System Requirements

This section provides information on what's required to run Commander in evaluation, regular, and enterprise environments.

Software requirements

Virtualization and Cloud Platforms Supported

  • Amazon Web Services
  • Google Cloud Platform
  • Kubernetes
  • Microsoft Azure
  • Microsoft® Hyper-V managed by System Center Virtual Machine Manager (SCVMM) 2016 or 2019. To manage SCVMM, Commander must be running on Windows 2016 or later.
  • VMware Cloud on AWS

    VMware Cloud on AWS is a service that allows you to migrate, provision and run your vSphere environment on AWS hardware. Commander can manage vCenter running on VMware Cloud on AWS.

  • VMware vSphere 8.0, 7.0, 6.7, 6.5
  • Azure Stack HCI VMM nodes managed by SCVMM.

Operating Systems Supported for Commander Installation

  • Microsoft Windows Server 2022
  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2016

Languages Supported

  • English
  • Korean (Service Portal only).

Databases Supported

  • Microsoft SQL Server 2019 (recommended) (Note that you must use SQL Server 2019 or later if you plan to provide language options in the Service Portal.)
  • Microsoft SQL Server 2017
  • Microsoft SQL Server 2016
  • PostgreSQL (default)(Note that you must ensure your database is UTF-8 encoded if you plan to provide language options in the Service Portal.)(If you're using PostgreSQL, for table sorting to work correctly when using a language other than English, administrators need to install Commander on a machine that’s set to US English in the underlying operating system. Sorting will be based on the windows operating system locale at the time of the installation.)

    PostgreSQL is included with Commander for use with evaluation environments only.

Browsers Supported

  • Mozilla Firefox latest version (recommended)
  • Google Chrome latest version (recommended)
  • Microsoft Edge latest version
  • Commander and the Service Portal don't support multiple connections in the same browser. Use a different browser to open another session.

Network

  • Gigabit Ethernet minimum

Licensing

  • For more information about licensing, refer to the terms in your license agreement or contact Support.

Hardware requirements

The following table provides Commander deployment tiers based on typical use for on premise and public cloud Commander installations. Note that a Commander instance must be deployed on its own server independent from other applications and services.

See Scaling Required Hardware for more deployment details. You can also create a case through the Snow Support Portal to discuss requirements if you have any questions or unique configurations.

On premise deployment sizing

Sizing Profile

Base Requirements

Evaluation

A deployment to evaluate Commander's feature set.

It should contain fewer than 1000 VMs and have fewer than five concurrent users, with infrequent reporting. It shouldn't grow significantly beyond original occupancy, and it's not expected to be upgraded to production.

Application Server
  • 2 vCPU /Dual Core
  • 8.0 GB memory
  • Approximately 1.0 GB disk space (application installation)
Database
  • Minimum 6.0 GB disk space for the database
  • 6.0 GB memory for Postgres or SQL
  • Microsoft SQL 2019 Standard Database server is recommended

Regular

A deployment for production environments with fewer than 1500 VMs, supporting fewer than 30 concurrent users, with frequent reporting.

Application
  • 2 vCPU /Quad Core
  • 8.0 GB memory
  • Approximately 2.0 GB disk space (application installation)
Database
  • Minimum 10 GB of disk space for the database
  • 12.0 GB of memory
  • Dedicated Microsoft SQL 2019 Standard
  • For larger deployments — a DB data file (mdf) and log file (ldf) stored on separate disks

Enterprise

A production deployment for dynamic environments with more than 1500 VMs, supporting more than 30 concurrent users, with frequent reporting.

Application
  • 2 to 4 vCPU /Quad Core
  • 12.0 GB memory (or greater)
    • More memory may be required for more complex environments with larger numbers of cloud accounts, instances, users, etc.

  • 4.0 GB free disk space
Database
  • Minimum 12 GB of memory
  • Dedicated Microsoft SQL 2019 Standard
  • Minimum 20.0 GB free disk space (data partition)

AWS deployment sizing

Sizing ProfileBase Requirements

Evaluation

A deployment to evaluate Commander's feature set.

