System Requirements

refer to the following system requirements for running manufacturing connect edge minimum requirements a manufacturing connect edge instance is designed to collect, analyze, and forward data these data operations could require heavy computing resources to be able to facilitate all the day to day processes a manufacturing connect edge instance will execute although it is possible to run manufacturing connect edge on a wide range of devices, not having enough computing resources for your particular scenario could create serious performance issues consider the following factors when deciding upon the hardware that your manufacturing connect edge will use what is the amount of data that will be processed? what is your hardware budget? how many devices will you connect to manufacturing connect edge? how many flows/analytics/applications/integrations will you need? what programming language and frameworks will you use? will you need frequent manufacturing connect edge manufacturing connect interactions (for example, in the case of automatic backups) as well? to address some of these questions, we recommend you first install manufacturing connect edge on a test virtual machine (vm) then run a partial execution of all your possible workloads to see how it performs from there, you can get a better idea whether you need less, about the same, or a multiplying factor of your test vm's computing resources see below for setting up this vm recommended configurations a manufacturing connect edge instance is typically customized under one of the following three configurations data pass through reading and passing data executed externally exclusively on integrations minimal data processing and/or storage performed on the manufacturing connect edge instance most computing resources consumed by only devicehub and data storage/forwarding to integrations in stream processing low volume in stream processing of data using flows and/or analytics (for example, value change or anomaly detection) data stored in influxdb for local visualization using a container running the grafana or python application computing resources consumed by influxdb, flows, analytics, containers, and devicehub heavy in stream processing and application usage high volume in stream processing of all collected data involving complex flows and analytics multiple flows are configured with the maximum allowed ram in analytics, many groups operate, each including multiple processors several containers may be run for further data processing, traceability, downtime recording, and so on influxdb will require additional cpu and ram resources if a large number of devices and tags are configured each device will become its own influxdb data table (measurement) computing resources consumed by user defined code within flows, applications, and analytics flows the following table summarizes parameters for the above three starting configurations when sizing a manufacturing connect edge instance configuration 1 (data pass through) configuration 2 (in stream processing) configuration 3 (heavy in stream processing and application usage) devices 1 5 5 10 10+ average tags per device 10 20 20 100 100+ flows instances 0 4 1 4 1 4 average flow nodes < 10 10 50 50+ analytics 0 5 5 25 25+ applications/containers 0 1 2 2+ integrations 1 2 1 5 5+ influxdb usage optional mandatory mandatory opc ua server usage cannot function with opc ua server can function with opc ua server can function with opc ua server cores 4 8 12+ memory(ram) 8 16 gb 16 32 gb 32+ gb storage (disc) 100 250 gb 250 500 gb 500+ gb nic (network interface) typically at least two one for it network (users, manufacturing connect, integrations) one for ot network (plc connectivity) typically at least two one for it network (users, manufacturing connect, integrations) one for ot network (plc connectivity) typically at least two one for it network (users, manufacturing connect, integrations) one for ot network (plc connectivity) firewall port configuration requirements note you have the option of managing ports in manufacturing connect edge see manage firewall rules docid\ vev2ckjwulvtaemdunjec to learn more the firewall managing manufacturing connect edge's traffic must always open the following port to allow you to access the web user interface function for manufacturing connect edge port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) accessing manufacturing connect edge through a web user interface 443 yes ssl inbound tcp https manufacturing connect edge users manufacturing connect edge the following ports must be open to maintain the activation between manufacturing connect and manufacturing connect edge function for manufacturing connect edge port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) redirects 443 80 no inbound tcp http manufacturing connect edge users manufacturing connect edge connect manufacturing connect edge to manufacturing connect 8883 yes mqtts outbound tcp mqtt ssl manufacturing connect edge manufacturing connect and customer mqtt broker connect manufacturing connect edge to manufacturing connect 443 yes outbound tcp https manufacturing connect edge manufacturing connect connect manufacturing connect edge to manufacturing connect 51820 yes outbound udp udp manufacturing connect remote access manufacturing connect edge manufacturing connect the firewall managing manufacturing connect edge's traffic must open only if corresponding services are present and running function for manufacturing connect edge port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) use manufacturing connect edge as an ftp server 21, 2121 no inbound tcp ftp customer ftp server manufacturing connect edge use manufacturing connect edge as an ssh server used for backend support access 22 yes session key inbound tcp ssh google support team manufacturing connect edge redirects 443 80 no inbound tcp http manufacturing connect edge users manufacturing connect edge use manufacturing connect edge as an ldap client 389 no outbound tcp ldap manufacturing connect edge customer ldap server use manufacturing connect edge as an ldap client 636 yes ssl outbound tcp ldap with ssl manufacturing connect edge customer ldap server use manufacturing connect edge as an opc ua server 4840 yes (depends on server settings) inbound tcp/udp opc ua server customer northbound application manufacturing connect edge connect manufacturing connect edge to manufacturing connect 8883 yes mqtts outbound tcp mqtt ssl manufacturing connect edge manufacturing connect and customer mqtt broker connect manufacturing connect edge to manufacturing connect 443 yes outbound tcp https manufacturing connect edge manufacturing connect connect manufacturing connect edge to manufacturing connect 51820 yes outbound udp manufacturing connect remote access manufacturing connect edge manufacturing connect collaboration with name servers to replace ip of le with a name server 5353 no outbound udp mdns (multicast dns) manufacturing connect edge multicast local network collaboration with name servers to replace ip of le with a name server 5355 no inbound tcp/udp llmnr (link local multicast resolution) 224 0 0 252 manufacturing connect edge remote access over internet when accessing manufacturing connect edge 9993 yes (asymmetric public key encryption) outbound udp remote access google support team manufacturing connect edge plc specific ports the firewall managing manufacturing connect edge's traffic must open specific ports for certain plc devices to connect to manufacturing connect edge ports for industrial systems and sensors connections are plc specific and should be open on a case by case basis see the industrial systems connection guide docid\ yq2itusjpvlgks50krq1r for more information marketplace ports marketplace applications manage their own ports those ports are application specific and are outside of the iptables firewall other ports any other ports are blocked by the iptables firewall this means that the manufacturing connect edge flows application can initiate only outgoing traffic and cannot listen to incoming connections