Versions Compared

Version Old Version 3 New Version Current
Changes made by

Marcel Stierli (Unlicensed)

Gregory Bobst (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Register / Index

Table of Contents

...

(lightbulb)

...

Tipps aus der Praxis

...

(info)

...

Beispieldaten / Beispielinformationen

...

(warning)

...

Wichtig / zu beachten

...

(tick)

...

siehe PasswordSafe

Einleitung

Go to Register / Index

Dieses Kapitel beschreibt die empfohlenen Systemanforderungen der CoreOne Services.

Für die Installationen der CoreOne Suite wird einen IT-Infrastruktur vorausgesetzt, welche die in dieser Dokumentation beschriebenen Spezifikationen erfüllt. Die aufgeführte IT-Infrastruktur wird zum Zeitpunkt der Erstinstallation und für einen reibungslosen Betrieb vorausgesetzt.

CoreOne Suite "All-In-One" Server

Go to Register / Index

Die nachfolgenden Empfehlungen beziehen sich auf einen CoreOne Suite "All-In-One" Server-Installation. Sie beinhaltet die Installation aller notwendigen Windows Features auf einem Server für die CoreOne Application Services und CoreOne Web Services.

Hardware-Anforderungen

  • 16 GB RAM 

  • 4 CPU mit 2.0 GHz 

  • C: Partition 100 GB (System)

  • D: Partition 250 GB (Datenbank)

  • X: Partition 100 GB (Datenbank Dumps für Backup

Software-Anforderungen

Für die Installation der Windows Features / Services können nachfolgende Scripts verwendet werden.

Install Windows Features / Services: Powershell Command Windows 2012 R2

Code Block
languagepowershell
Install-WindowsFeature RSAT, RSAT-AD-Powershell, RSAT-AD-Tools, RSAT-ADDS, RSAT-AD-AdminCenter, RSAT-ADDS-Tools, NET-Framework-Features, NET-Framework-Core, net-http-activation, net-non-http-activ, net-framework-45-features, net-http-activation, net-non-http-activ, net-framework-45-features, net-wcf-msmq-activation45, net-wcf-pipe-activation45, net-wcf-tcp-activation45, NET-WCF-TCP-PortSharing45, Powershell, powershell-v2, powershell-ise, WEB-Server, web-basic-auth, web-windows-auth, web-common-http, web-security, web-app-dev, web-asp-net, web-asp-net45, Web-Dyn-Compression -Restart

Install Windows Features / Services: Powershell Command Windows 2016

Die Powershell über Server Manager - Tools - Windows PowerShell aufrufen.

Code Block
languagepowershell
$features = @("RSAT", "RSAT-AD-Powershell", "RSAT-AD-Tools", "RSAT-ADDS", "RSAT-AD-AdminCenter", "RSAT-ADDS-Tools", "NET-Framework-Features", "NET-Framework-Core", "net-http-activation", "net-non-http-activ", "net-framework-45-features", "net-http-activation", "net-non-http-activ", "net-framework-45-features", "net-wcf-msmq-activation45", "net-wcf-pipe-activation45", "net-wcf-tcp-activation45", "NET-WCF-TCP-PortSharing45", "Powershell", "powershell-v2", "powershell-ise", "WEB-Server", "web-basic-auth", "web-windows-auth", "web-common-http", "web-security", "web-app-dev", "web-asp-net", "web-asp-net45", "Web-Dyn-Compression") foreach($feature in $features) { Install-WindowsFeature -Name $feature }

Eine Liste aller Windows Features

https://peter.hahndorf.eu/blog/WindowsFeatureViaCmd#hcNames

CoreOne Suite "verteiltes System"

Go to Register / Index

CoreOne Application Services

Auf dem CoreOne Application Services Server laufen sämtliche Services und Tasks. Er bildet das zentrale Herzstück der CoreOne Suite.