It should contain fewer than 1000 VMs and have fewer than five concurrent users, with infrequent reporting. It shouldn't grow significantly beyond original occupancy, and it's not expected to be upgraded to production.

Application
  • EC2 instance t2.xlarge
  • Windows Server 2019
  • 1GB of free disk space for the application
Database
  • RDS SQL instance - db.t2.Medium
  • SQL Server 2019 Standard
  • Minimum 6.0 GB free disk space for the database

Regular

A deployment for production environments with fewer than 2500 VMs, supporting fewer than 30 concurrent users, with frequent reporting.

Application
  • EC2 instance t3.xlarge
  • Windows Server 2019
  • Minimum 2.0 GB of free disk space
Database
  • DB instance db.t2.Large
  • SQL Server 2019 Standard
  • Minimum 10.0 GB of free storage for the database

Enterprise

A production deployment for dynamic environments with more than 2500 VMs, supporting more than 30 concurrent users, with frequent reporting.

Application
  • EC2 instance c5.2xlarge
    • Larger instance sizes may be required for more complex environments with larger numbers of cloud accounts, instances, users, etc.
  • Windows Server 2019
  • Minimum 4.0 GB free disk space
Database
  • RDS instance db.m5.Xlarge
  • SQL Server 2019 Standard
  • Minimum 20.0 GB disk space (data partition) for the database

Azure deployment sizing

Sizing Profile

Base Requirements

Evaluation

A deployment to evaluate Commander's feature set.

It should contain fewer than 1000 VMs and have fewer than five concurrent users, with infrequent reporting. It shouldn't grow significantly beyond original occupancy, and it's not expected to be upgraded to production.

Application
  • Instance Standard_DS11_v2
  • Windows Server 2019
  • Minimum 1.0 GB free disk space
Database
  • Minimum 6.0 GB disk space for the database
  • Postgres or SQL installed on an instance
  • SQL Server 2019 Standard is recommended
  • Azure-managed SQL instance is currently unsupported

Regular

A deployment for production environments with fewer than 2500 VMs, supporting fewer than 30 concurrent users, with frequent reporting.

Application
  • Instance Standard_DS3_v2
  • Windows Server 2019
  • Minimum 2.0 GB free disk space
Database
  • Minimum 10.0 GB disk space for the database
  • Postgres or SQL installed on an instance
  • SQL Server 2019 Standard is recommended
  • Azure-managed SQL instance is currently unsupported

Enterprise

A production deployment for dynamic environments with more than 2500 VMs, supporting more than 30 concurrent users, with frequent reporting.

Application
  • Instance Standard_D4s_v3
  • Windows Server 2019
  • Minimum 4.0 GB free disk space
Database
  • Minimum 20.0 GB disk space for the database
  • SQL installed on an instance
  • SQL Server 2019 Standard is recommended
  • Azure-managed SQL instance is currently unsupported
  • For larger deployments — a DB data file (mdf) and log file (ldf) stored on separate disks

VM Access Proxy hardware requirements

The optional Commander VM Access Proxy allows you to secure your virtualized infrastructure behind a firewall while still permitting your users secure console, RDP, VNC, and SSH access to their VMs. For information on how to install and configure the VM Access Proxy, see Set Up VM Access Proxies. If you are currently using a version 3.0 - 3.7 VM Access Proxy, it's highly recommended that you upgrade. For more information, see Upgrade Commander VM Access Proxy.

Minimum requirements:

  • Dedicated 64-bit Linux machine

    Running the VM Access Proxy version 3.10 in a container hosted on Ubuntu Linux 20.04 is the only distribution and version fully supported by Snow Software. Errors may occur if other distributions don't have the required packages in the same locations.

