High-Level System Design - On Premise

Overview

OpenSpecimen can be hosted on-premise in a customer’s data center. The below network topology diagram depicts the typical implementation.

Prerequisites

  • The customer should provide the VMs for deploying OpenSpecimen

  • The customer should provide remote access accounts to login into the VPN

Network topology diagram

Description

  • OpenSpecimen is a “classical three-tier web application” with web, app, and db layers.

  • For the production instance, the database and app server is installed on different VMs.

  • For the test instance, the database and app are installed on the same machine.

  • Typically the web and app servers are installed on the same machine. If OpenSpecimen has to be accessible from outside the VPN, we can install the web server on a different VM on the DMZ.

  • SSL certificate, if provided by the client, is installed on the Apache webserver.

SAML/LDAP Integration

OpenSpecimen can be integrated with the institution’s Identity Provider (e.g., Microsoft ActiveDirectory). Refer to Configuring Identity Providers for more details.

Hardware Requirements

VM Number

Server

Operating System

Technical Specifications

VM Number

Server

Operating System

Technical Specifications

1

Prod database server

Linux ( CentOS or RedHat)

Quad-core CPU, 8GB RAM, 100 GB SSD HDD

2

Production app server

Linux ( CentOS or RedHat)

Quad-core CPU, 8GB RAM, 100 GB any HDD

3

Test server

Linux ( CentOS or RedHat)

Dual-core CPU, 4GB RAM, 100 GB any HDD

4

Printing server (for BarTender or NiceLabel)

Windows 10