Empfohlene Systemanforderungen

  • Windows 2008 R2 Server oder höher
  • 16 GB RAM 
  • 4 CPU mit 2.0 GHz 

  • C: Partition 100 GB (System)

  • D: Partition 250 GB (Datenbank)

  • X: Partition 100 GB (Datenbank Dumps für Backup)

  • .NET Framework 4.7 oder höher 

Powershell Command Windows 2012 R2

Code Block
languagepowershell
Install-WindowsFeature RSAT-AD-Powershell, RSAT-AD-Tools, RSAT-ADDS, RSAT-AD-AdminCenter, RSAT-ADDS-Tools, Powershell, powershell-v2, powershell-ise, NET-Framework-Features, NET-Framework-Core, net-http-activation, net-non-http-activ, net-framework-45-features, net-http-activation, net-non-http-activ, net-framework-45-features, net-wcf-msmq-activation45, net-wcf-pipe-activation45, net-wcf-tcp-activation45, NET-WCF-TCP-PortSharing45 -Restart

Alternative auf Windows 2016

Die Powershell über Server Manager - Tools - Windows PowerShell aufrufen.

Code Block
languagepowershell
$features = @("RSAT", "RSAT-AD-Powershell", "RSAT-AD-Tools", "RSAT-ADDS", "RSAT-AD-AdminCenter", "RSAT-ADDS-Tools", "Powershell", "powershell-v2", "powershell-ise", "NET-Framework-Features", "NET-Framework-Core", "net-http-activation", "net-non-http-activ", "net-framework-45-features", "net-http-activation", "net-non-http-activ", "net-framework-45-features", "net-wcf-msmq-activation45", "net-wcf-pipe-activation45", "net-wcf-tcp-activation45", "NET-WCF-TCP-PortSharing45")

foreach($feature in $features)
{
    Install-WindowsFeature -Name $feature
}

Windows Features / Services

  • NET Framework 3.5
    • Windows Communication Foundation HTTP Activation
    • Windows Communication Foundation Non-HTTP Activation
  • .NET Framework 4.6.1 oder höher
    • HTTP Activation
    • Message Quueing (MSMQ) Activation
    • Named Pipe Activation
    • TCP Activation
    • TCP Port Sharing
    • WCF Services
  • Role Administration Tools
    • AD DS Tools

CoreOne Web Service

Auf dem CoreOne Web Services Server wird das Self-Service und Web-Portal gehostet. Es kann dediziert installiert sein.

Empfohlene Systemanforderungen

  • Windows 2008 R2 Server oder höher
  • 8 GB RAM 
  • 2 CPU mit 2.0 GHz
  • C: Partition 60 GB (System)
  • .NET Framework 4.7 oder höher 
  • IIS 7 oder höher  

Powershell Command Windows 2012 R2

Code Block
languagepowershell
Install-WindowsFeature Powershell, powershell-v2, powershell-ise, WEB-Server, web-basic-auth, web-windows-auth, web-common-http, web-security, web-app-dev, net-framework-features, net-framework-core, net-http-activation, net-non-http-activ, net-framework-45-features, net-wcf-msmq-activation45, net-wcf-pipe-activation45, net-wcf-tcp-activation45, NET-WCF-TCP-PortSharing45, web-asp-net, web-asp-net45, RSAT, Web-Dyn-Compression -Restart

Alternative auf Windows 2016

Die Powershell über Server Manager - Tools - Windows PowerShell aufrufen.

Code Block
languagepowershell
$features = @("Powershell", "powershell-v2", "powershell-ise", "WEB-Server", "web-basic-auth", "web-windows-auth", "web-common-http", "web-security", "web-app-dev", "net-framework-features", "net-framework-core", "net-http-activation", "net-non-http-activ", "net-framework-45-features", "net-wcf-msmq-activation45", "net-wcf-pipe-activation45", "net-wcf-tcp-activation45", "NET-WCF-TCP-PortSharing45", "web-asp-net", "web-asp-net45", "RSAT", "Web-Dyn-Compression")

foreach($feature in $features)
{
    Install-WindowsFeature -Name $feature
}

Windows Roles / Features

  • Web Server (IIS)
    • Basic Authentication
    • Windows Autentication
    • Common HTTP Features
    • Security
    • Application Development
    • Dynamic Content Compression
  • NET Framework 3.5 Features
    • Windows Communication Foundation HTTP Activation
    • Windows Communication Foundation Non-HTTP Activation
  • .NET Framework 4.6.1 Features oder höher
    • WCF Services
      • HTTP Activation
      • Message Quueing (MSMQ) Activation
      • Named Pipe Activation
      • TCP Activation
      • TCP Port Sharing 
    • ASP.NET 4.6

CoreOne Secure Router

Der CoreOne Secure Router wird verwendet um eine sichere Kommunikation durch unterschiedliche Netzwerkzonen zu den CoreOne System Connector Server aufzubauen.

