Skip to content

Overview and System Requirements

Last updated on Oct 31 2023.

Linux Server Version

When installing a Linux distribution on your server, please ensure that the Server version is installed and not the Desktop version. Any required software packages will be installed when the OVD component is installed. Do not manually install a Graphical User Interface for desktop use or an X window environment. Failing to follow these recommendations may lead to poor system performance.

OVD Session Manager (OSM)

This server is the central piece of an OVD server farm and is always required. It manages the session establishment from a client, hosts the administration console and provides centralized management of all the OVD server resources. The OSM should be installed prior to any other server.

Inuvika provides various Linux packages for installing the OSM on a Linux server. Inuvika does not provide a Windows installer version of OSM.

All of the following Operating Systems are supported:

  • RHEL 8 64-bit (for OVD version >= 3.3.0)
  • RHEL 7 / Centos 7 64-bit
  • Ubuntu 22.04 LTS server (Jammy Jellyfish) 64-bit (for OVD version >= 3.2.1)
  • Ubuntu 18.04 LTS server (Bionic Beaver) 64-bit
  • Ubuntu 16.04 LTS server (Xenial Xerus) 64-bit (for OVD version < 3.2)

Minimum hardware configuration:

  • CPU: 2 Cores recommended as a minimum
  • Memory: 4 GB recommended as a minimum
  • Storage: 20 GB
  • Network: 1 GB NIC (2 for failover)

OVD Administration Console (OAC)

This OAC provides a web-based service that allows administrators to configure the OVD farm.

Inuvika provides various Linux packages for installing the OAC on a Linux server. Inuvika does not provide a Windows installer version of OAC.

All of the following Operating Systems are supported:

  • RHEL 8 64-bit (for OVD version >= 3.3.0)
  • RHEL 7 / Centos 7 64-bit
  • Ubuntu 22.04 LTS server (Jammy Jellyfish) 64-bit (for OVD version >= 3.2.1)
  • Ubuntu 18.04 LTS server (Bionic Beaver) 64-bit
  • Ubuntu 16.04 LTS server (Xenial Xerus) 64-bit (for OVD version < 3.2)

Minimum hardware configuration:

  • CPU: 1 Core recommended as a minimum
  • Memory: 1 GB recommended as a minimum
  • Storage: 20 GB
  • Network: 1 GB NIC

OVD Application Server (OAS)

OVD Enterprise is an application and desktop delivery solution. The OAS in the OVD solution is the server that hosts and serves the end user applications and desktops. It is accessed from an OVD client using an enhanced Remote Display Protocol.

An Application Server can be either a Linux system or a Windows system depending on the type of applications and desktops you want to deliver. Of course, you can mix Linux and Windows machines in an OVD farm to deliver applications seamlessly to the end user from different application servers. The user load will be load-balanced by the OSM among the available application servers to provide a better distribution of server resources.

Windows

All of the following Operating Systems are supported:

  • Windows Server 2022 with Remote Desktop Services
  • Windows Server 2019 with Remote Desktop Services
  • Windows Server 2016 with Remote Desktop Services
  • Windows Server 2012 R2 with Remote Desktop Services and extended support
  • Windows 10 Enterprise/Pro (limited to one concurent session)
  • Windows 11 Enterprise/Pro (limited to one concurent session)

Important

Windows 10/11 support does not include publication of Universal Windows Platform applications. These applications can be installed/removed manually.

Minimum hardware configuration:

  • CPU: 4 cores recommended as a minimum
  • Memory: 8 GB recommended as a minimum
  • Storage: 50+ GB. High speed disks with RAID-1 (15krpm, SSDs or SAN disks).
  • Network: 1 GB NIC

Important

Inuvika does not recommend you use Windows Server Essentials because the Remote Desktop Session Host role may not be installed. The connection limit is set to only two concurrent users in this case.

Microsoft Remote Desktop Session Host (RDSH)

The Microsoft Remote Desktop Session Host (RDSH) role must be deployed, configured, and properly licensed. For more information about Microsoft Remote Desktop licensing, please visit the corresponding section of the official Microsoft documentation: Remote Desktop Licensing.

Important

The Windows server may run in a workgroup or be a member of an Active Directory domain but must not run as a domain controller.

Enabling Network Level Authentication (NLA) on Microsoft RDS is optional but strongly recommended.

Linux

All of the following Operating Systems are supported:

  • RHEL 8 64-bit (for OVD version >= 3.3.0)
  • RHEL 7 / Centos 7 64-bit
  • Ubuntu 22.04 LTS server (Jammy Jellyfish) 64-bit (for OVD version >= 3.2.1)
  • Ubuntu 18.04 LTS server (Bionic Beaver) 64-bit
  • Ubuntu 16.04 LTS server (Xenial Xerus) 64-bit (for OVD version < 3.2)

Minimum hardware configuration:

  • CPU: 4 cores recommended as a minimum
  • Memory: 8 GB recommended as a minimum
  • Storage: 50+ GB. High speed disks with RAID-1 (15krpm, SSDs or SAN disks).
  • Network: 1 GB NIC

Requirement for the nls_utf8 kernel module

The OVD Application Server requires the nls_utf8 kernel module to be installed on the system.

