Architectural overview

The interaction between the components in cloud Kubernetes services occurs in the following order:

  1. The Kaspersky Scan Engine Docker image is imported in Cloud Docker Container Registry. The type of the Docker image depends on the Kaspersky Scan Engine Working mode (HTTP or ICAP).
  2. In the cloud Kubernetes cluster, the kaspersky namespace is created. The following files are imported to this namespace:
    • The Kaspersky Scan Engine configuration files (the ConfigMaps object in Kubernetes)
    • An activation code or a key file of Kaspersky Scan Engine (the Secret object in Kubernetes)

      Note that each new initialized container or pod has its own hostname. This means that, in the online licensing mode with an activation code, each container or pod requires new activation. For Docker and Kubernetes, we recommend that you use the offline licensing with a key file, or the online licensing mode with an activation code that has no activation limit.

    • The Kubernetes YAML file for deploying Kaspersky Scan Engine (the Deployment and Service objects in Kubernetes)

      Certificates and keys for the Kaspersky Scan Engine GUI and HTTPS support in HTTP mode also can be imported.

  3. Kaspersky Scan Engine in HTTP or ICAP mode becomes available for scan requests. It can be used for scan requests from HTTP and ICAP clients, proxy servers, network attached storages (NAS), and other clients.

    Diagram that shows how Kaspersky Scan Engine is integrated with Kubernetes.

    Interaction between the components

Page top