A typical ROBIN Orchestrator installation involves deploying the required services on five servers. This type of installation is recommended if there are specific requirements for redundancy and fault tolerance on the part of information security services.
If necessary, a customized component placement scheme can be developed.
The installation is performed from the distribution kit using the instructions (included with the distribution kit) and automated Ansible scripts.
For correct functioning of the system components, network communication between them must be allowed and the list of the following ports must be open.
In case of network remoteness of the operation loop from the Orchestrator server, it is necessary to ensure that the Orchestrator is available on the ports listed below (if network access restriction systems are used).
| Servers | Ports | Obligation |
|---|---|---|
| Server 1,2,3 | • tcp/22 – ssh | Necessary for the initial setup of the platform |
| • tcp/10990 – Java Wildfly App – Application | Obligatory during the operational phase | |
| • tcp/9443 - Java Wildfly App – Application | Obligatory during the operational phase | |
| • tcp/5671 – AMQPS -RabbitMQ – Message queue | Obligatory during the operational phase | |
| • tcp/80, 443 HTTP/HTTPS – Application | Obligatory during the operational phase | |
| • tcp/15671 – RabbitMQ – Message queue | Necessary for the initial setup of the platform | |
| • tcp/5044 - Logstash | Obligatory during the operational phase | |
| • tcp/5601 - Kibana | Obligatory during the operational phase | |
| • tcp/9200 - Elasticsearch | Obligatory during the operational phase | |
| • tcp/8443 HTTPS – Application | Obligatory during the operational phase | |
| • tcp/8081,8441 – Nexus – Package manager | Obligatory during the operational phase | |
| • tcp/5432 | Obligatory during the operational phase | |
| Server 4,5 | • tcp/22 – ssh | Necessary for the initial setup of the platform |
| • tcp/80, 443 HTTP/HTTPS – Application | Obligatory during the operational phase | |
| • tcp/8443 HTTPS – Application | Obligatory during the operational phase | |
| • tcp/9443 - Java Wildfly App – Application | Obligatory during the operational phase | |
| • tcp/5671 – AMQPS -RabbitMQ – Message queue | Obligatory during the operational phase | |
| • tcp/5044 – Logstash - Логи | Obligatory during the operational phase | |
| Client hosts | • 3389 - rdp | Obligatory for the operation of ROBIN RDP Manager |
Characteristics
| Minimum requirements
| ||||
|---|---|---|---|---|---|
Server 1 | Server 2 | Server 3 | Server 4 | Server 5 | |
Number of CPU threads (vCPU - core thread) | 4 vCPU | 4 vCPU | 4 vCPU | 2 vCPU | 2 vCPU |
Amount of RAM | 20 Gb | 20 Gb | 20 Gb | 8 Gb | 8 Gb |
Disk subsystem capacity (HDD) | 200 Gb | 200 Gb | 200 Gb | 20 Gb | 20Gb |
Server | Resource |
|---|---|
Server 1,2,3
| Debian 10, Astra Linux SE 1.7, RedOS 7.3 and others by agreement |
Nginx 11 and higher | |
Nexus 3.32.0 and higher | |
PostgreSQL 10 x86_64 and higher | |
WildFly 26.1.3 final and higher | |
Java bellsoft-jdk17.0.7 | |
KeyCloack 21.1.1 | |
RabbitMQ ver. 3.8.2 | |
Logstash ver. 7.15 | |
Kibana ver. 7.15 | |
Elasticsearch ver. 7.15 | |
Server 4,5
| Debian 10, Astra Linux SE 1.7, RedOS 7.3 and others by agreement |
Haproxy 2.1.3 and higher |