System requirements for installing NXLog Platform using Helm

The system requirements of NXLog Platform depend on the number of log-collecting agents that you plan to connect and your log storage needs.

The following sections provide initial resource provisioning guidelines for the different deployment sizes supported by NXLog. After completing the deployment, we recommend monitoring resource usage and increasing resources as necessary to ensure NXLog Platform runs smoothly.

Kubernetes cluster requirements

Before deploying NXLog Platform, you must set up a Kubernetes cluster that meets the following conditions:

The cluster is running Kubernetes >= 1.32.
The cluster is running one of the following supported ingress controllers:
- Traefik
- Ingress NGINX Controller (community-maintained)
- Istio
- OpenShift Routes
The following command-line tools are installed on your workstation:
- kubectl for running commands against Kubernetes clusters.
  Run kubectl version to check the installed version.
- Helm for deploying and managing Kubernetes applications using charts.
  Run helm version to check the installed version.
- jq for processing and transforming JSON data.
  Run jq --version to check the installed version.

CPU and RAM requirements

NXLog Platform provides several deployment sizes depending on the number of agents that you run or plan to run in your environment. The table below lists the minimum CPU and memory requirements for each node of the Kubernetes cluster, depending on the deployment size.

The Managed agents column represents the maximum number of agents supported by the agent management capability of NXLog Platform. Note that the number of agents sending logs to NXLog Platform can be lower or higher than that number depending on your data collection architecture.
The CPUs of all Kubernetes nodes running NXLog Platform pods must have an x86_64 architecture and support Advanced Vector Extensions 2 (AVX2). If your Kubernetes cluster runs on virtual machines, ensure that your hypervisor’s BIOS supports AVX2 and that the hypervisor allows AVX2 pass-through to the guest OS of each Kubernetes node.

To verify that AVX2 instructions are present, run the following command on each node:
```
$ grep -io -m1 avx2 /proc/cpuinfo
avx2
```
The RAM requirements for all Kubernetes nodes depend on whether NXLog Platform will be used to store log data or not, as the built-in log storage database uses more memory to support high log ingestion rates. The values listed on the table are for the exclusive use of NXLog Platform, meaning that you must provision additional RAM for the operating system, Kubernetes cluster, and any other system daemons or applications running on each cluster node. You will configure whether to store log data or not during the NXLog Platform installation process.

Table 1. NXLog Platform deployment sizes
Deployment size	Managed agents	CPU cores per node	RAM per node without log storage	RAM per node with log storage
`small`	up to 1,000	2	11 GB	19 GB
`medium`	1,001 to 10,000	3	14 GB	22 GB
`large`	10,001 to 50,000	4	19 GB	43 GB
`xlarge`	50,001 to 100,000	8	38 GB	54 GB

Storage requirements

You have full control over the type and configuration of the default cluster StorageClass that will satisfy the NXLog Platform PersistentVolumeClaims (PVCs). NXLog recommends using a StorageClass that:

Supports expanding volumes, especially when using NXLog Platform to store log data.
Provides at-rest encryption.
Uses a network-backed storage solution to ensure that pods can be scheduled on any node in the cluster without being tied to a local disk. However, NXLog Platform runs successfully even if the StorageClass is backed by local disk storage.

The storage capacity depends on your data retention requirements and whether you use the built-in log storage. At a minimum, provision the following recommended capacity:

42 GB of baseline storage capacity for all NXLog Platform components that use persistent storage.
If you’re using the built-in log storage, 100 GB of initial storage capacity for log data. In production, you will need to provision storage based on the log ingestion rate, data retention period, and your replication or backup policies.

After deploying NXLog Platform, you must monitor the PVC usage and adjust the requested storage as needed.

