Sensor Collector System Requirements for Docker

To ensure proper operation of the Sensor Collector, your system must meet the following specifications:

Container Runtime

Sensor Collector requires a container runtime on a Linux host.

Note: The Podman container environment is not supported.

Resource Consumption

Disk Space: 100 GB
CPU: 4 cores
RAM: 2 GB

Docker: Version 24.0.4 or later, installed from Docker software repositories (not a Snap package). Refer to this guide for docker installation instructions.

Network Services

The following host services are not strictly required but are recommended for reliable operation:

DNS resolver — Required if endpoints are configured using FQDNs to connect to PCA Analytics, OCSP servers, or monitored network devices. If DNSSEC validation is enabled in the.env configuration file (RR_DNSSEC_ENABLE=true), Sensor Collector runs a local Unbound resolver that performs cryptographic validation of DNS responses. In VPN or corporate network environments, explicitly configure upstream nameservers via RR_DNSSEC_NAMESERVERS since containers cannot automatically detect host VPN DNS settings. Without DNSSEC enabled, the container uses standard DNS resolution from the host machine's /etc/resolv.conf.

NTP client — Sensor Collector timestamps all collected metrics using the container's system clock, which inherits from the host. Clock accuracy affects the validity of time-series data and correlation with other data sources. Use any standard NTP client on the host (chrony recommended).

HTTP/HTTPS proxy — In environments without direct internet access, pass proxy settings to the container via the .env configuration file with options: HTTP_PROXY, HTTPS_PROXY, NO_PROXY. The proxy is used for outbound connections to PCA Analytics APIs and certificate validation endpoints (OCSP/CRL).

Firewall Rules

If a firewall is active on the host or in the network path, ensure the following traffic is permitted: