Getting started on hosting FootfallCam™ Solution
Introduction
Besides connecting your FootfallCam™ Devices to FootfallCam™ Cloud Servers, you can choose to host FootfallCam™ Solution into your on-premise servers. This option enables you to further securely store and complete control of data in their own premises, with the same methodology and functionality as the Cloud Servers provided by FootfallCam™.
Requesting for FootfallCam™ Server Installation Service
FootfallCam™ Solution installation and setup can only be done by our FootfallCam™ Technical Specialists. Hence, you are required to order a Software Installation Service from us with one-off installation fee.
Below are the overall steps on deploying FootfallCam™ on-premise server on client site.
STEP 1 - Identify/consult FootfallCam™ on on-premise server requirements and prepare server(s).
STEP 2 - Order Software Installation Service and submit Server Installation Form to sales@footfallcam.com.
STEP 3 - FootfallCam™ to schedule and verify server hardware/network requirements.
STEP 4 - FootfallCam™ to schedule and perform Software Installation session.
STEP 5 - Setup account and bind devices in FootfallCam™ Analytic Manager in their server(s).
Payment must be made before FootfallCam™ performs the server inspection and software installation. You must ensure the server(s) met the mentioned requirements in the remaining article below unless consulted with FootfallCam™ Technical Specialists.
It will take approximately 4 hours to complete the software installation depending on network conditions.
Overview of hosting FootfallCam™ Solution
To host FootfallCam™ Solution on-premise, you are required to prepare 2 server instances for hosting whole FootfallCam™ Solution: -
- Microsoft Windows Server 2016+ (Primary Server)
- Ubuntu Server 20.04 (Secondary Server)
At the highest level, there are 4 major components that forms FootfallCam™ Solution, which is shown in the diagram and table below:
| Component | Description | Compatible OS |
| FootfallCam™ Analytic Manager V9 |
A core web application that allows user to view & generate analytics report, site & device management, and integration in accordance with user's needs into their own system, with addition of user access control, API ready for Import and Export. |
Windows Server |
| Microsoft SQL Database | Stores configuration data, user access data, and log data for FootfallCam™ Analytic Manager V9. | Windows Server |
| Real Time Data Engine |
A collection of services that uses Apache Technologies to communicate, collect, process, and aggregate event-driven data from FootfallCam™ Devices via Websocket protocol, and output information to Druid Database. |
Ubuntu Server |
Preparing your servers
Choosing the right platform to host FootfallCam™ Solution
There are many cloud providers that can fulfill the requirement on hosting FootfallCam™ Solution, such as Amazon AWS, Microsoft Azure, Google Cloud, OVH Cloud, and many more, depending on the availability in your country or region.
You may also choose to host FootfallCam™ Solution with your own on-premise servers with private network. Be sure to fulfill the network requirements, which you can learn more in Appendix A - Self-hosting Server Deployment Examples.
System Requirements
A correct servers' specification is important to ensure the FootfallCam™ Solution is running reliably and consistently without compromised performance. Table below shows the system requirements for hosting FootfallCam™ Solution, corresponding to the number of FootfallCam™ Devices being supported: -
| Item / Size | Small | Medium | Large |
| FootfallCam™ Devices Count | Up to 100 devices | Up to 500 devices | Up to 1000 devices |
| PRIMARY SERVER | |||
| CPU | 8 Cores 64-bit | 12 Cores 64-bit | 16 Cores 64-bit |
| Memory | 32GB or above | 64GB or above | 128GB or above |
| Storage** | 500GB or above | 1TB or above | 2TB or above |
| Operating System | Windows Server 2012 Standard or above | ||
| SQL Server License | Microsoft SQL Server 2016 or above (Standard or Enterprise Edition) | ||
| SECONDARY SERVER | |||
| CPU | 16 Cores 64-bit | 24 Cores 64-bit | 32 Cores 64-bit |
| Memory | 128GB or above | 256GB or above | 512GB or above |
| Storage** | 1TB or above | 2TB or above | 3TB or above |
| Operating System | Ubuntu Server 20.04 LTS | ||
We recommend you to deploy Solid State Drive (SSD) as the server storage for the best performance, which is about 20x faster than a conventional Hard Disk Drive (HDD) with better I/O throughput in a long run.
