Kubernetes Components

Introduction

MD Core can be installed in Kubernetes thanks to the components that are defined in the MetaDefender core helm chart stored in https://github.com/OPSWAT/metadefender-k8s/tree/main/helm_charts/mdcore . This guide explain what are the different components that we propose for MetaDefender Core to properly run in Kubernetes.

For deploying this components we offer an installation script see Installing MetaDefender Core in K8S for installing MetaDefender Core in an already created cluster or EKS Cluster for provisioning a Kubernetes cluster in AWS and install MetaDefender Core on it

K8S Component Architecture Options

There will be deployed different services depending on how the cluster is accessed and what type of database will be used to work with MetaDefender Core.

These are the possible combinations:

  • MetaDefender Core Service + Ingress + PostgreSQL service

    • md-core service
    • postgres-core service
    • core-ingress component (Optional)

  • MetaDefender Core Service + Ingress + External Database

    • md-core service
    • core-ingress service (Optional)
    • PostgreSQL external database

Overview Architecture of K8S Component

Components Table

Component TypeComponent NameDescription
Ingresscore-ingressIngress component for accessing to the md-core service from outside of the cluster. In case you have an external load balancer, it is optional, as you can setup an ingress controller for any of the CSPs load balancers
Deploymentmd-coreDefine what are the replicas and the containers that are needed for md-core
Deploymentpostgres-coreDefine what are the replicas and the containers that are needed for the postgreSQL database. Optional in case you don't have an external PostgreSQL database to connect with md-core service
Servicemd-coreRepresent a single point to access to all the pods for md-core
Servicepostgres-coreRepresent a single point to access to all the pods for postgres-core
Podmd-coreContains all the containers needed for running MetaDefender Core app.
Podpostgres-coreContains the container needed for running the PostgreSQL for MetaDefender Core.

Diagram of Components

postgres-core components will be needed to be generated just in case an external database is not connect to the md-core service

Containers Design

Containers Description

  • Init Containers: Run at starting to check if the database is ready and reachable from the pod.
  • App Container: Main container of the application that host al the logic to activate/deactivate the service with the license

Secrets Configuration

  • mdcore-api-key: API key autogenerated in case it is not indicated in the helm chart
  • mdcore-cred: Admin user and password autogenerated in case it is not indicated in the helm chart
  • mdcore-license-key: MetaDefender Core activation key needed to activate the pods.
  • mdcore-postgres-cred: Database Admin user and password for md-core service to have access to the database

Features

Load balancers in AWS

For accessing to the md-core service you can set up a load balancer in AWS that will need to install a controller for AWS. For creating the controller we have included in this script al the commands indicated by AWS in this docs

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Upgrade/Deployment Strategy on K8S
On This Page
Kubernetes ComponentsIntroductionK8S Component Architecture OptionsOverview Architecture of K8S ComponentComponents TableDiagram of ComponentsContainers DesignFeaturesLoad balancers in AWS