This module is installed by the distribution’s default Linux kernel. However, some cloud-based environments may provide their own custom Linux kernel and these kernels are not guaranteed to include nls_utf8.

Info

This section is not required when using a default Linux kernel. Typically linux-image-generic on Ubuntu.

To verify if the module is installed on the system, run the following command: 

#
modprobe nls_utf8

If the command returns an error, it means that the module is not installed. In this case, try the following alternatives:

  • Search if the module is provided by a package that can be installed.

    For example, when using Ubuntu's default kernels, the module is provided by the linux-modules-extra or linux-image-extra packages.

    Check if the kernel provides such extra packages: 

    #
    apt list "linux-*-$(uname -r)*"

  • Contact your Cloud provider to request the support of nls_utf8

  • Switch to a different kernel, such as the distribution's default kernel

OVD File Server (OFS)

Within OVD, the OFS provides a centralized file management system that enables users to access the same files independently of which application server is used to provide the application. OFS provides a network file system that the OAS Servers are able to access when users are running sessions. It is used to provide access to both user profiles, and data folders and files.

The OFS is available for Linux based servers only. In a small OVD server farm, the OFS may reside on the same physical machine as the OAS. In larger installations, the OFS would typically be installed on dedicated hardware.

All of the following Operating Systems are supported:

  • RHEL 8 64-bit (for OVD version >= 3.3.0)
  • RHEL 7 / Centos 7 64-bit
  • Ubuntu 22.04 LTS server (Jammy Jellyfish) 64-bit (for OVD version >= 3.2.1)
  • Ubuntu 18.04 LTS server (Bionic Beaver) 64-bit
  • Ubuntu 16.04 LTS server (Xenial Xerus) 64-bit (for OVD version < 3.2)

Minimum hardware configuration:

  • CPU: 2 cores (4 cores recommended)
  • Memory: 2 GB (4 GB recommended)
  • Storage: 100+ GB. High speed disks with RAID-1 (15krpm, SSDs or SAN disks).
  • Network: 1 GB NIC

OVD Web Access (OWA)

The OWA server is responsible for managing browser-based client sessions. This requires an HTML5 compliant browser on the client machine but no software needs to be installed on the client machine. The OVD session can be tunneled over an SSL session for secure data transmission.

For small installations, it is possible to install OWA on the same machine as the OSM. For larger installations it is recommended to install one or more OWA roles on separate servers and to load-balance the servers for optimal performance.

In this example, we are using web.test.demo as the OWA resource name.

Note

In addition, the OWA provides capabilities through a JavaScript API to integrate OVD with other web based applications. For further details on the API please refer to the Javascript Framework Guide available at https://docs.inuvika.com.

All of the following Operating Systems are supported:

  • RHEL 8 64-bit (for OVD version >= 3.3.0)
  • RHEL 7 / Centos 7 64-bit
  • Ubuntu 22.04 LTS server (Jammy Jellyfish) 64-bit (for OVD version >= 3.2.1)
  • Ubuntu 18.04 LTS server (Bionic Beaver) 64-bit
  • Ubuntu 16.04 LTS server (Xenial Xerus) 64-bit (for OVD version < 3.2)

Minimum hardware configuration:

  • CPU: 2 cores recommended as a minimum
  • Memory: 4 GB recommended as a minimum
  • Storage: 20 GB
  • Network: 1 GB NIC (2 for failover)

Enterprise Security Gateway

Important

OVD Enterprise Secure Gateway is an optional, albeit recommended component of OVD.

OVD uses several ports during the client session, mainly HTTPS (443) and RDP (3389). But in some cases, for example when the user is remote, a firewall would typically be configured to block access to the RDP port. The ESG tunnels all the OVD connections between the client and itself, over an HTTPS session. So from any location, users that have access to HTTPS (443), will also be able to start an OVD session.

The ESG also can be used to unify access to multiple OVD Application Servers by providing a single point of access to the clients.

Important

The ESG must be installed on a dedicated server.

All of the following Operating Systems are supported:

  • RHEL 8 64-bit (for OVD version >= 3.3.0)
  • RHEL 7 / Centos 7 64-bit (for OVD version < 3.4)
  • Ubuntu 22.04 LTS server (Jammy Jellyfish) 64-bit (for OVD version >= 3.2.1)
  • Ubuntu 18.04 LTS server (Bionic Beaver) 64-bit (for OVD version < 3.4)
  • Ubuntu 16.04 LTS server (Xenial Xerus) 64-bit (for OVD version < 3.2)

Minimum hardware configuration:

  • CPU: 2 cores (4 cores recommended)
  • Memory: 4 GB recommended as a minimum
  • Storage: 20+ GB
  • Network: 1 GB NIC

Firewall and Ports

OVD requires several ports to be open in order to support different server roles. Although specific commands are provided for each component (in their corresponding section), IT Administrators should review and verify all necessary firewall rules in order to prevent possible service disruptions.

