System Requirements
Refer to the following system requirements for running Manufacturing Connect Edge.
A Manufacturing Connect Edge instance is designed to collect, analyze, and forward data. These data operations could require heavy computing resources to be able to facilitate all the day-to-day processes a Manufacturing Connect Edge instance will execute. Although it is possible to run Manufacturing Connect Edge on a wide range of devices, not having enough computing resources for your particular scenario could create serious performance issues.
Consider the following factors when deciding upon the hardware that your Manufacturing Connect Edge will use:
- What is the amount of data that will be processed?
- What is your hardware budget?
- How many devices will you connect to Manufacturing Connect Edge?
- How many Flows/Analytics/Applications/Integrations will you need?
- What programming language and frameworks will you use?
- Will you need frequent Manufacturing Connect Edge-Manufacturing Connect interactions (for example, in the case of automatic backups) as well?
To address some of these questions, we recommend you first install Manufacturing Connect Edge on a test Virtual Machine (VM). Then run a partial execution of all your possible workloads to see how it performs. From there, you can get a better idea whether you need less, about the same, or a multiplying factor of your test VM's computing resources. See below for setting up this VM.
A Manufacturing Connect Edge instance is typically customized under one of the following three configurations.
- Reading and passing data executed externally exclusively on Integrations.
- Minimal data processing and/or storage performed on the Manufacturing Connect Edge instance.
- Most computing resources consumed by only DeviceHub and data storage/forwarding to Integrations.
- Low-volume in-stream processing of data using Flows and/or Analytics (for example, value change or anomaly detection).
- Data stored in InfluxDB for local visualization using a container running the Grafana or Python application.
- Computing resources consumed by InfluxDB, Flows, Analytics, Containers, and DeviceHub.
- High-volume in-stream processing of all collected data involving complex Flows and Analytics.
- Multiple Flows are configured with the maximum allowed RAM.
- In Analytics, many groups operate, each including multiple processors.
- Several containers may be run for further data processing, traceability, downtime recording, and so on.
- InfluxDB will require additional CPU and RAM resources if a large number of devices and tags are configured
- Each device will become its own InfluxDB data table (measurement).
- Computing resources consumed by user-defined code within Flows, Applications, and Analytics flows.
The following table summarizes parameters for the above three starting configurations when sizing a Manufacturing Connect Edge instance.
| Configuration 1 (Data pass-through) | Configuration 2 (In-stream processing) | Configuration 3 (Heavy in-stream processing and application usage) |
|---|---|---|---|
Devices | 1-5 | 5-10 | 10+ |
Average Tags per Device | 10-20 | 20-100 | 100+ |
Flows Instances | 0-4 | 1-4 | 1-4 |
Average Flow Nodes | < 10 | 10-50 | 50+ |
Analytics | 0-5 | 5-25 | 25+ |
Applications/Containers | 0 | 1-2 | 2+ |
Integrations | 1-2 | 1-5 | 5+ |
InfluxDB Usage | Optional | Mandatory | Mandatory |
OPC UA Server Usage | Cannot function with OPC UA Server | Can function with OPC UA Server | Can function with OPC UA server |
Cores | 4 | 8 | 12+ |
Memory(RAM) | 8-16 GB | 16-32 GB | 32+ GB |
Storage (Disc) | 100-250 GB | 250- 500 GB | 500+ GB |
NIC (Network Interface) |
|
|
|
Note: You have the option of managing ports in Manufacturing Connect Edge. See Manage Firewall Rules to learn more.
The firewall managing Manufacturing Connect Edge's traffic must always open the following port to allow you to access the Web User Interface.
Function for Manufacturing Connect Edge | Port # | Encrypted | Direction | Protocol | Description | Source (Port is used by who/what) | Destination (Port must be opened at) |
|---|---|---|---|---|---|---|---|
Accessing Manufacturing Connect Edge through a Web User Interface | 443 | Yes SSL | Inbound | TCP | HTTPS | Manufacturing Connect Edge Users | Manufacturing Connect Edge |
The following ports must be open to maintain the activation between Manufacturing Connect and Manufacturing Connect Edge.