  • Version 3.10 or higher of the Linux kernel
  • iptables version 1.4 or higher
  • Docker engine 18.09+
  • Docker-compose tool 1.8.0+
  • 2 CPUs

    The more CPUs available, the more concurrent connections the VM Access Proxy can handle.

  • 2 GB memory
  • 10 GB disk space
  • Time synchronization using either an NTP server or vCenter host

Network requirements

The following ports are used by the various Commander components. You configure some of these ports during installation, and you can also configure ports after installation using the Snow Commander Control Panel. Certain ports can be configured only through a system property. For more information, create a case through the Snow Support Portal.

IMPORTANT: To protect the security of the Commander system, all ports must be firewalled, with the exception of ports that are required to be inbound.

Where the direction is outbound, this implies a corresponding inbound connection to the target.

Network Requirements - Basic Operations

Connection

Ports

Protocol

Direction

Description

Commander Web Server

443

TCP

Inbound

Access to Commander, Service Portal and Commander API.

Commander Microsoft SQL Server

1433

TCP

Outbound

Access to the Commander database. Additional ports may be required depending on the configuration of your SQL server. For more information, see the Configuration Based Requirements for Microsoft SQL article in Snow Globe.

vCenter

443

TCP

Outbound

Communications with individual vCenters or their external Platform Services Controllers.

vCenter Hosts

443

TCP

Outbound

Access to the vCenter hosts for VM Guest OS file copy operations.

Amazon Web Services

443

TCP

Outbound

Communications with Amazon Web Services API.

Microsoft Azure

443

TCP

Outbound

Communications with Microsoft Azure API.

Google Cloud Platform

443

TCP

Outbound

Communications with Google Cloud Platform API.

Linux Guest OS Commands

22

TCP

Outbound

Access to Linux VMs for issuing SSH commands.

This port isn't required in a VMware environment with VMware tools installed. For AWS and Azure Instances install the appropriate “Run Command” plugin from our plugins library. Go to https://github.com/Embotics/Plug-in-Workflow-Steps.

Datastore Scanning

443

TCP

Outbound

Access to VMware hosts through HTTPS to collect file layout.

Legacy Datastore Scanning

22

TCP

Outbound

Access to VMware hosts through SSH to collect file layout. Only used when HTTPS access is not available.

Currency Service

8199

TCP

Outbound

Communications with the European Central Bank API to retrieve the 31 supported currency exchange rates.

Terraform Service

8299

TCP

Inbound

Communications with Terraform Cloud/Enterprise.

Network Requirements - Authentication

Connection

Ports

Protocol

Direction

Description

Kerberos Key Distribution Center

88

TCP

Outbound

Access to authenticate against an Active Directory or LDAP server.

Active Directory Domain Controller for Remote LDAP Traffic

389

TCP

UDP

Outbound

Access to authenticate against an Active Directory or LDAP server.

Active Directory Domain Controller for Remote Global Catalog Traffic

3268

TCP

Outbound

Access to query the global catalog of an Active Directory or LDAP server.

Active Directory Domain Controller for Remote Secure LDAP Traffic

636

TCP

Outbound

Access to authenticate against a secure Active Directory or a secure LDAP server.

Active Directory Domain Controller for Remote Secure Global Catalog Traffic

3269

TCP

Outbound

Access to query the global catalog of a secure Active Directory or secure LDAP server.

Identity Service

8042

TCP

Outbound

Access to authenticate for identity management by interacting and synchronizing with LDAP and Active Directory.

Network Requirements - Optional

Connection

Ports

Protocol

Direction

Description

Splunk Server

8089

TCP

Outbound

Communications with Splunk server for retrieval of guest OS performance metrics.

BlueCat™ Server

80

TCP

Outbound

Communications with BlueCat™ IP address management server for addressing assignments.

Network Requirements - Client Connections

All of these connections go from the client browser to the respective servers.

Connection

Ports

Protocol

Direction

Description

VM Access (Remote Desktop)

3389

TCP

Inbound

Access to remote control VMs using RDP.