The above shows the conventional way to host FootfallCam™ Solution with 2x standard servers / instances, disregard of which platform you have chosen. To learn more about other ways to host FootfallCam™ Solution, you are recommended to read Appendix A before deciding how you are going to deploy your servers.
If you'd like to have more advanced on-premise infrastructure (e.g. High Availability, Scalable, etc.), or have any other inquiries on hosting custom on-premise servers, please contact [email protected] and consult our technical specialists to discuss on your requirements.
Network Configuration
As servers are hosted within a private network, depending on your project requirements, we can split into 4 general scenarios:
-
Servers and FootfallCam™ Devices are connected in the same network.
-
Servers and FootfallCam™ Devices are connected in the same location, but different subnets.
-
Servers and FootfallCam™ Devices requires Internet Connectivity between each other.
-
Servers and FootfallCam™ Devices are connected via established VPN network.
Server Address must be configured within the devices correctly to the Primary Server according to which scenario your servers are hosted in.
To learn how to change where the devices connected to, please refer to the article FootfallCam™ Device Installation Guide - Chapter 3: Device Configuration
1 - Servers and FootfallCam™ Devices are connected in the same network
In this example, both servers and FootfallCam™ Devices are in the same network and subnet. You can connect the devices directly to the servers via the IP Address given in the network.
You are required to manually enter the correct Server Address in each device's settings as, in this example, "http://192.168.1.11" (Primary Server IP Address). As for the Secondary Server, FootfallCam™ Devices will automatically acquire the server address from Primary Server, which will be pre-configured during the software installation process.
2 - Servers and FootfallCam™ Devices are connected in the same location, but different subnets
If your servers and devices are located in the same location, but with different subnet due to the existing infrastructure or network policy on held, you are required to configure your network such that the devices is able to reach both Primary and Secondary servers.
i. Port forwarding
Port forwarding or equivalent networking maneuvers must be done in order to successfully establish connection between devices and servers through the provided NAT or subnet routers. For this instance, the port forwarding rules must be configured as followed:
| Rule Name | External Port | Internal IP Address | Internal Port |
| Subnet_1_to_Primary_Server | 8873 | 192.168.10.11 | 8873 |
| Subnet_1_to_Secondary_Server | 8080 | 192.168.10.12 | 8080 |
ii. Devices configuration
After setting up the port forwarding rules, you can manually enter the correct Server Address in each device's settings as, in this example, "http://192.168.10.11" (Primary Server IP Address). As for the Secondary Server, FootfallCam™ Devices will automatically acquire the server address from Primary Server, which will be configured during the software installation process.
3 - Servers and FootfallCam™ Devices requires Internet connectivity between each other
The networks on both devices and servers are different and can only be communicated via Internet connection. Compared to the previously mentioned network configuration, there are several things that needs to be done to ensure the connections can be established between devices and servers.
i. Getting a domain hostname from DNS or DDNS Provider
Normally, your Internet connection should have provided a Public IP address, which allows external network to recognize your network location. With the help of a Domain Name System (DNS) hostname which can be acquired from a provider of your choice (E.g. Cloudflare or Fasthosts), and create the following A records shown below: -
| Type | Name** | Target Server | TTL |
| A record | portal.ffc.mydomain.com | <<Public IP provided by your ISP>> | Auto |
| A record | ws.ffc.mydomain.com | <<Public IP provided by your ISP>> | Auto |
You can create any Name that align to your requirements, as long as there are hostnames that are reachable to both Primary and Secondary Servers.
In addition, most ISP will only provide dynamic Public IP address, which will be a hassle when your ISP decided to change your Public IP address at anytime.
