Gateway Requirements
The Gateway service is essentially a reverse proxy with some protocol inspection duties. As a proxy between the client applications and the storage nodes, its primary duty is to pass bytes from one network adapter to another.
Prerequisites
Content Gateway requires the following components for installation and operation:
Swarm Storage cluster implemented with Storage settings needed by Gateway
Elasticsearch cluster installed (if using metering data for critical functions such as billing, deploy at least 3 Elasticsearch servers and set up snapshot backups of that data)
An authentication backend, such as LDAP or PAM
Network time protocol (NTP) server reachable by both Gateway server(s) and Swarm storage nodes
At least one server on which to install the Content Gateway software
System Requirements
The system requirements for the Gateway depend on the volume of the traffic and the speed of the upstream network connection to client applications.
Do Not Install on Management Node
Content Gateway and the production Elasticsearch cluster need to be on separate machines from the management node (Platform Server or CSN). The management node installs with Service Proxy and a single-node ES, which are dedicated to the Swarm UI.
Gateway server software:
64-bit Linux operating system, RHEL/Rocky Linux 8 or RHEL/CentOS 7
Gateway server hardware:
Virtual or physical machine
2+ CPU cores
2+ GB RAM
3+ GB
/tmpspace2+ GB available disk storage after OS installation (see Space Requirements below)
For high availability and capacity scaling, add the following:
Two or more additional Gateways
A load-balancing mechanism
Prevent Gateway clients from making storage requests directly to the back-end storage cluster using one of these methods:
(most common) Make the Gateway servers dual-homed on the front-end client network and the back-end storage network.
Use network filtering to prevent direct user access to the storage cluster and to deploy Gateway servers and storage servers on one subnet.
Use VLAN tagging on the Gateway server's network interface to allow one physical interface to carry both front-end and back-end traffic.
Space Requirements
Spool Space for Multipart Uploads
The HTTP multipart MIME upload operation requires spool space on the Gateway server; all other operations, including the S3 multipart upload, SCSP multipart writes, and normal whole-object writes, stream through the Gateway and directly to the back-end object storage nodes. HTTP multipart MIME POST requests are used by the upload function in the Content Portal and by HTML form POSTs.
Verify the total free disk space on a Gateway server includes an allowance for the maximum expected to be needed for these requests. To control the spool location and the percentage of disk space that can be used, set the multipartSpoolDir and multipartUsageAllowed in the [gateway] section of the configuration file.
Best Practice
If the https://perifery.atlassian.net/wiki/spaces/public/pages/2443817417 has many users and/or large uploads, increase the available space in the Gateway's spool directory to 32 GB or more and increase the multipartUsageAllowed parameter value.
Logging Space
The Gateway server uses up to 2GB of disk space for application logs and audit logs in the default configuration. The retention time and file size of the historical logs can be changed as required based on the deployment requirements. See the logging configuration in https://perifery.atlassian.net/wiki/spaces/public/pages/2443810201 section.
S3 Requirements
Follow these requirements to use S3 with Content Gateway:
Enable and configure erasure-coding (EC).
Size the cluster to support EC; for example, do not attempt to use S3 with inadequate resources, such as 3 chassis and reps=2.
See https://perifery.atlassian.net/wiki/spaces/public/pages/2443810131 and also and in the Swarm Storage guide.
© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.