Virtual Appliance Technical Overview

Owned by Matt Adams
Last updated: Feb 24, 2022
2 min read

RTVision's virtual appliance is an alternative on-site option to SaaS and the modern replacement of our legacy 1U rack mount & micro atx appliances.

Specifications

  • Supported setup on VMWare, Hyper-V, and Xen Hypervisors

  • Gentoo Linux based OS running a Grsecurity hardened kernel

    • Primary system services

      • Apache - Web server

      • PostgreSQL - Database server

      • ClamAV - AntiVirus scanner

      • NRPE - Nagios remote monitoring

      • SSH - Secure remote shell access

  • System requirements:

    • Minimum - 2 cores / 4GB Ram / 40GB disk

    • Recommended - 4 cores / 8GB Ram / 40GB disk

    • Resizing the provided disk is only required if your application database exceeds 20GB (this is currently a very rare occurrence)

  • System configuration requirements

    • Static IP address

    • Subnet mask / cidr

    • Default gateway

    • DNS server (default 1.1.1.1)

    • NTP server (default pool.ntp.org)

    • Email relay server

  • Firewall requirements

  • NFS server required for persistent data storage (file attachments & database backups)

    • Storage space

      • 20-40GB recommended

      • 50-100GB+ if there will be a high volume of file attachment usage

Customer responsibilities

  • Backups

    • Your NFS file storage must be backed up! Your data is your responsibility.

    • Full system backups/snapshots are optional but typically not necessary since the appliance can be easily rebuilt from an image.

  • Keeping your appliance up to date

    • You will need to upgrade your appliance within 6 months after a new release

    • After 6 months the old appliance will no longer receive automatic updates

Distribution

The appliance is distributed as an OVA file that can be imported directly into VMWare or other hypervisors supporting the Open Virtualization Format.

We also offer a compressed raw disk download that can be used with hypervisors that do not support OVA such as Hyper-V.

Configuration management

The appliance utilizes a combination of in-house command line tools, Ansible, and a TLS encrypted API to manage it’s configuration.

Your system, network, and web application settings are managed by RTVision.

When you provision your appliance you will be prompted for API credentials that allow it to pull in and apply your configuration.

Automated updates

A job is ran nightly at a random minute between 0800-0900 UTC to deploy automated configuration changes, web application updates, minor software patches, & security fixes when applicable.

Release Updates

Major upgrades

Major upgrades will occur 1 or more times per year and consist of:

  • Linux kernel upgraded to latest LTS version

  • Gentoo Portage sync and snapshot

  • System package updates to latest stable versions

  • Web application updates to latest stable versions

Major upgrades are a mandatory customer responsibility that consist of migrating from one appliance image to another as outlined here.

Minor updates

Minor updates occur when new features are added to a product. They are deployed automatically in a nightly rolling release cycle once stable.

Patch updates

Patch updates occur when bugs are fixed or minor changes are made to existing features. They are deployed automatically in a nightly rolling release cycle once stable.

Security updates

Security updates are a wildcard depending on the scope and severity.

For more information on releases and updates click here.

Backups

With persistent data stored on your NFS server, backups are under your complete control.

  • File attachments are live, we do not create backup copies.

  • Database backups have a default schedule of 1 per application per hour with 7 days of retention.

    • The schedule and retention can be customized to your liking.

    • Database backups are also created upon clean shutdown of the appliance shutdown -h now.

Network Layout

See diagram below.