Function for Manufacturing Connect Edge | Port # | Encrypted | Direction | Protocol | Description | Source (Port is used by who/what) | Destination (Port must be opened at) |
|---|---|---|---|---|---|---|---|
Redirects 443 | 80 | No | Inbound | TCP | HTTP | Manufacturing Connect Edge Users | Manufacturing Connect Edge |
Connect Manufacturing Connect Edge to Manufacturing Connect | 8883 | Yes MQTTS | Outbound | TCP | MQTT-SSL | Manufacturing Connect Edge | Manufacturing Connect and Customer MQTT Broker |
Connect Manufacturing Connect Edge to Manufacturing Connect | 443 | Yes | Outbound | TCP | HTTPS | Manufacturing Connect Edge | Manufacturing Connect |
Connect Manufacturing Connect Edge to Manufacturing Connect | 51820 | Yes | Outbound | UDP | UDP Manufacturing Connect Remote Access | Manufacturing Connect Edge | Manufacturing Connect |
The firewall managing Manufacturing Connect Edge's traffic must open Only if corresponding services are present and running.
Function for Manufacturing Connect Edge | Port # | Encrypted | Direction | Protocol | Description | Source (Port is used by who/what) | Destination (Port must be opened at) |
|---|---|---|---|---|---|---|---|
Use Manufacturing Connect Edge as an FTP Server | 21, 2121 | No | Inbound | TCP | FTP | Customer FTP Server | Manufacturing Connect Edge |
Use Manufacturing Connect Edge as an SSH Server Used for backend support access | 22 | Yes Session key | Inbound | TCP | SSH | Google Support Team | Manufacturing Connect Edge |
Redirects 443 | 80 | No | Inbound | TCP | HTTP | Manufacturing Connect Edge users | Manufacturing Connect Edge |
Use Manufacturing Connect Edge as an LDAP Client | 389 | No | Outbound | TCP | LDAP | Manufacturing Connect Edge | Customer LDAP Server |
Use Manufacturing Connect Edge as an LDAP Client | 636 | Yes SSL | Outbound | TCP | LDAP with SSL | Manufacturing Connect Edge | Customer LDAP Server |
Use Manufacturing Connect Edge as an OPC UA Server | 4840 | Yes (Depends on server settings) | Inbound | TCP/UDP | OPC UA Server | Customer Northbound Application | Manufacturing Connect Edge |
Connect Manufacturing Connect Edge to Manufacturing Connect | 8883 | Yes MQTTS | Outbound | TCP | MQTT-SSL | Manufacturing Connect Edge | Manufacturing Connect and Customer MQTT Broker |
Connect Manufacturing Connect Edge to Manufacturing Connect | 443 | Yes | Outbound | TCP | HTTPS | Manufacturing Connect Edge | Manufacturing Connect |
Connect Manufacturing Connect Edge to Manufacturing Connect | 51820 | Yes | Outbound | UDP | Manufacturing Connect Remote Access | Manufacturing Connect Edge | Manufacturing Connect |
Collaboration with name servers to replace IP of LE with a name server | 5353 | No | Outbound | UDP | mDNS (Multicast DNS) | Manufacturing Connect Edge | Multicast Local Network |
Collaboration with name servers to replace IP of LE with a name server | 5355 | No | Inbound | TCP/UDP | LLMNR (Link-Local Multicast Resolution) | 224.0.0.252 | Manufacturing Connect Edge |
Remote access over internet when accessing Manufacturing Connect Edge | 9993 | Yes (asymmetric public key encryption) | Outbound | UDP | Remote Access | Google Support Team | Manufacturing Connect Edge |
The firewall managing Manufacturing Connect Edge's traffic must open specific ports for certain PLC devices to connect to Manufacturing Connect Edge.
Ports for Industrial Systems and Sensors Connections are PLC specific and should be open on a case-by-case basis. See the Industrial Systems Connection Guide for more information.
Marketplace applications manage their own ports. Those ports are application-specific and are outside of the iptables firewall.
Any other ports are blocked by the iptables firewall. This means that the Manufacturing Connect Edge flows application can initiate only outgoing traffic and cannot listen to incoming connections.