see manage firewall rules docid\ ytxekla80ol5bksdrkg0a to learn more the firewall managing litmus edge's traffic must always open the following port to allow you to access the web user interface function for litmus edge port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) access litmus edge through a web user interface 443 yes ssl inbound tcp https litmus edge users litmus edge to allow a connection with litmus edge and litmus edge manager, the following ports must be open function for litmus edge port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) redirects 443 80 no inbound tcp http litmus edge users litmus edge connect litmus edge to litmus edge manager 8883 yes mqtts outbound tcp mqtt ssl litmus edge litmus edge manager and customer mqtt broker connect litmus edge to litmus edge manager 443 yes outbound tcp https litmus edge litmus edge manager connect litmus edge to litmus edge manager 51820 yes outbound udp udp litmus edge manager remote access litmus edge litmus edge manager the firewall managing litmus edge's traffic must open only if corresponding services are present and running function for litmus edge port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) use litmus edge as an ftp server 21, 2121 no inbound tcp ftp customer ftp server litmus edge use litmus edge as an ssh server used for backend support access 22 yes session key inbound tcp ssh litmus support team litmus edge use litmus edge as an ldap client 389 no outbound tcp ldap litmus edge customer ldap server use litmus edge as an ldap client 636 yes ssl outbound tcp ldap with ssl litmus edge customer ldap server use litmus edge as an opc ua server 4840 yes (depends on server settings) inbound tcp/udp opc ua server customer northbound application litmus edge collaboration with name servers to replace ip of litmus edge with a name server 5353 no outbound udp mdns (multicast dns) litmus edge multicast local network collaboration with name servers to replace ip of litmus edge with a name server 5355 no inbound tcp/udp llmnr (link local multicast resolution) 224 0 0 252 litmus edge remote access over internet when accessing litmus edge 9993 yes (asymmetric public key encryption) outbound udp remote access litmus support team litmus edge plc specific ports the firewall managing litmus edge's traffic must open specific ports for certain plc devices to connect to litmus edge to manage firewall rules in litmus edge, see manage firewall rules docid\ ytxekla80ol5bksdrkg0a ports for industrial systems and sensors connections are plc specific and should be open on a case by case basis see the industrial systems connection guide docid\ er7j0mogtlktbxyupdcd for more information marketplace ports marketplace applications manage their own ports those ports are application specific and are outside of the iptables firewall other ports any other ports are blocked by the iptables firewall this means that the litmus edge flows application can initiate only outgoing traffic and cannot listen to incoming connections