To tackle this, you are required to get a Dynamic Domain Name System (DDNS) hostname that will refresh your IP address whenever it changes. We recommend to subscribe to a provider such as NO-IP.
After getting a hostname from the provider, you can login to your DDNS account through your supported router or a client application provided to make sure the hostname keep pointing to your latest public IP address.
Please refer to your DDNS provider's instruction on how to setup DDNS feature for your network.
ii. Port forwarding
The port forwarding rules must be configured as followed:
| Rule Name | External Port | Internal IP Address | Internal Port |
| External_to_Primary_Server | 8873 | 192.168.10.11 | 8873 |
| External_to_Secondary_Server | 8080 | 192.168.10.12 | 8080 |
iii. Devices configuration
After setting up the port forwarding rules, you can manually enter the correct Server Address in each device's settings as, in this example, "http://portal.ffc.mydomain.com:8873" (Primary Server Hostname). As for the Secondary Server, FootfallCam™ Devices will automatically acquire the server address from Primary Server, which should configured during the software installation process.
4 - Servers and FootfallCam™ Devices are connected via established VPN network
If your infrastructure wanted to or has deployed a VPN networks across multiple sites, depending on your network configuration, make sure the devices are able to reach both servers.
In this instance, there is an existing VPN networks deployed, with a few sites and the servers connected to in a given subnet 172.16.0.0/16. You can manually enter the correct IP address in each device's settings as, in this example, "http://172.6.1.1:8873" (Primary Server Hostname). As for the Secondary Server, FootfallCam™ Devices will automatically acquire the server address from Primary Server, which should configured during the software installation process.
To ensure the solution is functional across the network, please refer to 26.2.3.3 Firewall Rules and make sure your network meets the given requirements.
Networking Requirements
Servers with Public Network
If your servers are hosted in major Cloud Provider such as Amazon AWS, Microsoft Azure, Google Cloud, or OVH, you'll most likely acquire a Public IP Address, which will come in handy in connecting FootfallCam™ Devices to both servers via Internet Connection, as well as providing ease of access for end users to login into the portal.
You are encouraged to acquire a Domain Name from a DNS Provider such as Cloudflare or Fasthosts, and create the following A records shown below: -
| Type | Name** | Target Server | TTL |
| A record | portal.ffc.mydomain.com | <<Primary Server Public IP Address>> | Auto |
| A record | ws.ffc.mydomain.com | <<Secondary Server Public IP Address>> | Auto |
You can create any Name that align to your requirements, as long as there are hostnames that are reachable to both Primary and Secondary Servers.
To further secure you servers, you are also encouraged to setup Firewall within your servers or your server provider platform, whichever is available. Be sure to fulfill the Firewall Rules listed in section 26.2.3.3.
FootfallCam will also require to remote access your servers during software installation, maintenance, update, and technical support, you are required to provide remote access for FootfallCam, which you will learn more later in section 26.3.2.
Servers in Private Network
If your servers are hosted in your own premises, with private network that is not accessible by public Internet connection, there are several methods to ensure the connectivity between FootfallCam Devices, both of your servers, and to FootfallCam Central Servers are able to establish:
- Setup NAT or Port forwarding to both Primary and Secondary Servers (For devices accessing from external network).
- Implement VPN Solution in every required location (E.g. Fortinet).
Make sure to fulfill the Firewall Rules listed in section 26.2.3.3.
FootfallCam will also require to remote access your servers during software installation, maintenance, update, and technical support, you are required to provide remote access for FootfallCam, which you will learn more later in section 26.3.2.
