# X-Road technologies
Technical Specification
Version: 1.8
26.09.2022
Doc. ID: ARC-TEC
# Version history
Date | Version | Description | Author |
---|---|---|---|
02.02.2018 | 1.0 | Initial version | Antti Luoma |
02.03.2018 | 1.1 | Added uniform terms and conditions reference | Tatu Repo |
17.04.2019 | 1.2 | Added RHEL7, Ubuntu 18.04, systemd and Postgres 10 | Petteri Kivimäki |
11.09.2019 | 1.3 | Remove Ubuntu 14.04 support | Jarkko Hyöty |
12.05.2020 | 1.4 | Add link to X-Road core tech radar | Petteri Kivimäki |
15.09.2020 | 1.5 | Updated to match security server REST API architecture | Janne Mattila |
02.06.2021 | 1.6 | Backup encryption related updates | Andres Allkivi |
07.09.2021 | 1.7 | Update technologies | Ilkka Seppälä |
26.09.2022 | 1.8 | Remove Ubuntu 18.04 support | Andres Rosenthal |
# Table of Contents
# License
This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/
# 1 Introduction
This document describes the general technology composition of X-Road components. To better illustrate the role of main technologies in X-Road, the information is collected in to several technology matrices highlighting the technology relationships between components.
Besides, the X-Road Core Tech Radar (opens new window) is a list of technologies used in the implementation of the core components of X-Road.
# 1.1 Terms and abbreviations
See X-Road terms and abbreviations documentation [TA-TERMS].
# 1.2 References
- ARC-CP -- X-Road: Configuration Proxy Architecture. Document ID: ARC-CP.
- ARC-CS -- X-Road: Central Server Architecture. Document ID: ARC-CS.
- ARC-SS -- X-Road: Security Server Architecture. Document ID: ARC-SS.
- ARC-OPMOND -- X-Road: Operational Monitoring Daemon Architecture. Document ID: ARC-OPMOND.
- ARC-G -- X-Road Architecture. Document ID: ARC-G.
- TA-TERMS -- X-Road Terms and Abbreviations. Document ID: TA-TERMS.
# 2 Overview matrix of the X-Road technology
Table 1 presents the list of technologies used in the X-Road and mapping between the technologies and X-Road components.
Table 1. Technology matrix of the X-Road
Technology | Security server | Central server | Configuration proxy | Operational Monitoring Daemon |
---|---|---|---|---|
Java 8 | X | |||
Java 11 | X | X | X | |
C | X | X | ||
Logback | X | X | X | X |
Akka 2 | X | X | X | X |
Jetty 9 | X[3] | X | ||
JRuby 9 | X | |||
Ubuntu 20.04 | X | X | X | X |
Ubuntu 22.04 | X | X | X | X |
Red Hat Enterprise Linux 7 (RHEL7) | X | X | ||
Red Hat Enterprise Linux 8 (RHEL8) | X | X | ||
PostgreSQL 10 | X | X | X | |
nginx | X | X | ||
PAM | X | X | ||
Liquibase 3 | X | X | X | |
systemd | X | X | X | X |
PKCS #11[2] | X | X | X | |
Dropwizard Metrics 4 | X | X | ||
Spring Boot 2 | X | |||
Vue.js 2 | X | |||
Npm 6 | X | |||
Node 12 | X | |||
Typescript | X | |||
OpenAPI 3 | X | |||
Embedded Tomcat 9 | X | |||
GNU Privacy Guard | X | X |
See [ARC-G] for general X-Road architecture details.
[2] The use of hardware cryptographic devices requires that a PKCS #11 driver is installed and configured in the system.
[3] Security Server uses embedded Jetty for clientproxy, serverproxy and OCSP responder
# 3 Central server technologies
Table 2 presents the list of technologies used in the central server and the mapping between technologies and central server components.
Table 2. Technology matrix of the central server
Technology | Signer | Web Server | Password Store | Management Services | Database | User Interface | Servlet Engine | Backend Scripts |
---|---|---|---|---|---|---|---|---|
Java 8 | X | X | X | X | ||||
C | X | |||||||
Logback | X | X | X | |||||
Akka 2 | X | X | X | |||||
Jetty 9 | X | |||||||
JRuby 9 | X | |||||||
Javascript | X | |||||||
PostgreSQL 10 | X | |||||||
nginx | X | |||||||
PAM | X | |||||||
Liquibase 3 | X | |||||||
systemd | X | X | X | |||||
PKCS #11[2] | X | |||||||
GNU Privacy Guard | X |
[2] The use of hardware cryptographic devices requires that a PKCS #11 driver is installed and configured in the system.
See [ARC-CS] for the central server details.
# 4 Configuration proxy technologies
Table 3 presents the list of technologies used in the configuration proxy and the mapping between technologies and configuration proxy components.
Table 3. Technology matrix of the configuration proxy
Technology | Web Server | Configuration Processor | Signer | Configuration Client |
---|---|---|---|---|
Java 11 | X | X | X | |
Logback | X | X | X | |
Akka 2 | X | X | ||
nginx | X | |||
systemd | X | X | X | X |
PKCS #11[2] | X |
[2] The use of hardware cryptographic devices requires that a PKCS #11 driver is installed and configured in the system.
See [ARC-CP] for the configuration proxy details.
# 5 Security server technologies
Table 4 presents the list of technologies used in the security server and the mapping between technologies and security server components.
Table 4. Technology matrix of the security server
Technology | Signer | Proxy | Password Store | Message Log | Metadata Services | Database | Configuration Client | User Interface frontend | REST API | Monitor | Environmental Monitoring Service | Operational Monitoring Buffer | Operational Monitoring Services |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Java 11 | X | X | X | X | X | X | X | X | X | X | |||
C | X | ||||||||||||
Logback | X | X | X | X | X | X | X | X | X | ||||
Akka 2 | X | X | X | X | X | X | X | ||||||
Embedded Jetty 9 | X | ||||||||||||
Javascript | X | ||||||||||||
PostgreSQL 10 | X | X | |||||||||||
PAM | X | ||||||||||||
Liquibase 3 | X | ||||||||||||
systemd | X | X | X | X | |||||||||
PKCS #11[2] | X | ||||||||||||
Dropwizard Metrics 4 | X | ||||||||||||
Spring Boot 2 | X | ||||||||||||
Vue.js 2 | X | ||||||||||||
Npm 6 | X | ||||||||||||
Node 12 | X | ||||||||||||
Typescript | X | ||||||||||||
OpenAPI 3 | X | X | |||||||||||
Embedded Tomcat 9 | X | ||||||||||||
GNU Privacy Guard | X |
[2] The use of hardware cryptographic devices requires that a PKCS #11 driver is installed and configured in the system.
See [ARC-SS] for the security server details.
# 6 Operational monitoring daemon technologies
Table 5 presents the list of the technologies used in the operational monitoring daemon and the mapping between technologies and monitoring daemon components. Note: OP-monitoring daemon is an additional component of the X-Road.
Table 5. Technology matrix of the operational monitoring daemon
Technology | Op. Mon. Daemon Main | Op. Mon. Database | Op. Mon. Service | Configuration Client |
---|---|---|---|---|
Java 11 | X | X | X | X |
Logback | X | X | X | X |
Akka 2 | X | X | ||
PostgreSQL 10 | X | X | ||
Liquibase 3 | X | X | ||
Dropwizard Metrics 4 | X | X | ||
systemd | X | X |
See [ARC-OPMOND] for the operational monitoring daemon details.