Azure Stack Edge Pro FPGA system requirements

Important

Azure Stack Edge Pro FPGA devices will reach end-of-life in February 2024. If you are considering new deployments, we recommend that you explore Azure Stack Edge Pro 2 or Azure Stack Edge Pro GPU devices for your workloads.

This article describes the important system requirements for your Microsoft Azure Stack Edge Pro FPGA solution and for the clients connecting to Azure Stack Edge Pro FPGA. We recommend that you review the information carefully before you deploy your Azure Stack Edge Pro FPGA. You can refer back to this information as necessary during the deployment and subsequent operation.

The system requirements for the Azure Stack Edge Pro FPGA include:

  • Software requirements for hosts - describes the supported platforms, browsers for the local configuration UI, SMB clients, and any additional requirements for the clients that access the device.
  • Networking requirements for the device - provides information about any networking requirements for the operation of the physical device.

Supported OS for clients connected to device

The following list contains supported operating systems for use by clients or hosts connected to your device. These operating system versions were tested in-house.

Operating system/platform Versions
Windows Server 2012 R2
2016
2019
Windows 8, 10
SUSE Linux Enterprise Server 12 (x86_64)
Ubuntu 16.04.3 LTS
CentOS 7.0
Mac OS 10.14.1

Supported protocols for clients accessing device

Here are the supported protocols for clients accessing your device.

Protocol Versions Notes
SMB 2.X, 3.X SMB 1 isn't supported.
NFS 3.0, 4.1 Mac OS is not supported with NFS v4.1.

Supported storage accounts

Here is a list of the supported storage accounts for your device.

Storage account Notes
Classic Standard
General Purpose Standard; both V1 and V2 are supported. Both hot and cool tiers are supported.

Supported storage types

Here is a list of the supported storage types for the device.

File format Notes
Azure block blob
Azure page blob
Azure Files

Supported browsers for local web UI

The following list of browsers are supported for the virtual device's local web UI:

Browser Versions Additional requirements/notes
Google Chrome Latest version
Microsoft Edge Latest version
Internet Explorer Latest version If Enhanced Security features are enabled, you might not be able to access local web UI pages. Disable enhanced security, and restart your browser.
FireFox Latest version

Networking port requirements

Port requirements for Azure Stack Edge Pro FPGA

The following table lists the ports that need to be opened in your firewall to allow for SMB, cloud, or management traffic. In this table, in or inbound refers to the direction from which incoming client requests access to your device. Out or outbound refers to the direction in which your Azure Stack Edge Pro FPGA device sends data externally, beyond the deployment, for example, outbound to the internet.

Port no. In or out Port scope Required Notes
TCP 80 (HTTP) Out WAN No Outbound port is used for internet access to retrieve updates.
The outbound web proxy is user configurable.
TCP 443 (HTTPS) Out WAN Yes Outbound port is used for accessing data in the cloud.
The outbound web proxy is user configurable.
UDP 123 (NTP) Out WAN In some cases
See notes
This port is required only if you're using an internet-based NTP server.
UDP 53 (DNS) Out WAN In some cases
See notes
This port is required only if you're using an internet-based DNS server.
We recommend using a local DNS server.
TCP 5985 (WinRM) Out/In LAN In some cases
See notes
This port is required to connect to the device via remote PowerShell over HTTP.
TCP 5986 (WinRM) Out/In LAN In some cases
See notes
This port is required to connect to the device via remote PowerShell over HTTPS.
UDP 67 (DHCP) Out LAN In some cases
See notes
This port is required only if you're using a local DHCP server.
TCP 80 (HTTP) Out/In LAN Yes This port is the inbound port for local UI on the device for local management.
Accessing the local UI over HTTP will automatically redirect to HTTPS.
TCP 443 (HTTPS) Out/In LAN Yes This port is the inbound port for local UI on the device for local management.
TCP 445 (SMB) In LAN In some cases
See notes
This port is required only if you are connecting via SMB.
TCP 2049 (NFS) In LAN In some cases
See notes
This port is required only if you are connecting via NFS.

Port requirements for IoT Edge

Azure IoT Edge allows outbound communication from an on-premises Edge device to Azure cloud using supported IoT Hub protocols. Inbound communication is only required for specific scenarios where Azure IoT Hub needs to push down messages to the Azure IoT Edge device (for example, Cloud To Device messaging).

Use the following table for port configuration for the servers hosting Azure IoT Edge runtime:

Port no. In or out Port scope Required Guidance
TCP 443 (HTTPS) Out WAN Yes Outbound open for IoT Edge provisioning. This configuration is required when using manual scripts or Azure IoT Device Provisioning Service (DPS).

For complete information, go to Firewall and port configuration rules for IoT Edge deployment.

URL patterns for firewall rules

Network administrators can often configure advanced firewall rules based on the URL patterns to filter the inbound and the outbound traffic. Your Azure Stack Edge Pro FPGA device and the service depend on other Microsoft applications such as Azure Service Bus, Microsoft Entra Access Control, storage accounts, and Microsoft Update servers. The URL patterns associated with these applications can be used to configure firewall rules. It is important to understand that the URL patterns associated with these applications can change. These changes require the network administrator to monitor and update firewall rules for your Azure Stack Edge Pro FPGA as and when needed.

