Provider appliance

From regify WIKI
Jump to navigation Jump to search

Key features

The regify Provider Software Appliance can get described with the following key attributes:

  1. Software appliance, based on a special Linux version (comes as an ISO image).
  2. Hardened for 24/7 internet availability and security
    1. Built-in firewall blocking all unused ports.
    2. Application based intrusion detection system (IDS) to be a second firewall against various attacks (XSS, SQL injection, header injection, Directory traversal, Remote File Execution, Local File Inclusion, DoS).
    3. All unused services, users and groups are removed or stopped.
    4. Continuously updated by "check for updates" function including all operating system and application components (Kernel, Apache, MySQL, OpenSSL etc).
    5. Appliance management is only available by SSH from internal IP address range or (optional) from dedicated external IP addresses.
  3. Supports database replication (Master-Slave, Cross-Master) for full redundancy and high availability.
  4. Offers easy SSL certificate generation and usage (menu guided).
  5. Fully supports all Subprovider features (handles multiple IP addresses, customizations etc).
  6. Included database (MySQL, with MariaDB as an alternative).
  7. Included Apache Webserver with PHP environment.
  8. Included MTA (Mail Tranfer Agent) which is also usable as relay with a company SmartHost.
  9. Automatic time-synchronisation using NTP.
  10. Fully supporting NAGIOS monitoring (more information below on this page).
  11. Supports external loadbalancers and SSL offloading.
  12. Use any network SMB shares for regibox storage (optional).
  13. Installs in less than 10 minutes.
  14. Allows easy and automatic updates.
  15. Does not need any advanced Linux knowledge.

Supported virtualization environments

Please note, from version 5, the regify Provider Software Appliance can get installed on virtual machines only! Physical hardware is no longer supported.

Compatible virtualization environments

  • VMWare ESX(i) servers (V5 and newer and vSphere Hypervisor)
  • VMWare Workstation (V5 and newer)
  • VirtualBox (V5 and newer)
  • Microsoft Hyper-V (generation 1 and 2)
    • Works fine on regular local hosted Hyper-V instances (this is not Azure!)
    • We experienced several problems with Azure Pack (WAP) regarding IP addresses and routing. Thus, usage of Azure Pack is not recommended.
    • See also "not supported" below.

Known running but not officially supported

  • Citrix XEN Server V6.2 and V6.5
    • Only supporting Hardware-assisted virtualization (HVM) mode
    • No Paravirtualization (PV) support
    • We do not offer any technical support regarding Citrix XEN related questions or problems.
  • OpenStack
    • We do not offer any technical support regarding OpenStack related questions or problems.

Not supported

In general, all not mentioned platforms above are not supported. The following is just a list of incompatibility reasons.

  • Amazon Webservices (AWS)
    • AWS ist only usable with several serious drawbacks because there is no real console access.
    • Therefore we do not offer any technical support regarding AWS related questions or problems.
  • Microsoft Azure and Microsoft Azure Pack
    • Hard or impossible to upload regify provider appliance ISO.
    • Hard or impossible to access machine console (only serial console emulation, not sufficient for installation).
  • Physical hardware
    • We do no longer support any hardware installation.


You need two mandatory things in order to install and run a regify provider appliance:

  • Full console access, at least during installation.
  • The chance to upload your own ISO image and let the VM boot from it.

Please do not question these requirements. We can not change this by any discussion we might have. It is a technical prerequisite.

Hardware requirements

You can find the hardware requirements at the Hardware page.

Performance considerations

You can find information about performance and speed at the Hardware page.

Monitoring support

The regify provider software appliance offers you two kind of monitoring:

Nagios support

The regify provider software appliance gives you access to the standard NAGIOS client plugins. Here is a list of the plugins that are contained (regify provider V4 - 02/2015):

  • nagios-plugins-cluster
  • nagios-plugins-dig
  • nagios-plugins-disk
  • nagios-plugins-dns
  • nagios-plugins-dummy
  • nagios-plugins-file_age
  • nagios-plugins-http
  • nagios-plugins-icmp
  • nagios-plugins-ide_smart
  • nagios-plugins-ifoperstatus
  • nagios-plugins-ifstatus
  • nagios-plugins-linux_raid
  • nagios-plugins-load
  • nagios-plugins-log
  • nagios-plugins-mailq
  • nagios-plugins-memcheck
  • nagios-plugins-mysql
  • nagios-plugins-nrpe-2.14-5.rf.i386
  • nagios-plugins-ntp
  • nagios-plugins-perl
  • nagios-plugins-ping
  • nagios-plugins-procs
  • nagios-plugins-smtp
  • nagios-plugins-ssh
  • nagios-plugins-swap
  • nagios-plugins-tcp
  • nagios-plugins-time
  • nagios-plugins-users

The supported protocol is NRPE.

By default, NAGIOS is disabled but the plugins are available.

There is no GUI support for Nagios, so the usage is for experts only.

Built-in monitoring script

The regify provider software appliance offers a dedicated HTTPS call to get information about the health of the regify provider. By calling this prepared URL, it returns either

  • "OK" -> Everything is fine
  • "WARNING: description" -> System still running, but there are problems
  • "ERROR: description" -> System is in maintenance mode and not running

The description contains detailed information about the reason of the current state.

This monitoring call allows you to generate basic monitoring with no big efforts. This call is testing the following things:

  • Clearing connection health?
  • Is the provider in maintenance mode?
  • Is free disk space bigger than 300MB?
  • Is regibox space available and working (if enabled)?
  • Do we have working cryptography?
  • How is internal database connectivity?