Important

Instructions on how to configure your firewall for each of OVD roles are provided in Manual Installation Guide.

In case of OVD One Touch installation, rules are applied automatically.

Following diagram describes the communication between different OVD roles and corresponding port numbers.

OVD Ports

OVD Session Manager

  • Incoming traffic

    • TCP 443 (HTTPS): for communication with an end user's browser, OVD Administration Console, OVD Web Access and Enterprise Secure Gateway
    • TCP 1111 (HTTP): for communication with an OVD Application Server, OVD File Server and Enterprise Secure Gateway

  • Outgoing traffic

    • TCP 1112 (HTTP): for comunication with Enterprise Secure Gateway, OVD File Server and OVD Application Server

OVD Administration Console

  • Incoming traffic

    • TCP 443 (HTTPS) and/or TCP 80 (HTTP): for communication with an administrator's browser and the Enterprise Secure Gateway

      Note

      TCP 443 (HTTPS) will only be available if you chose to enable HTTPS access during Administration Console installation.

  • Outgoing traffic

    • TCP 443 (HTTPS): for communication with an OVD Session Manager

OVD Application Server

  • Incoming traffic

    • TCP 1112 (HTTP): for communication with the OVD Session Manager
    • TCP 3389 (RDP): for communication with the OVD Enterprise Secure Gateway, OVD Web Access and end user's browser

  • Outgoing traffic

    • TCP 1111 (HTTP): for communication with the OVD Session Manager
    • TCP 445 (CIFS): for communication with the OVD File Server

OVD File Server

  • Incoming traffic

    • TCP 1112 (HTTP): for communication with the OVD Session Manager
    • TCP 1113 (HTTP): for communication with an OVD Web Access
    • TCP 445 (CIFS): for communication with an OVD Application Server

  • Outgoing traffic

    • TCP 1111 (HTTP): for communication with the OVD Session Manager

OVD Web Access

  • Incoming traffic

    • TCP 1112 (HTTP): for communication with the OVD Session Manager (for OVD version >= 3.3.0)

    • TCP 443 (HTTPS) and/or TCP 80 (HTTP): for communication with an end user's browser and the Enterprise Secure Gateway

      Note

      TCP 443 (HTTPS) will only be available if you chose to enable HTTPS access during OVD Web Access installation.

  • Outgoing traffic

    • TCP 1111 (HTTP): for communication with the OVD Session Manager (for OVD version >= 3.3.0)
    • TCP 443 (HTTPS): for communication with an OVD Session Manager
    • TCP 3389 (RDP): for communication with an OVD Application Server
    • TCP 1113 (HTTP): for communication with an OVD File Server

OVD Enterprise Secure Gateway

  • Incoming traffic

    • TCP 1112 (HTTP): for communication with the OVD Session Manager
    • TCP 443 (HTTPS): for communication with an end user's browser

  • Outgoing traffic

    • TCP 3389 (RDP): for communication with an OVD Application Server
    • TCP 443 (HTTPS): for communication with an OVD Session Manager

    • TCP 443 (HTTPS) and/or TCP 80 (HTTP): for communication with an OVD Web Access and Administration Console

      Note

      TCP 443 (HTTPS) will only be available if you chose to enable HTTPS access during OVD Web Access installation and Administration Console installation.

    • TCP 1111 (HTTP): for communication with an OVD Session Manager

Warning

Before installing the ESG, ensure that no service is running on port TCP 443 (HTTPS).

Note

The above rules apply only to standard configurations. If you plan to use a different configuration (e.g. installing multiple OVD services on a single server), you may not need to apply all the rules described.

Security-Enhanced Linux (RHEL/CentOS only)

Security-Enhanced Linux (SELinux) is a Linux kernel security module that enhances the security of your system. In RHEL and CentOS distributions, SELinux is enabled by default and runs in enforcing mode.

OVD is fully compatible with SELinux, however every role needs set of SELinux rules to be applied. Instructions on how to configure various OVD roles are described in corresponding sections of Manual Installation Guide. If plan to use OVD One Touch Installation, rules are applied automatically.

To verify the status of SELinux on any node, run the following command: 

#
sestatus

The expected (and default) SELinux status is enabled, with current mode set to enforcing. If current mode is set topermissive, SELinux is running, but mandatory access control is not enforced. In that case, you might want to set the mode to enforcing:

  • Edit the /etc/selinux/config file and set the SELINUX variable to enforcing 
    SELINUX=enforcing

Important

If SELinux is disabled and you want to enable it, follow the official Red Hat documentation: Changing SELinux States and Modes.