Anforderungen

  • Windows 2008 R2 Server oder höher
  • 8 GB RAM
  • 2 CPU mit 2.0 GHz 
  • C: Partition 60 GB (System)
  • .NET Framework 4.6.1 oder höher

CoreOne System Connector

Der CoreOne System Connector Server wird verwendet um die Aktionen in entfernten Netzwerken auf ausgesuchte Zielsysteme auszuführen.

Anforderungen

  • Windows 2008 R2 Server oder höher
  • 8 GB RAM
  • 2 CPU mit 2.0 GHz 
  • C: Partition 60 GB (System)
  • .NET Framework 4.6.1 oder höher

Server Zertifikate

Für die sichere Kommunikation zwischen den CoreOne Web Services und den Endgeräten wird ein SSL-Zertifikat benötigt, welches mit den CoreOne Web Services übereinstimmt. Sind die  CoreOne Web Services und die CoreOne Application Services auf demselben System installiert, kann dasselbe Zertifikat verwendet werden.

Für jede Verbindung zwischen den CoreOne Application Services und den CoreOne System Connectors / CoreOne Secure Router wird pro Server ein eigenes Zertifikat benötigt, welches 'Server Authentication‘ und 'Client Authentication‘ unterstützt. Zusätzlich muss auf der Gegenseite das entsprechende Public-Zertifikat vorhanden sein.

Die Verwendung von Zertifikaten kann deaktiviert werden, wird aber nicht empfohlen.

Service Benutzerkonten

Um die CoreOne Suite ordnungsgemäss zu Betreiben, benötigt es mindestens ein Service Benutzerkonto das in den angebundenen Zielsystemen über ausreichende Berechtigungen verfügt. Das Service Benutzerkonto muss auf die Private-Keys der verwendeten Zertifikate berechtigt werden (MMC) und auf dem System über 'Logon As Service' Rechte verfügen (GPEDIT).

How-to Artikel

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel = "how-to" and type = "page" and space = "IKB"

Verwandte Artikel

...

Introduction

This page describes the recommended system requirements for the CoreOne Suite Services. A server infrastructure that meets the specifications described in this documentation is required for the installation of the CoreOne Suite. The IT infrastructure listed is required at the time of initial installation and for smooth operation

Basic-Installations / Preliminary controls/ Restrictions

Antivirus

Various antivirus programs show an influence on the performance of the CoreOne Suite. To avoid this, the directories in which the CoreOne Suite software is installed (Including subdirectories) must be excluded from RealScan and from periodic scanning by the anti-virus program. Of course this also applies to the directories of the databases.

Default Paths to exclude (incl. all sub-folders):

  • C:\Program Files\ITSENSE AG

  • C:\ProgramData\itsense

  • Program Files and ProgramData of the MySQL or MariaDB Service.

  • MySQL or MariaDB data directory (depending on the MySql distribution)

In addition CoreOne Suite related services should be excluded from the virus scan to improve the performance. The following Windows Services are relevant:

  • CoreOne Suite Service

  • CoreOne Workflow Service

  • MySQL or MariaDB Service

Virtual Server

The CoreOne Suite can be installed on virtual servers. However, the performance of the virtual servers must be equivalent to the specifications of the physical servers. Since the CoreOne Suite requires high-performance access to the databases, especially in connection with provisioning tasks, fast access to the hard disk(s) is essential. Due to this, we recommend Flash-Storage.

Data backup

With the installation of the CoreOne Suite, ITSENSE AG sets up a standard database backup via the windows task planning. A backup file of the database is created on a local drive on the server. We strongly recommend that you back up this backup file to an external network drive or external network hard drive on a daily basis. Some Configuration is also stored under the ProgramData-Folder. We recommend, to backup all servers on daily base.

Certificates

For secure communication between the CoreOne Web Services and the end devices, an SSL certificate is required that corresponds to the CoreOne Web Services. If the CoreOne Web Services and the CoreOne Application Services are installed on the same system, the certificate can be used. See also: System requirement Certificates

Token signing (Optional) 

A certificate with wich the private key can be exported is required for token signing. See also: System requirement Certificates

User accounts

In order to operate the CoreOne Suite properly, at least one service user account is required that has sufficient authorizations in the connected target systems. The service user account must be authorized to the private keys of the certificates used (MMC) and have “Logon as Service” rights on the system (GPEDIT) and be a member of the local administrators group.