Firewall Rules
To ensure FootfallCam™ Solution is fully functional in on-premise environment, you are required to fulfill configure the following network requirements: -
INBOUND FIREWALL RULES
| Source | Destination | Port and Protocol | Purpose |
| FootfallCam™ Devices, Secondary Server, End User |
Primary Server |
8873 (HTTP) 8874 (HTTPS)** |
|
|
8881 (HTTP) 8882 (HTTPS)** |
|
||
| FootfallCam™ Devices |
Secondary Server |
8080 (WS/WSS**) | Allows FootfallCam™ Device(s) to upload Space Occupancy data to the server. |
| Primary Server | 22 (SSH) | Allows SSH terminal connection for FootfallCam™ Technical Personnel to perform software installation and maintenance when required. | |
| 8081 (HTTP/HTTPS**) | Allows Primary Server to communicate with secondary server for Live-data synchronization to Analytic Manager and configuration update. | ||
| Ubuntu Archive |
Secondary Server |
8080 (HTTP) 8443 (HTTPS) |
Allows Secondary Server to connect http://archive.ubuntu.com/ubuntu to able to get the ubuntu archive files. |
| Docker Download |
Secondary Server |
8080 (HTTP) 8443 (HTTPS) |
Allows Secondary Server to download Docker installer and install Docker. |
| Apache Archive |
Secondary Server |
8080 (HTTP) 8443 (HTTPS) |
Allow Secondary to download Hadoop Package. |
You may choose to implement SSL connections by preparing SSL Certificate and a Domain Name prior to proceeding Software Installation Service. You are required to notify FootfallCam™ by:
- Mention the requirement in Server Installation Form.
- Emailing us at [email protected] (Post-server installation).
OUTBOUND FIREWALL RULES
|
Source |
Destination |
Port |
Purpose |
|
Primary Server, |
145.239.4.218 |
80 (HTTP) 443 (HTTPS) |
To allow FootfallCam™ Analytic Manager in on-premise servers to communicate with FootfallCam™ Central Servers for the purpose of:
|
|
91.109.10.77 |
To allow FootfallCam™ Analytic Manager in on-premise servers to communicate with FootfallCam™ Central Servers for the purpose of:
|
||
|
51.89.155.156 |
To allow FootfallCam™ Analytic Manager in on-premise servers to communicate with FootfallCam™ Central Servers for the purpose of:
|
If you are going to host FootfallCam™ Solution in a private network, do make sure your firewall rules are able to fulfill the following checklist:
- FootfallCam™ Devices are able to communicate with both Primary and Secondary Servers.
- Communication between Primary and Secondary Servers can be established.
Failing to comply with the network requirements above will affect the automated processes offered by FootfallCam™ such as:
- FootfallCam™ may not able to complete the Verification process within the given SLA.
- FootfallCam™ may not able to provide proactive support such as monitoring the server(s) health check, services status, data health check, and devices health check.
- FootfallCam™ Analytic Manager hosted in on-premise server may not be able to receive latest patches and security updates.
- FootfallCam™ may not be able to perform daily backup on the data from client's on-premise database and configuration.
Public Cloud Hosting
Beside on-premise hosting, you may choose to host our FootfallCam™ Solutions onto Public Cloud Servers. There are several well-known public cloud providers that has great reputation and functionalities which will fulfill your project requirements:
- Amazon AWS
- Microsoft Azure
- Google Cloud
- OVH Cloud
- Linode
i. Prepare your servers
You may choose the server type base on the availability and the location of the chosen providers, such as Virtual Private Server (VPS), Dedicated Server, and many more, as long as your procured servers must adhere to our system requirements and network requirements, which you can learn all from 26.2.2 System Requirements and 26.2.3 Networking Requirements.
ii. Getting a domain hostname from a DNS Provider
Normally, your Internet connection should have provided a Public IP address, which allows external network to recognize your network location. With the help of a Domain Name System (DNS) hostname which can be acquired from a provider of your choice (E.g. Cloudflare, Fasthosts or Namecheap), and register to your preferred platform such as Amazon Route 53, Cloudflare, Fasthosts or equivalent. Create the following A records shown below: -
| Type | Name** | Target Server | TTL |
| A record | portal.ffc.mydomain.com | <<Primary Server Public IP Address>> | Auto |
| A record | ws.ffc.mydomain.com | <<Secondary Server Public IP Address>> | Auto |
You can create any Name that align to your requirements, as long as there are hostnames that are reachable to both Primary and Secondary Servers.
iii. Devices configuration
After setting up the port forwarding rules, you can manually enter the correct Server Address in each device's settings as, in this example, "http://portal.ffc.mydomain.com:8873" (Primary Server Hostname). As for the Secondary Server, FootfallCam™ Devices will automatically acquire the server address from Primary Server, which should configured during the software installation process.
