OS CentOS 7 64bits
CMS Drupal 7
Web Server & Reverse Proxy Apache 2.4 (php-fpm)
Database MySQL 5.7
Directory OpenLDAP 2.4
DMS Alfresco 5.2 Community
Search Apache Solr 5
API server Apache Tomcat 7
Workflow (GoFAST 3.6+) Bonitasoft Community 7
Workflow (<GoFAST 3.6+) Bonitasoft Community 6
GoFAST Comm-Server
Collaborative edition OnlyOffice 5
Instant messaging eJabberd 16
Webconference Jitsi Meet 1.0
Reverse Proxy nginx 1.12

Server prerequisites

The GoFAST platform is an enterprise application that requires a high-performing architecture to deliver good scalability and response times.


GoFAST is particularly sensitive to the performance of inputs/outputs (I/O) and correct size of random access memory (RAM)


As a consequence of sensitivity to I / O, special attention should be paid to remote storage. It must give priority to the SAN type. Avoid any remote WAN and NFS type storage.


GoFAST v3 requires 2 VMs by default.

Virtual Machine Prerequisites

The GoFAST platform is intended to function on the following 64-bit Hypervisors (which did not reached their EOL) :

  • VMWare ESX
  • Hyper-V
  • KVM
  • HVM (Amazon Web Services)

and without operating experience feedback, XEN 6+


Currently it is impossible to import images into a HyperV (or in Azure). Script installation is performed


  • The GoFAST VM must have a dedicated datastore (LUN).
  • Under VMWARE, choose “RedHat Enterprise” and “paravirtualized SCSI adapter” from CentOS 7.4 / GoFAST v3.1.1

*VM 2 (GF-COMM) is only included in the Enterprise offer/edition

  VM 1 (GF) VM 2 (GF-COMM)*
Cores 4+ 2+
Storage 200GB+ 50GB
IOPS(FIO) 500+  
Network 100Mpbs 100Mpbs


A webconference with 6 users (including 5 with video) consumes 12Mbps (outgoing), 3Mbps (incoming), 50% CPU

Evaluation of storage requirements

  • 15 GB of disk space for application and system (partition /)
  • Data storage space (partition / var)

Normal use

  • 2 - 3 GB of disk space for personal content of new users
  • 4 - 6 GB for groups and organizations

Intensive use

  • 5 - 10 GB of disk space for the personal content of new users
  • 10 - 20 GB for Groups and Organizations

Simulation of disk space for 100 users (x5GB), 10 organizations (x10GB), 15 groups (x10GB) for a total of 765 GB

Optional partition

Most of the data is stored in /var. A daily backup is done in /var/backup. If the current image does not have sufficient partitions, we recommend you to do it.


It is highly recommended but not required to create a partition for `` / var``


If the `` / var`` partition is on a remote storage (NAS / NFS …) this should not cause a strong performance degradation (IOPS) compared to local storage. Any WAN storage should be avoided


It is recommended but not required to create a partition for /var/backup for application data backup and this mount point should be deported


The swap partition must be at least 50% of the physical memory of the server

Networks and Security


The GoFAST platform only works with a « server » certificate issued by a certification authority (CA). The certificate must be in .pem, or.crt and .key format


The certificate must be of « wildcard » type


If GoFAST is only accessible in Intranet, the certificate can be generated by the Active Directory Certificate Services.

Network architecture

The GoFAST platform can be installed:

  • preferably on a DMZ so that the platform is accessible from the outside (extranet, mobile use, …)
  • on the company’s network (LAN)
  • also another network is accessible by Internet (in such case pay attention to performances, flow, routing, …)


the organization uses a Proxy for Internet or LAN access, special configurations must be made. GoFAST unrelated issues (butin connexion with proxy configuration) may occur

List of ports

Here is the list of ports that must be accessible in and out.

  VM1 VM2 Incoming ports Outgoing ports
Platform installation, update, external RSS feeds, Web page import, supervision x x   80 & 443
Access to the platform in HTTPS and WebDav x X 443  
Access to the GoFAST LDAP directory by the company’s SI and VM2 x   636  
Envoi des mails de notification ou autres services internes x     25, 465, 636..
Remote Administration (SSH) x x Politique à définir  
Zabbix Supervision x x   10051
Webconference   x 10000/UDP  
(x) 80/TCP*
Accès à la plate-forme en IMAPS (FACULTATIF) x   993  
Import d’emails extrérieures (FACULTATIF) x   25  
* si les ports udp ne peuvent être ouverts


If the participant is not on the LAN, his Internet access must allow the traffic to pass on the 10000 / udp port. This can cause problems on some InternetPro networks such as remote sites connected to the headquarters where the GoFAST server is located. Note that it is rare that this problem is found on 4G networks.

WebRTC resources (Enterprise only)

Enterprise only

The Webrtc operation is described here: https://developer.mozilla.org/en/docs/Web/Guide/API/WebRTC/WebRTC_architecture

Diagnostic of the network is possible here: https://www.netscan.co/ (click on “Scan my Network”, the diagnosis is stored as a URL https://www.netscan.co/r/ayiIL)


Unlike videochat, jitsi-meet does not require a STUN server.


