Networking

Network Requirements

When the virtual appliance is started for the first time it will automatically try to acquire an IP address using DHCP. If it is able to successfully acquire an address, it will be displayed on the VM console along with the fallback IP address: 10.10.10.2. However, if there is no DHCP server available on the network only the 10.10.10.2 IP address will be displayed.

The 10.10.10.2 address is a fallback address enabling communication with the virtual appliance when no DHCP services are available. This address should be used temporarily to set a static IP address if no DHCP is available. To do this, ensure that the client connecting to this address is on the same network by assigning it a suitable IP address (e.g. 10.10.10.3/24).

Note: The appliance uses three internal networks:

  • docker_gwbridge - 10.254.0.0/22
  • ingress - 10.254.4.0/25
  • docker0 - 10.254.4.128/25

You need to ensure that any network you use does not have an IP address conflict with anything in the range: 10.254.0.0 to 10.254.4.255.

Configure Static IP

The virtual appliance can be configured to work on any IP network.

Setting a static IP requires three parameters: the IP address, subnet mask and default gateway. You set the static IP address like this:

curl -L -X POST "http://${APPLIANCE_HOST}:8080/v1/management/host/setipaddress" \
   -H 'Accept: application/json' \
   -H 'Content-Type: application/json' \
   -d '{
       "address": "192.168.128.160",
       "netmask": "255.255.255.0",
       "gateway": "192.168.128.1"
    }' \
   | jq

Note: Once the POST is sent, the virtual appliance will automatically reboot. Check the console (or make an API call) to verify the new IP address has taken affect.

Configure DHCP

You can also change back to using DHCP. Before undertaking this, ensure the network the virtual appliance is on has DHCP enabled.

curl -L -X POST "http://${APPLIANCE_HOST}:8080/v1/management/host/setdhcp" \
  -H 'Accept: application/json'

NOTE: once submitted, the virtual appliance will automatically reboot. Check the console to verify the new IP address has taken affect.

Firewall Ports

There are several firewall rules that may need to be enabled to ensure the communication can be made to the virtual appliance:

  • 8080/TCP - Used for the Management API to manage the virtual appliance
  • 3000/TCP - Monitoring API
  • 8082/TCP - Speech API for submitting jobs (Batch Appliance only)
  • 9000/TCP - WebSockets Speech API for submitting jobs (Realtime Appliance only)
  • 443/TCP - HTTPS access to the above APIs

Using Proxies

If the network that you are deploying your appliance into does not have a direct route to the Internet, you may need to use a proxy server in order to talk to the cloud-based license service. See the relevant section in Licensing (below) for details on how to set this up.