Network requirements

When deploying NXLog Platform using the Helm chart, ensure that your cluster and network are set up as follows:

The Kubernetes cluster provides standard pod and service networking, and allows egress HTTP traffic from the default nxp namespace where NXLog Platform is deployed to kubernetes.default.svc:443 to support Vault authentication.
Both your organization firewall and the cluster’s network policies allow the ports and hostnames described in the table below. While deploying NXLog Platform, you will configure your ingress controller or load balancer to expose the inbound ports.

Direction Service Description

Direction	Service	Description
Inbound	`443/TCP`	HTTPS endpoint for the NXLog Platform user interface.
`5515/TCP`	Agent management.
`5514/TCP`	Ingestion of logs sent by agents.
Outbound	`{53\|custom}/TCP` `{53\|custom}/UDP`	DNS services. Change the port number if you are running your organization’s DNS server on another port.
`{25\|465\|587\|custom}/TCP`	SMTP port for sending NXLog Platform email notifications, such as new user invitations. Depending on your SMTP server, allow either port 25, 465, 587, or a custom port.
`platform.nxlog.co:443/TCP`	NXLog Customer Portal for customer registration and management of the customer’s organizations, subscriptions, and invoices. NXLog Platform requires access to the Customer Portal to validate the active subscriptions and license usage.
`nxlogacr.azurecr.io:443/TCP` `*.blob.core.windows.net:443/TCP`	Microsoft Azure Container Registry and Microsoft Azure Blob Storage. Used for pulling the NXLog Platform container images from the NXLog container registry.
`nxlog-artifacts-prod.fra1.digitaloceanspaces.com:443/TCP` `nxlog-solution-pack-integration-bucket.fra1.digitaloceanspaces.com:443/TCP`	DigitalOcean Spaces CDN. Used for downloading the NXLog Platform and NXLog Agent installation packages and dynamically fetching the most recent versions of NXLog Platform configuration templates.

Inbound

443/TCP

HTTPS endpoint for the NXLog Platform user interface.

5515/TCP

Agent management.

5514/TCP

Ingestion of logs sent by agents.

Outbound

{53|custom}/TCP

{53|custom}/UDP

DNS services. Change the port number if you are running your organization’s DNS server on another port.

{25|465|587|custom}/TCP

SMTP port for sending NXLog Platform email notifications, such as new user invitations. Depending on your SMTP server, allow either port 25, 465, 587, or a custom port.

platform.nxlog.co:443/TCP

NXLog Customer Portal for customer registration and management of the customer’s organizations, subscriptions, and invoices.
NXLog Platform requires access to the Customer Portal to validate the active subscriptions and license usage.

nxlogacr.azurecr.io:443/TCP

*.blob.core.windows.net:443/TCP

Microsoft Azure Container Registry and Microsoft Azure Blob Storage.
Used for pulling the NXLog Platform container images from the NXLog container registry.

nxlog-artifacts-prod.fra1.digitaloceanspaces.com:443/TCP

nxlog-solution-pack-integration-bucket.fra1.digitaloceanspaces.com:443/TCP

DigitalOcean Spaces CDN.
Used for downloading the NXLog Platform and NXLog Agent installation packages and dynamically fetching the most recent versions of NXLog Platform configuration templates.

SMTP server requirements

Important NXLog Platform features such as creating user accounts and resetting account passwords rely on email. Ensure that you have the details of your organization’s SMTP server available, including network address, port number, and credentials in case of authenticated SMTP.

NXLog Platform supports plain-text, TLS/SSL, and STARTTLS SMTP communication. It uses a self-signed certificate for TLS. Ensure that your SMTP server accepts self-signed certificates or install an SMTP relay that does.

NXLog Agent compatibility

NXLog Platform currently supports the following NXLog Agent versions:

NXLog Agent 5.10 or later.
NXLog Agent 6.2 or later.

Consider regularly updating your agents, as each NXLog Agent version provides new features that improve the compatibility with NXLog Platform. For example, NXLog Agent 6.4 and later versions support auto-enrollment to NXLog Platform on installation, greatly simplifying the agent enrollment process.