We recommend that you set your firewall rules for outbound traffic, based on Azure Stack Edge Pro FPGA fixed IP addresses, liberally in most cases. However, you can use the information below to set advanced firewall rules that are needed to create secure environments.

Note

  • The device (source) IPs should always be set to all the cloud-enabled network interfaces.
  • The destination IPs should be set to Azure datacenter IP ranges.

URL patterns for gateway feature

URL pattern Component or functionality
https://*.databoxedge.azure.com/*
https://*.servicebus.windows.net/*
https://login.windows.net
Azure Stack Edge / Data Box Gateway service
Azure Service Bus
Authentication Service
http://*.backup.windowsazure.com Device activation
http://crl.microsoft.com/pki/*
http://www.microsoft.com/pki/*
Certificate revocation
https://*.core.windows.net/*
https://*.data.microsoft.com
http://*.msftncsi.com
Azure storage accounts and monitoring
http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://wustat.windows.com
http://ntservicepack.microsoft.com
http://go.microsoft.com
http://dl.delivery.mp.microsoft.com
https://dl.delivery.mp.microsoft.com
http://*.ws.microsoft.com
https://*.ws.microsoft.com
http://*.mp.microsoft.com
Microsoft Update servers
http://*.deploy.akamaitechnologies.com Akamai CDN
https://*.partners.extranet.microsoft.com/* Support package
http://*.data.microsoft.com Telemetry service in Windows, see the update for customer experience and diagnostic telemetry
https://(vault-name).vault.azure.net:443 Key Vault

URL patterns for compute feature

URL pattern Component or functionality
https://mcr.microsoft.com

https://*.cdn.mscr.io
Microsoft container registry (required)
https://*.azurecr.io Personal and third-party container registries (optional)
https://*.azure-devices.net IoT Hub access (required)

URL patterns for gateway for Azure Government

URL pattern Component or functionality
https://*.databoxedge.azure.us/*
https://*.servicebus.usgovcloudapi.net/*
https://login.microsoftonline.us
Azure Stack Edge / Data Box Gateway service
Azure Service Bus
Authentication Service
http://*.backup.windowsazure.us Device activation
http://crl.microsoft.com/pki/*
http://www.microsoft.com/pki/*
Certificate revocation
https://*.core.usgovcloudapi.net/*
https://*.data.microsoft.com
http://*.msftncsi.com
Azure storage accounts and monitoring
http://windowsupdate.microsoft.com
http://*.windowsupdate.microsoft.com
https://*.windowsupdate.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://*.windowsupdate.com
http://download.microsoft.com
http://*.download.windowsupdate.com
http://wustat.windows.com
http://ntservicepack.microsoft.com
http://*.ws.microsoft.com
https://*.ws.microsoft.com
http://*.mp.microsoft.com
Microsoft Update servers
http://*.deploy.akamaitechnologies.com Akamai CDN
https://*.partners.extranet.microsoft.com/* Support package
http://*.data.microsoft.com Telemetry service in Windows, see the update for customer experience and diagnostic telemetry

URL patterns for compute for Azure Government

URL pattern Component or functionality
https://mcr.microsoft.com

https://*.cdn.mscr.com
Microsoft container registry (required)
https://*.azure-devices.us IoT Hub access (required)
https://*.azurecr.us Personal and third-party container registries (optional)

Internet bandwidth

The devices are designed to continue to operate when your internet connection is slow or gets interrupted. In normal operating conditions, we recommend that you use:

  • A minimum of 10-Mbps download bandwidth to ensure the device stays updated.
  • A minimum of 20-Mbps dedicated upload and download bandwidth to transfer files.

Compute sizing considerations

Use your experience while developing and testing your solution to ensure there is enough capacity on your Azure Stack Edge Pro FPGA device and you get the optimal performance from your device.

Factors you should consider include:

  • Container specifics - Think about the following.

    • How many containers are in your workload? You could have a lot of lightweight containers versus a few resource-intensive ones.
    • What are the resources allocated to these containers versus what are the resources they are consuming?
    • How many layers do your containers share?
    • Are there unused containers? A stopped container still takes up disk space.
    • In which language are your containers written?
  • Size of the data processed - How much data will your containers be processing? Will this data consume disk space or the data will be processed in the memory?

  • Expected performance - What are the desired performance characteristics of your solution?

To understand and refine the performance of your solution, you could use:

  • The compute metrics available in the Azure portal. Go to your Azure Stack Edge resource and then go to Monitoring > Metrics. Look at the Edge compute - Memory usage and Edge compute - Percentage CPU to understand the available resources and how are the resources getting consumed.

  • The monitoring commands available via the PowerShell interface of the device such as:

    • dkr stats to get a live stream of container(s) resource usage statistics. The command supports CPU, memory usage, memory limit, and network IO metrics.
    • dkr system df to get information regarding the amount of disk space used.
    • dkr image [prune] to clean up unused images and free up space.
    • dkr ps --size to view the approximate size of a running container.

    For more information on the available commands, go to Monitor and troubleshoot compute modules.

Finally, make sure that you validate your solution on your dataset and quantify the performance on Azure Stack Edge Pro FPGA before deploying in production.

Next step