Installation by VM import

CEO-Vision can provide an image of the VM in OVA form (universal format). For other formats contact us.

In the case of the OVA format, a virtual machine with standard prerequisites is provided.


For VMWare, check that the “PVSCSI adapter” is well used

In some cases, the virtual machine may have more disk space than the partition of the VM. In this case the following operations have to be performed:

# fdisk -l /dev/sda
Disk /dev/sda: 68.7 GB, 68719476736 bytes
255 heads, 63 sectors/track, 10443 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 8354 66999082+ 8e Linux LVM

# fdisk /dev/sda
n                                       {new partition}
p                                       {primary partition}
3                                       {new partition number}
t                                       {change partition id}
8e                                      {Linux LVM partition}


# fdisk -l /dev/sda
Disk /dev/sda: 85.8 GB, 85899345920 bytes
255 heads, 63 sectors/track, 10443 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 8354 66999082+ 8e Linux LVM
/dev/sda3 8355 10443 16779892+ 8e Linux LVM

# pvcreate /dev/sda3
# vgdisplay
# vgextend VolGroup00 /dev/sda3 {change VolGroup00 by vgdisplay result
# lvextend /dev/VolGroup00/LogVol00 /dev/sda3 {change accordingly by vgdisplay result

# resize2fs /dev/VolGroup00/LogVol00 {for ext4 and change VolGroup00 accordingly by vgdisplay result}
# xfs-growthfs /dev/VolGroup00/LogVol00 {for xfs and change VolGroup00 accordingly by vgdisplay result}


the last operation can take between 30min and 1h30 for an increase of 1To

Script Installation (Enterprise only)

Enterprise only

Note that this type of installation generates an additional cost (per hour billing).

In this case, a VM with Centos 7 x64 Minimal is available for CEO-Vision who then makes a script installation.

Post-installation of the VM (Enterprise only)

Enterprise only

Network Configuration (by the Operator)

  • Login in console mode to the VM and run nmtui
  • Choose Edit a connection then the interface, generally ems33
  • Click `` Show`` at `` IP v4 Configuration``
  • Fill in the information (Manual, Addresses, Gateway, DNS servers)


If your GoFAST is accessible from the Internet, the address is a public IP


In a virtualized environment, the gateway is the IP address of the host with the end replaced by .254

  • Select `` OK``
  • Choose Set system hostname generally the same name as that setup in the DNS
  • Quit the application
  • reboot
  • After reboot, check that the internet is accessible by entering ping


In the ESX case, check that the MAC address corresponds to the configured public IP address

Configuration / Setup (by the Operator)


These steps are very important and should be done as soon as possible by the hosting service provider

  • Upload the SSL certificate “wildcard” on the server (public and private key corresponding to * .mydomain.tld, eg gofast.ceo-vision.com)
  • Enter the IP address and domain name of GoFAST in the company’s DNS
  • Create DNS entries:
    • For VM1 IP
      • gofast.mydomain.tld (ex. : gofast.ceo-vision.com)
      • gofast-mobile.mydomain.tld (ex. : gofast-mobile.ceo-vision.com)
    • For IP VM2
      • gofast-comm.mydomain.tld (ex. : gofast-comm.ceo-vision.com)
  • Check that the GoFAST platform has Internet access
  • Check that all interconnections between the VM are working on the ports listed in the “List of Ports” section
  • Provide remote administration of access information (SSH, SMTP gateway …) to CEO-Vision

Configuration / Setting by CEO-Vision

  • Verification of pre-requisites
  • Benchmark
  • OPTIONAL: Proxy settings
  • OPTIONAL: Coupling of the OpenLDAP directory or ActiveDirectory (optional)
  • OPTIONAL: Configuration of delegation authentication
  • SMTP Configuration
  • Installation of the graphic charter
  • Configuration of Zabbix Supervisory Probes
  • Installation of APM probes (XXL edition)

CEO-Vision Post-Installation Checks

Basic verification of performances

Installation of the tool:

GoFAST v1.x et 2.x
$ sudo yum install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

GoFAST v3.x et +
$ sudo yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

$ sudo yum install sysbench

Commands to obtain the software and hardware environment during the benchmark:

# sudo dmidecode | egrep -i 'product name'
# lscpu
# more /etc/centos-release
# df -T
# sudo lshw -class disk -class storage
# lsblk

Measure the performance of your CPU by performing the following:

Pour sysbench 1.0+:
sysbench cpu --time=0 --events=10000 --threads=4 run

Example of the result (in seconds, the smaller the better):

execution time (avg/stddev): 21.4200/0.00
File IO Benchmark

To measure the performance of the I / O (input / output) it is necessary to create a much larger file than the available random access memory (RAM) because otherwise the system uses the memory as cache which distorts the results - 150GB is a good value not always usable (lack of disk space):

sysbench --test=fileio --file-total-size=50G prepare

Then run the benchmark:

Pour sysbench 1.0+:
sysbench fileio --file-total-size=50G --file-test-mode=rndrw --time=300 --max-requests=0 --threads=4 run

Example of the result:

Read 595.16Mb Written 396.77Mb Total transferred 991.92Mb (3.3056Mb/sec)211.56 Requests/sec executed

Then you can delete the test file:

sysbench --test=fileio --file-total-size=50G cleanup
File IO Benchmark (FIO)
yum install fio

fio -filename=/var/TESTIO -iodepth=64 -ioengine=libaio -direct=1 -rw=randrw -bs=4k -size=5G -numjobs=4 -runtime=30 -group_reporting -name=test-randwrite --rwmixread=30

Nb: ajouter --unified_rw_reporting=1 si l'on veut un résultat aggloméré pour Read et Write
MySQL Benchmark

To measure the performance of the MySQL database, we must first create a test table in the test database (manually created) with 1,000,000 rows of data:

sudo mysql -u root -p -e "CREATE DATABASE test;"

Pour sysbench 1.0+:
sysbench --test="/usr/share/sysbench/tests/include/oltp_legacy/oltp.lua" --db-driver=mysql --oltp-table-size=1000000 --mysql-db=test --mysql-user=root --mysql-password=mypassword prepare

Then run the benchmark:

sysbench --test="/usr/share/sysbench/tests/include/oltp_legacy/oltp.lua" --db-driver=mysql --oltp-table-size=1000000 --mysql-db=test --mysql-user=root --mysql-password=YOURDBPWD --time=90 --oltp-read-only=off --max-requests=0 --threads=4 run

Example of the result:

transactions:                       28235 (871.01 per sec.)

MySQL indicators in normal operation

gofast.ceo-vision.com ~# mysqltuner -u root

>> MySQLTuner 1.1.1 - Major Hayden <major@mhtx.net>
>> Bug reports, feature requests, and downloads at http://mysqltuner.com/
>> Run with '--help' for additional options and output filtering
Please enter your MySQL administrative login: root
Please enter your MySQL administrative password:

-------- General Statistics --------------------------------------------------
[--] Skipped version check for MySQLTuner script
[OK] Currently running supported MySQL version 5.5.28-log
[OK] Operating on 64-bit architecture

-------- Storage Engine Statistics -------------------------------------------
[--] Status: -Archive -BDB -Federated +InnoDB -ISAM -NDBCluster
[--] Data in InnoDB tables: 84M (Tables: 298)
[--] Data in PERFORMANCE_SCHEMA tables: 0B (Tables: 17)
[!!] Total fragmented tables: 301

-------- Security Recommendations -------------------------------------------

[OK] All database users have passwords assigned

-------- Performance Metrics -------------------------------------------------
[--] Up for: 9m 6s (83K q [153.229 qps], 143 conn, TX: 69M, RX: 21M)
[--] Reads / Writes: 81% / 19%
[--] Total buffers: 544.0M global + 15.5M per thread (150 max threads)
[OK] Maximum possible memory usage: 2.8G (49% of installed RAM)
[OK] Slow queries: 0% (12/83K)
[OK] Highest usage of available connections: 6% (9/150)
[OK] Key buffer size / total MyISAM indexes: 128.0M/1.5M
[OK] Key buffer hit rate: 100.0% (56K cached / 0 reads)
[OK] Query cache efficiency: 74.0% (25K cached / 34K selects)
[OK] Query cache prunes per day: 0
[OK] Sorts requiring temporary tables: 0% (0 temp sorts / 2K sorts)
[!!] Joins performed without indexes: 8
[!!] Temporary tables created on disk: 39% (217 on disk / 550 total)
[OK] Thread cache hit rate: 93% (9 created / 143 connections)
[OK] Table cache hit rate: 98% (455 open / 462 opened)
[OK] Open file limit used: 6% (263/4K)
[OK] Table locks acquired immediately: 100% (27K immediate / 27K locks)
[OK] InnoDB data size / buffer pool: 84.8M/150.0M

-------- Recommendations -----------------------------------------------------

General recommendations:
    Run OPTIMIZE TABLE to defragment tables for better performance
    MySQL started within last 24 hours - recommendations may be inaccurate
    Adjust your join queries to always utilize indexes
    When making adjustments, make tmp_table_size/max_heap_table_size equal
    Reduce your SELECT DISTINCT queries without LIMIT clauses

Variables to adjust:
    join_buffer_size (> 10.0M, or always use indexes with joins)
    tmp_table_size (> 200M)
    max_heap_table_size (> 200M)

ANNEXE I : Common problems

Problems with sending of technical mails

Configure the SMTP relay in sendmail (`` /etc/postfix/main.cf``)

relayhost = smtp.myorganisation.xxx # nom du relais

Impossible to connect to GoFAST by email (IMAPS)

The following test should work (end of message “** * OK IMAP4rev1 Server GreenMail ready **”) from an internal or external server if the GoFAST is on a DMZ

# openssl s_client -connect gofast.mydomain.tld:993

If it does not, check that:

  • port 993 is correctly opened (see § on checking open ports)
  • that the « stunnel » process works