Requirements

The following hardware and software requirements need to be met to install and operate a BlueRange server.

Hardware (minimum)

The following hardware is required to run a BlueRange server:

  • 2 CPU cores

  • 4 GB RAM

  • 16 GB HDD/SSD [1]

  • Additional space for user data

The above specification is to be seen as a bare minimum suitable e.g. for virtualization in containers. Notice, the platform requires additional server software for operation. This includes database servers, frontend reverse proxies and message brokers. These system components impose additional hardware requirements depending on the exact deployment setup used.

Hardware (recommended)

The following recommendations show typical host installation sizes and are based on project experience.

Small up to 100 IoT devices

  • 4 CPU cores

  • 8 GB RAM

  • 128 GB SSD

Medium up to 2000 IoT devices

  • Intel® Core™ i7-8559U Processor, 4 x 2,7 GHz mit Turbo-Boost bis zu 4,50 GHz, 8 MB Cache

  • 32 GB RAM DDR4

  • 256 GB SSD

This setup is currently used for most on-premise installations and is suited for building automation.

Larger installations

  • For larger installations it is recommended to run database services on a dedicated host, preferably in a clustered setup of 3 nodes.

  • Networking services should be deployed in proximity onto the same host or at least the same data center.

Operating system

The following operating systems are supported:

  • CentOS 7 or newer

  • Debian 10 or newer

  • Ubuntu 18.04 or newer

Please notice that Red Hat Enterprise Linux (RHEL) 7 and newer do not support docker and therefore are not supported. The BlueRange software installation has not been tested with the podman container engine.[2]

Software

The following software is already included in the virtualized installation packages as it is needed in order to run BlueRange server:

  • Java 11 or newer

    • Recommended OpenJDK 11 LTS

  • NGINX 1.8 or newer

  • A supported database server

  • MongoDB 4.4 or above

For operation the platform requires database services. The software maintains database schemas automatically, e.g. by creating tables on first start after installation or updates. However, the IT infrastructure MUST provide a proper backup strategy on her own!

BlueRange supports the following database servers:

  • MariaDB 10.3 or newer (included by default)

  • PostgreSQL 11.0 or newer

It is strongly advised to run logging and update servers locally on-site as otherwise support may be limited. Sample setups are available at https://github.com/bluerange-io/bluerange-setup/tree/master/docker#logging-server. Any logging server supported by rsyslogd may be used. Please see the BlueRange manual regarding configurations on System Logging and Firmware Updates.

To use BlueRange’s web app we recommend the use of one of the following browsers:

  • Chrome

  • Firefox

  • Safari

Network

  • Direct connection to the Internet or

  • Proxy server between BlueRange and the Internet, with following restrictions:

Restrictions on HTTP proxy usage:

  • single http proxy, not separate proxies for individual targets

  • required to support proxying of websockets

  • can not do content inspection as it must not break SSL

  • PAC (proxy auto-configuration scripts) not supported

  • PAC via DHCP auto-discovery not supported

Firewall configuration

Internet access

The following ports need to be opened on the firewall for incoming and outgoing connections from/to the Internet.

BlueRange Gateway

Inbound

Port Source Protocol Comment

TCP:22

<BLUERANGE-Host>

SSH

optional: for support access

TCP:443

<BLUERANGE-Host>

HTTPS

optional: for support access

Outbound

Port Destination Protocol Comment

TCP:443

<BLUERANGE-Host>

HTTPS

mandatory

TCP:8883

<MQTT-Host>

MQTTS

mandatory

UDP:123

0.de.pool.ntp.org, 1.de.pool.ntp.org, 0.pool.ntp.org, 1.pool.ntp.org

NTP

mandatory: At least one timeserver

TCP:22

support.bluerange.io

SSH

optional: for support access

TCP:80

checkip.amazonaws.com

HTTP

optional: To test internet connectivity

TCP:443

update.bluerange.io

HTTPS

optional: OS Updates by default

TCP:443

*.s3.*.amazonaws.com

HTTPS

optional: OS Updates by default

TCP:443

dl.bluerange.io

HTTPS

optional: Firmware Updates by default

TCP:9200

elasticsearch.bluerange.io

HTTPS

optional: Logging example server
BlueRange IoT Server

Inbound

Port Source Protocol Comment

TCP:443

Anywhere

HTTPS

mandatory: REST API and Portal

TCP:8883

Anywhere

MQTTS

mandatory: Mosquitto MQTT Broker

TCP:9001

Anywhere

WSS

mandatory: Mosquitto MQTT Broker Websocket for Portal

TCP:22

Anywhere

SSH

optional: for support access

TCP:80

Anywhere

HTTP

optional: redirects to HTTPS

Outbound

Port Destination Protocol Comment

TCP:25

<SMTP-Host>

SMTP

mandatory: for sending e-mail alerts

TCP:443

license.relution.io

HTTPS

mandatory: License Server

TCP:8883

<MQTT-Host>

MQTTS

mandatory: Mosquitto MQTT Broker

TCP:22

<MESHGW-Host>

SSH

optional: for support access

TCP:443

<MESHGW-Host>

HTTPS

optional: for support access

Internal network

The following ports are required for a server to server communication. The BlueRange service uses these ports to communicate with external services (Database, Directory service, Mail server). The exact configuration you need depends on the services you use and whether services are run on separate servers. If servers are located on the same network no additional firewall configuration should be needed. All ports are TCP.

Port Description

25

Mail server (SMTP)

389

Directory service (LDAP)

587

Mail server (SMTPS)

636

Directory service (LDAPS)

1433

Microsoft SQL Server

3306

MariaDB/MySQL

8080

BlueRange Server REST API (Accessed by NGINX)

8099

BlueRange Server Monitoring API (Spring Actuator)

27017

MongoDB
1. Minimum amount of free space on the HDD/SSD. Operating system and additional apps require additional space.
2. See also https://access.redhat.com/solutions/3696691.