DevOps remote access
If it does not violate the customer's IT security policy, you can give DevOps users remote access to VMs to install software. Remote DevOps users do not need elevated server rights. Open port 10933 on the VPN to facilitate remote software deployment to the VMs.
Updates and patch management
Updates to the virtualization system, hosts, or guests including operating system, anti-virus' and other base image software are the responsibility of the customer as defined by their security and service standards. Johnson Controls is responsible for security patches and updates to the Plant Optimizer software.
Plant Optimizer server requirements
- The number of plants included in the instance
- The size and complexity of the plants
- Whether a physical or virtual CPO-NAE is used to integrate the plant automation system.
- A web application server
- A database server
- A CPO-NAE server
Type of Deployment | VM use | VM OS | No. of VMs | Cores | CPU (GHz) | RAM (GB) | C: Drive (GB) | D: Drive (GB) |
---|---|---|---|---|---|---|---|---|
All on-premises sites | Plant Optimizer Web Application VM (UI + Web Service APIs) | Windows Server® 2019 or later | 1 | 8 | >2.5 | 32 | 100 | 100 |
SQL database VM |
SQL Server 2016, SQL Server 2017, SQL Server 2019 Enterprise (preferred) or Standard |
1 | 4 | >2.5 | 64 | 100 | 1000 | |
Virtual CPO-NAE (NAE85) only | CUPO-OAS or CUPO-NAE85 VM | Windows Server 2019 or later | 1 | 4 | >2.5 | 16 | 100 | 100 |
Metasys ADX | Metasys ADX |
Windows Server 2019 or later MS SQL Server 2016 Standard or MS SQL Server 2016 Enterprise |
1 | 4 | >2.5 | 32 | 100 | 1000 |
- For the Plant Optimizer Web Application VM, the number of cores and RAM size may vary based on number and size of plants.
- For SQL database VM and Metasys ADX, D: Drive size may vary based on the number and size of plants.
- ADX virtual server requirements only apply for new construction or brand new Metasys installation.
Windows server features | Windows server roles |
---|---|
.NET Framework
3.5 features
|
File and storage
services
|
.NET Framework
4.6 features
|
Web server
(IIS)
|
Message
queuing
|
Health and
diagnostics
|
|
Performance
|
SMB 1.0/CIFS File Sharing Support | Security
|
SNMP service
|
Application
development
|
Windows Defender
features
|
Management
tools
|
Windows
Powershell
|
|
Windows Process
Activation Service
|
|
WoW64 support |
Additional Windows component requirements | |
---|---|
.Net 6.0.19 or later is recommended |
SQL Server requirement | Additional detail |
---|---|
Ensure the most current SQL Server pack is installed. | Requires the latest service pack to be installed. |
Ensure SQL Server Always-On is applied. | Select the Availability Groups (AG) database option. Ensure the instance is named. |
Give database owner (DBO) rights to Johnson Controls engineers. | Johnson Controls engineers require DBO rights in application databases to configure the application schema. |
Set SQL Server collation to sql_latin1_general_cp1_ci_as.
|
sql_latin1_general_cp1_ci_as is the default American install setting for SQL Server collation. This enables the deployment of the database. |
Turn on Filestream enabled and broker enabled settings. | These settings are not turned on by default. |
Enable the Transactional File Stream setting. | Enable this setting to ensure that the SQL server functions correctly. |
Configure the SQL Server to require mixed-mode authentication. | Mixed-mode authentication is a security requirement. |
Apply elevated SQL rights to DevOps administrators during installation. | You can remove or reduce elevated rights after installation. |
SQL Server uses default port 1433. | Contact technical support (BTS-CPO-TechSupport@jci.com) if a different port is required. |