Installing FootfallCam™ Solution
Server Installation Service
At the moment, FootfallCam™ does not provide any installation files for users to perform installation by themselves due to technical difficulty. Hence, a Server Installation Service can be paid so that FootfallCam™ can perform full software installation, which including:
- Verify servers hardware resources aligned to system requirements.
- Verify servers connectivity aligned to network requirements.
- FootfallCam™ Analytic Manager V9 Installation and Configuration.
- Microsoft SQL Server Installation** and Configuration (License not included).
- Real Time Data Engine Installation and Configuration.
- Druid Database Server Installation and Configuration.
- Continuous software maintenance, update, and support.
You can learn more on requesting Server Installation Service in section 26.1.2 above.
FootfallCam™ will only perform installation with Microsoft SQL Server Express Edition if client did not provide any license. If you have prepared an Microsoft SQL Server License, you must pre-install Microsoft SQL Server Software in your Primary Server before handing out to FootfallCam™ Software Installation process.
If data migration is required in case of server / hardware / Microsoft SQL License changes, additional charges may apply.
Remote Access Requirements
In the event of software installation, server maintenance or technical issues related to FootfallCam™ devices, hosted software and modules, FootfallCam™ recommends our clients to provide Desktop Remote Access with a fixed access credential (ID and Password), available for 24/7, with given network access.
The reason that we required the Remote Desktop access with fixed credential are as below:
-
The time to perform the necessary work might be different between time zone users and the FootfallCam™ technical personnel, to avoid any delay of action, the unattended access is preferable to expedite the process.
-
To shorten the communication time needed for FootfallCam™ technical personnel with the IT administrator on-site, it's advisable that the password changing is not frequent, except necessary.
You may choose one of the following Remote Desktop Access method below:
|
Remote Access Method |
Instruction / Download Link |
|
Remote Desktop Connection (RDP) |
Click HERE for instruction on how to setup RDP in your Primary Server |
|
TeamViewer 15 |
Click HERE to download and install the application to your Primary Server |
|
AnyDesk |
Click HERE to download and install the application to your Primary Server |
For servers that are hosted in a private network, unless you have chosen a Remote Access Solution such as TeamViewer or AnyDesk, you are required to implement your preferred VPN services, and provide the appropriate access for FootfallCam™ Technical Specialists in favour of server installation and post-installation support.
After completing the above action, please include your credentials into the Server Installation Form before requesting for server installation service.
You MUST provide the username and password of the Secondary Server with root permission to FootfallCam™. Please include the credentials into Server Installation Form.
If you are concerning on the security of your premises, you may choose to opt out from providing remote access 24/7 to FootfallCam™ TWO months after the completion of the project rollout, and only re-enable the remote access if FootfallCam™ is requesting to access the server in case of critical maintenance work is required.
Server Migration
At certain point of pushing data from your FootfallCam™ Devices to FootfallCam™ Central Servers, your organisation might decided to host the FootfallCam™ Solution onto on-premise servers. During this transition, all the data that is in FootfallCam™ Central Servers should be migrated to your own servers. FootfallCam™ offers Data Migration Service with one-time fee to perform the following jobs:
- Software Installation and Configuration*
- Data backup and transfer from FootfallCam™ Central Servers
- Data restore in your servers
- Post-migration data validation
Contact us by emailing to [email protected] for more enquiry or/and placing the order.
You are required to provision your own server(s), ensure your server(s) has meet the system requirements, and provide remote access to FootfallCam™ Technical Personnel to perform the installation and migration jobs. Kindly refer to Chapter 26 - Hosting Solution to Your Server to understand the pre-requisites, system requirements and network requirements.
