# Architecture Overview
# System Base
# Minimum Specifications
For a small deployment supporting 5,000 connected accounts with event processing enabled:
- CPU: 4 vCPU at 2.4 GHz
- Memory: 8 GB
- Primary Disk: 16 GB
- (Optional) Data Disk: 64 GB
- This number is quoted for use with an on-appliance database. If using an external database, a 10-32 GB data disk should be sufficient depending on expected log volume.
- See Storage Architecture
# Performance
We have benchmarked AWS c4.4xlarge instances (16 vCPU) as capable of 250-500 API requests per second, depending on the third-party service the API request is performed to. Please note that the appliance’s default connection limit is 45 times the number of CPU cores.
# Operating System Environment
- 64-bit Ubuntu Server 18.04 LTS
- Administrative user account:
ubuntu
# Storage Architecture
/
- Root file system, contains base operating system with Kloudless Enterprise./data
- Required only for persisting default PostgreSQL database and, optionally, for user configuration file.- PostgreSQL 9.4+ is required.
# Supported Platforms
- Docker Containers
- Can run on Kubernetes, GKE, Amazon ECS, etc.
- Amazon EC2 AMIs
- Contact us to share them with your AWS Account Number.
- VirtualBox/VMware OVAs
- Azure VMs
- Contact us to receive access.
# Network Services
To ensure sensitive data is protected, it is important to restrict access to Kloudless Enterprise.
The following ports should be made available to access from applications or internal networks to the virtual appliance:
- 80 (HTTP) or 443 (HTTPS) - API server gateway.
- 8080 (HTTP) or 8443 (HTTPS) - Developer portal and web interface.
- 22 (SSH) - Configuration and administration of the appliance, if hosting method does not provide access to a shell.
It is recommended to use the HTTPS endpoints rather than the HTTP ones. This is especially true if the appliance is accessible from the public internet. Another section of the guides covers Configuring SSL certificates . Connections will be upgraded if SSL is configured.
# Kloudless Connect
To support proxied connections to private network services, see the Kloudless Connect section for additional firewall rules allowing inbound connections from the proxy server.
# Application Architecture
An architecture diagram of Kloudless appliances deployed in a cluster can be found in the Multi-Node Deployment section .
The Kloudless stack consists of the following parts:
# Web
- Nginx to handle load balancing, reverse proxying, and streaming of uploads/downloads.
- Django-based, event-driven web servers to power the API server and Developer Portal.
# Data Processing
- Python daemon worker processes to handle the heavy lifting of API requests as well as background tasks such as ensuring OAuth 2.0 tokens are refreshed and event data is collected.
- Redis for task distribution and process orchestration.
# Storage
- PostgreSQL can be configured to store access tokens, developer portal data, and metadata on data in connected accounts.
# Management
- SaltStack to manage system and application configuration.
# Tools & SDKs
Kloudless also provides open-source SDKs in popular languages as well as UI Tools such as the File Picker and Meeting Scheduler .