Documentation update To provide a better user experience, we have now created a separate documentation space for BMC Helix Automation Console (previously called BMC Helix Vulnerability Management). Users of BMC Helix Automation Console can find the latest documentation at BMC Helix Automation Console..

System requirements

Before you install the product, make sure that your environment meets the hardware and software requirements.

Product compatibility matrix

Additional requirements for the compatible TrueSight Server Automation versions

Install the hotfix for the compatible TrueSight Server Automation versions as described in the following table:

TrueSight Server Automation version

Details

23.2

Hotfix is not required.

23.1

Hotfix is not required.

Third-party software

Automation Console is bundled with the following third-party software:

Product version

PostgreSQL version

Java version

Apache Tomcat web server version

Docker container operating system

23.1

14

AdoptOpenJDK 11.0.14.1_1

9.0.60

Alpine Linux 3.15.4

Docker requirements and supported operating systems

Automation Console is supported on Linux-enabled Docker, and it requires the following version of Docker:

Utility

Version

docker

18.09.7 or later (Docker CE)
20.10.0 or later (Mirantis Container Runtime)

docker-compose

1.19.0 or later

The following table lists the supported operating systems and Docker Editions:

Operating system

Supported Docker Edition

RHEL 7.9

Mirantis Container Runtime (MCR) 20.10.0 or later (Formerly known as Docker EE) *

For more details, see MCR documentation.

RHEL 8.x

MCR 20.10.7 *

RHEL 9.x

MCR 20.10.14 *

CentOS 7.x

Docker CE 20.10.8

CentOS 8.x

Docker CE 20.10.8

*If you want to use Mirantis Container Runtime in a production environment, you need to purchase the license. You can use the trial version for a non-production environment.

For more information, see the Mirantis website.

Hardware requirements

The following sections list the hardware requirements.

Memory and disk space requirements

Minimum RAM

Minimum free storage for application at <installedLocation>

10 GB

10 GB

Minimum hardware requirements

The following table describes the minimum hardware requirements for a small deployment.

Requirement 

Small

Minimum space required for installation (GB)

Number of 
concurrent users

25

-

Automation Console server requirements

Number of 
Automation Console servers

1

-

CPUs per 
Automation Console
Server

8

-

Automation Console
server memory (GB)

32

10

Automation Console
server disk 
space (GB)

100

10

Database server requirements

CPUs per 
database
server

8

-

Database 
server 
memory (GB)

16

8

Database 
disk 
space (GB)

100

25

For more information about sizing requirements based on deployment scenarios, see Deployment-sizing-requirements.

External database requirements

The following table describes the supported database and its versions.

Database

Supported versions

PostgreSQL

  • 14
  • 13
  • 12
  • 11.2

Verify whether the PostgresSQL contrib modules are also installed. These are optional utilities shipped with the standard package, which may not installed by default. To verify whether the contrib modules are installed, run the following commands based on your version:

For PostgreSQL 14
yum list installed | grep postgresql14-contrib
For PostgreSQL 12
yum list installed | grep postgresql12-contrib


For PostgreSQL 11.2
yum list installed | grep postgresql11-contrib

You can install the database by using the executables provided on the BMC Electronic Product Distribution (EPD) site, or you can use an existing PostgreSQL installation.

The following table describes the recommendations for a PostgreSQL database that you can use for optimal performance.

Configuration

Recommendation

Users, Roles

  • The first installation of the application automatically creates the users and roles needed by the Automation Console. The installer requests the credentials for the PostgreSQL privileged user (usually named postgres).
  • Default names are provided for users and roles but they can be customized during installation.

Schema and Tablespaces

  • Automation Console database schema uses multiple tablespaces, which are automatically created during installation.
  • Data directories for the containerized database installed by the Stack Manager are created at the following location:
    • /var/lib/postgresql/data (Data Directory location on the database container) 
    • /var/bmc/truesight/postgresql/data (Data Directory location is mapped to the host)
  • The /var filesystem must have at least 50 GB of storage space.

Client Authentication

  • Ensure that the Automation Console computer can access the database server by allowing access to the pg_hba.conf file. 
  • Recommended configuration in pg_hba.conf is to use MD5 encryption for passwords.

  • Ensure that you add at least the database IP address and the Automation Console host IP address in the allowed list of host records in the pg_hba.conf file.

    To allow all the hosts for incoming connections
    #Allows all host for incoming connection
    host     all             all             0.0.0.0/0               md5 

    OR

    To allow only TSAC host and DB host for incoming connections
    #Allows only TSAC and DB host (DB host IP is required even if 127.0.0.1/32 (localhost) is added
    host     all             all             TSAC_HOST_IP/32         md5
    host     all             all             DB_HOST_IP/32           md5

Instance parameters

BMC recommends adding or updating the following parameters in the configuration of the database server in the postgresql.conf or equivalent file:

listen_addresses = '*'
max_connections = 500
default_statistics_target = 50
constraint_exclusion = on
wal_buffers = 8MB
min_wal_size = 1GB
max_wal_size = 2GB
checkpoint_timeout = 15min
checkpoint_completion_target = 0.9
log_min_messages = fatal
log_min_error_statement = fatal
#following parameters should be tuned according
#to actual memory available to Database server machine
#example of configuration for 8GB RAM
maintenance_work_mem = 512MB
effective_cache_size = 5GB
work_mem = 48MB
shared_buffers = 2GB

After changing these values, restart the database server.

External Redis Server requirement

If you want to configure Automation Console in a high availability environment, make sure that you have a non-cluster and non TLS 5.05 or later Redis Server.

Port requirements

The port on which the Automation Console communicates with an endpoint manager must be open, and the application and the endpoint manager must be able to communicate with each other.

The following table provides the port numbers that you must enable for the product. If you intend to use any custom ports during installation, ensure that you open the ports before installing the product.

Important

You cannot change the port numbers after the installation or upgrade. You can use port numbers of your choice only during installation.

Port

Protocol

Configured on

User can change the port number?

Firewall exception needed?

Description

10443

TCP

Host containing the Automation Console application installation

Yes

Yes

Secure port used to access the Automation Console application.

5000

TCP

Host containing the Automation Console application installation

Yes (at the time of installation)

Yes

Port used for communication with the Docker repository

5432

TCP

Host containing the database installation

No

Yes

Port used by the database (PostgreSQL) for communication

9843

TCP

Host containing the Automation Console application

No

Yes

Port used by the application to communicate with Server Automation

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*