Server installation is one of the first actions to be done for any KYP.ai implementation. Before the server is installed, a decision on the cloud vs. on-premise approach needs to be made. Cloud-based servers are installed and managed by KYP.ai or KYP.ai Implementation Partner, and on-premise servers are installed and managed by your IT.
Infrastructure
As a base, KYP.ai needs 1 machine with the below requirements. It can be setup as a physical machine or a Virtual machine in a cloud provider.
Additional components like Web Application Firewall etc. can be added to the setup.
All components will run on this machine as docker containers. With more data delivered by users, e.g.1000+ please contact KYP.ai Team for more details.
The hardware specification below assumes server virtualization. In case of using a Physical server / Bare metal, please ask the KYP.ai Team for detailed requirements.
All parameters are conventional, number of users and the scope of collected functions may be insufficient to determine the configuration. Resources are strongly dependent on the parameters set by the service, e.g. the number of applications, images, patterns, etc.
Configuration for OPS monitoring purposes (without screenshot processing):
| No. of users | < 30 users | 30 – 300 users | 300 – 1000 users | 1000 – 5000 users |
|---|---|---|---|---|
Processor Architecture x86_64 | 4 vCPU | 8 vCPU | 8 vCPU | 16 vCPU |
Memory | 32 GB | 32 GB | 64 GB | 64 GB |
Storage Fast, attached disk as the additional partition File system: ext4 or xfs with ftype=1 (d_type support enabled) | 100 GB IOPS ~1000 | 250 GB IOPS ~1500 | 600 GB IOPS ~3000 | 1,5 TB IOPS ~3000 |
Configuration for Process Discovery / PoC purpose (with screenshot processing):
| No. of users | < 30 users | 30 - 300 users | 300 - 1000 users | 1000 - 5000 users |
|---|---|---|---|---|
Processor Architecture x86_64 | 4 vCPU | 8 vCPU | 16 vCPU | 32 vCPU |
Memory | 32 GB | 64 GB | 128 GB | 192 GB |
Storage Fast, attached disk as the additional partition File system: ext4 or xfs with ftype=1 (d_type support enabled) | 400 GB* IOPS~3000 | 1,5 TB* IOPS~4500 | 4 TB* IOPS~6000 | 10 TB* IOPS~6000 |
* Storage calculated based on: default data retention including 30 days of screenshot retention, 15% usage of screenshot apps and 12 months of contract.
More detailed hardware calculations can be made based on the below Excel form:
Example configuration for Cloud installation:
OPS monitoring
| Users / Provider | AWS | GCP | OVH | Azure | OCI |
| < 30 users | r5.xlarge with 'GP3' | n2-highmem-4 with 'pd-standard' | r3-32 with 'high speed storage' | Standard_E4as_v5 with 'premium SSD' | VM.Standard3.Flex(2ocpu,32GB) with 'lower cost volume' |
| Price* | 232 € | 252 € | 97 € | 200 € | 93 € |
| 30 – 300 users | m4.2xlarge with 'GP3' | n2-standard-8 with 'pd-standard' | b3-32 with 'high speed storage' | D8as v4 with 'premium SSD' | VM.Standard3.Flex(4ocpu,32GB) with 'balanced volume' |
| Price* | 375 € | 378 € | 158 € | 340 € | 154 € |
| 300 – 1000 users | r5.2xlarge with 'GP3' | n2-highmem-8 with 'pd-standard' | r3-64 with 'high speed storage' | Standard_E8as_v5 with 'premium SSD' | VM.Standard3.Flex(4ocpu,64GB) with 'balanced volume' |
| Price* | 501 € | 522 € | 228 € | 432 € | 216 € |
| 1000 – 5000 users | m5.4xlarge with 'GP3' | n2-standard-16 with 'pd-ssd' | b3-64 with 'high speed storage' | D16as v4 with 'premium SSD' | VM.Standard3.Flex(8ocpu,64GB) with 'balanced volume' |
| Price* | 815 € | 1037 € | 401 € | 859 € | 348 € |
* monthly price for recommended configuration in Western Europe Datacenter (i.e Frankfurt, 09.2024)
The price given in the table refers only to the hardware costs at the supplier.