Server Migration Use-case
Server Migration can be proceed with the following use cases:
- Migration from FootfallCam™ Central Servers to client-hosted on-premise server(s)
- Migration from on-premise server(s) to another on-premise server(s)
At the moment, FootfallCam™ does not offers migration from client on-premise server(s) to FootfallCam™ Central Servers due to technical difficulties, but will be supported in future.
Server Migration Process
During the migration, you will need to take required action in accordance to the migration stage to ensure the smooth process can be carried on.
FootfallCam™ Central Servers to client-hosted on-premise server(s)
Below shows different stage of the Server Migration Timeline, with responsibilities listed for both FootfallCam™ and for Customer to action:
| Stage | Description | FootfallCam™ to Action | Customer to Action | Duration 1 |
| 0 | Server Provisioning and setup (Read here) |
|
|
Day 1
1hr (FFC) |
|
SERVICE OFFLINE 2 |
||||
| 1 | Data transfer and device redirection |
|
|
Day 2
2-6 hrs (depending on the network condition) |
| 2 | Software Installation and Configuration |
|
- | Day 2 or 3
3-4 hrs |
| 3 | Data restore |
|
- | |
|
SERVICE ONLINE |
||||
| 4 | Data validation |
|
- | Day 3~
1-2 hrs |
On-premise server(s) to another on-premise server(s)
There are 3 different scenario on migrating between client on-premise servers in this section:
- Primary Server Migration - new IP address
- Primary Server Migration - retail the same IP address
- Secondary Server Migration
Primary Server Migration - new IP address
| Stage | Description | FootfallCam™ to Action | Customer to Action | Duration 1 |
| 0 | Server Provisioning and setup (Read here) |
|
|
Day 1
1hr (FFC) |
|
SERVICE OFFLINE 2 |
||||
| 1 | Data transfer and device redirection |
|
|
Day 2
2-4 hrs (depending on the network condition) |
| 2 | Software Installation and Configuration |
|
- | Day 2~
2-4 hrs |
| 3 | Data restore |
|
- | |
|
SERVICE ONLINE |
||||
| 4 | Data validation |
|
- | Day 2~
1-2 hrs |
Primary Server Migration - retail the same IP address
| Stage | Description | FootfallCam™ to Action | Customer to Action | Duration 1 |
| 0 | Server Provisioning and setup (Read here) |
|
|
Day 1
1hr (FFC) |
|
SERVICE OFFLINE 2 |
||||
| 1 | Data transfer |
|
|
Day 2
2-6 hrs (depending on the network condition) |
| 2 | Software Installation and Configuration |
|
- | Day 2~
2-4 hrs |
| 3 | Data restore |
|
|
Day 2~
2-4 hrs |
| 4 | Network Update | - |
|
Day 2~
1 hr (Client) |
|
SERVICE ONLINE |
||||
| 5 | Data validation |
|
- | Day 3~
1-2 hrs |
Secondary Server Migration
| Stage | Description | FootfallCam™ to Action | Customer to Action | Duration 1 |
| 0 | Server Provisioning and setup (Read here) |
|
|
Day 1
1hr (FFC) |
|
SERVICE OFFLINE 2 |
||||
| 1 | Data transfer and device redirection |
|
|
Day 2
2-4 hrs (depending on the network condition) |
| 2 | Software Installation and Configuration |
|
- | Day 2~
2-4 hrs |
| 3 | Data restore |
|
- | |
|
SERVICE ONLINE |
||||
| 4 | Data validation |
|
- | Day 2~
1-2 hrs |
1 The above timeline is estimated in an ideal conditions, and may be prolonged during the migration process. Your mileage may vary.
2 During the service offline period, data will be temporarily stored in the devices itself. When the newly redirected connection is established, devices will then continue to upload the remaining data to the newly designated server.
3 Device redirection will only works for the online devices. For offline devices, client must remotely and manually update the Server Address in the device individually. Kindly refer to the article FootfallCam™ Device Installation Guide - Chapter 3: Device Configuration.