On-Premises Deployment Overview
The HEAT product is designed to streamline data ingestion and processing in modern environments. It is typically deployed as a Kubernetes cluster on a Linux VM (Ubuntu-based installations are recommended), ensuring reliable performance and secure operations.
Network Diagram
Below is a high-level network diagram for HEAT:
Network & Connectivity Requirements
-
Ingress & API Access:
- Port 80: HTTP traffic via the ingress controller.
- Port 443: HTTPS/TLS secured traffic.
- Port 6443: Kubernetes API access for cluster management.
- (Optional: Depending on your Kubernetes setup, consider port 10250 for kubelet API access.)
-
External Connectivity:
- The cluster must have continuous outbound access to:
heatglobal.azurecr.iofor container image pulls.*.heat-secure.cloudfor licensing and critical updates.
- The cluster must have continuous outbound access to:
-
Internal Communication:
- Data sources provided by HEAT are designed for internal access only. External communication with these data sources is restricted and managed via the web UI or through manual kubectl intervention during development.
Resource & Hardware Requirements
For a single node production deployment, the recommended minimum hardware is:
- CPU: 16 modern x64 cores (physical cores; not hyper-threaded)
- Memory: 64GB RAM
- Storage: 512GB fast NVMe storage
Note: High availability is not feasible on a single node. Ensure that on-premises deployments are properly scoped based on anticipated load, as resource exhaustion (e.g., CPU, memory, disk space) may lead to instability.
Additional Considerations
- Database Connectivity:
- External databases (e.g., MSSQL, PostgreSQL, MongoDB) can be deployed either within the cluster (using separate namespaces and service exposure) or as managed services accessible from the cluster VM.
- Firewall & Security:
- Maintain strict firewall rules to allow only the necessary inbound and outbound traffic, minimizing the attack surface.