Process Discovery / PoC
| Users / Provider | AWS | GCP | OVH | Azure | OCI |
| < 30 users | r5.xlarge with 'GP3' | n2-highmem-4 with 'pd-standard' | r3-32 with 'high speed storage' | Standard_E4as_v5 with 'premium SSD' | VM.Standard3.Flex(4ocpu,32GB) with 'lower cost volume' |
| Price* | 260 € | 266 € | 123 € | 253 € | 105 € |
| 30 – 300 users | r5.2xlarge with 'GP3' | n2-highmem-8 with 'pd-standard' | r3-64 with 'high speed Gen2 storage' | Standard_E8as_v5 with 'premium SSD' | VM.Standard3.Flex(4ocpu,64GB) with 'balanced volume' |
| Price* | 587 € | 565 € | 305 € | 616 € | 255 € |
| 300 – 1000 users | r5.4xlarge with 'GP3' | n2-highmem-16 with 'pd-standard' | r3-128 with 'high speed Gen2 storage' | Standard_E16as_v5 with 'premium SSD' | VM.Standard3.Flex(16ocpu,128GB) with 'balanced volume' |
| Price* | 1269 € | 1178 € | 696 € | 1209 € | 513 € |
| 1000 – 5000 users | m5.12xlarge with 'GP3' | n2-standard-48 with 'pd-ssd' | r3-256 with 'high speed Gen2 storage' | Standard_E32as_v5 with 'premium SSD' | VM.Standard3.Flex(48ocpu,192GB) with 'balanced volume' |
| Price* | 2967 € | 4233 € | 1563 € | 2373 € | 1038 € |
* monthly price for recommended configuration in Western Europe Datacenter (i.e Frankfurt, 09.2024) - raw hardware infrastructure price.
The price given in the table refers only to the hardware costs at the supplier.
Network requirements
- Available ports:
- 80 - used only to redirect to 443
- 443 - for HTTP(S) KYP.ai Connect App data transfer and KYP.ai Frontend access
- 22 - for SSH server maintenance
- Open traffic to CentOS Repository (OS packages), Docker Hub (https://download.docker.com) - docker package repository for the server installation time
- Open outbound traffic to *.kyp.ai for installation packages and resources monitoring
- Enable network traffic from Customer workstations to KYP.ai Server on port 443 (HTTPS)
- Register DNS entry resolving provisioned VM by the server and workstations.
- Generate SSL certificate for the server domain name (FQDN) and provide to KYP.ai
- HTTPS traffic can not be filtered for specific phrases or conditions
- Required network bandwidth 2Mb/s for 50 users
For detailed networking, please check "Network Sizing Section"
Optional:
- In case of Load Balancer usage:
- Register DNS entry for the load balancer
- SSL certificate generated for the load balancer in desired domain added to trusted certificates store
- Load Balancer traffic on port 443 should be redirected to the server on port 80
- Data collection monitoring outbound communication port to email server on port 587/465, not filters emails sent to monitoring@kyp.ai
- LDAP/Active Directory communication to LDAP server on port 389/636
- For SSO Enabled with MS Azure, configure access and open traffic to Identity Provider (IDP) for single sign-on e.g.: Microsoft Azure AD Server (https://login.microsoftonline.com and https://graph.microsoft.com).
Backup:
The application has a default setup to keep the last 6 days' backups of the main database on local storage. These parameters can be changed and need to be agreed upon before deployment. The best practice is to keep backups on different storage i.e. AWS S3 and it needs to be configured in a backup script.
Software
- Operating system - Enterprise Linux Server recommended - Ubuntu 20.04.5 or later, optional - RHEL 8.7 (RedHat) or later, Fedora 37 or later
- The following list contains necessary tools that need to be installed on the server before the KYP installation process, which is needed to run during this process
| Tool | Version |
|---|---|
Wget | 1.14 |
Curl | 7.29.0 |
Zip | 3.0 |
Unzip | 6.0 |
Htop | 2.2.0 |
ctop | 0.7.5 |
mc | 4.8.7 |
docker | 23.0.1 |
docker-compose | 2.16.0 |
logrotate | 3.8.6 |
vim | 7.4 |
net-tools | latest |
- KYP.ai packages with system downloaded from KYP.ai repository
Access:
- Provide remote access (e.g. VPN) to KYP.ai Team for the server.
- Grand SSH access to KYP.ai DevOps Team, with root rights granted for installation and daily maintenance.
- Grand HTTPS access to KYP.ai Customer Success Team for configuration and data analysis.
- Optional - Provision separated virtual machine with Windows 11 in Customer environment for KYP.ai Connect App for testing purposes.