VM Access (Virtual Network Computing)

5900

TCP

Inbound

Access to remote control VMs using VNC.

VM Access Console - WebMKS (HTML5)

9443

TCP

Inbound

Access to remote control VMs using WebMKS Console.

VMware Console - Plug-in

443 (vCenter)
902 (ESX)

TCP

Inbound

Access to remote control VMs using VMware Remote Console (VMRC) Plug-in.

Network Requirements - Advanced Configuration

Connection

Ports

Protocol

Direction

Description

VM Access Proxy Appliances - Web Server

443

TCP

Inbound

Publishing listener for WebMKS open console sessions.

VM Access Proxy Appliances - Web Server

8443

TCP

Inbound

Publishing listener for RDP, VNC, SSH and plug-in-based open console sessions.

VM Access (Hyper-V Console)

2179

TCP

Outbound

Access to remote control VMs using the Hyper-V console.

Local Service Requirements

Connection

Ports

Protocol

Direction

Description

Currency Service

8199

TCP

Local

Communications with the European Central Bank API to retrieve the 31 supported currency exchange rates.

Identity Service

8042

TCP

Local

Communications with Active Directory for authentication.

Terraform Service

8299

TCP

Local

Communications with Terraform Cloud/Enterprise.

RabbitMQ

5672

TCP

Local

Communications with RabbitMQ.

Installation architecture

The following diagram shows the typical architecture of an on-premise Commander installation. For information on the recommended architecture for public cloud installation, see Deploy Commander in AWS.

Snow Commander Architecture Diagram

Required administrative accounts

Commander requires an administrative account on each cloud account. The account must have full administrative access on the entire cloud account. Administrator privileges are required for a number of functions that Commander performs, including retrieving VM and infrastructure information, managing VM identity, powering VMs on and off, and other policy actions.

We recommend that you create a uniquely identifiable administrative account on each cloud account. Creating a unique account name allows you easily to track Commander commands sent to the cloud account by Commander or by Commander users.

When configuring an Amazon Web Services (AWS) cloud account, if you can't create an administrative account with the required permissions, you can create an IAM policy as an alternative. For more information, see IAM policy. For more information about best practices for configuring and managing AWS cloud accounts, see Deploy Commander in AWS.

Commander doesn't make use of VMware's Linked Mode feature. Commander communicates with each vCenter directly.

Third-party integrations

 

The following table lists standard third-party integrations for Commander.

Category

Integration

Authentication

Active Directory®

LDAP

SAML2 WebSSO

Windows SSO

Configuration Management and Software Deployment/Automation

Chef™

Puppet™ Enterprise

Terraform

IPAM

BlueCat™ IPAM

Application Monitoring

Splunk®

Notification

SNMP 2

SMTP

Workflow Automation

Commander API

For non-standard third-party integrations, you must download additional components such as scripts, workflow plug-in steps, or workflow modules for use with Commander. For more information about other supported third-party integrations, and the additional components required, see the Snow Software Cloud Management Integrations GitHub page.


In testing its products, and in particular their interactions with other vendors' products (e.g., Microsoft Windows, SQL Server), Flexera uses default installations of the supported versions and editions of these third-party products, configured as per the Snow System Requirements document.

Many of these third-party products offer additional features and configuration options. Please refer to each third-party product's documentation for details.

These additional third-party product features and configurations are not tested by Snow for compatibility purposes, and unless otherwise stated might have an impact on the functionality and performance of Snow products.

Flexera products may not operate in accordance with the applicable Flexera product documentation in environments where these additional third-party features and configurations are implemented.

For these reasons, any implementation of such additional third-party product features and configurations must be validated by the installation's technical owner(s) on a case-by-case basis and implemented under their responsibility.

As best practices would suggest, a preliminary implementation on an expendable test environment and a complete backup and restore strategy are highly recommended before any such implementation of third-party product features.