Solution architecture

ClickHouse DBMS

clickhouse

Managing ClickHouse databases for storing and processing informational messages from agents.

PostgreSQL DBMS

postgresql

Managing databases using tools for analyzing and optimizing query parsing and query engines.

PGBouncer connection pooler

pgbouncer

PostgreSQL connection pool management.

Basic business logic module

middleware

Implementation of the data processing business logic of the solution server component and providing REST API for the graphical user interface of Kaspersky Container Security.

Event Broker

event-broker

Ensuring communication between various elements of the distributed solution system.

Image Handler, client scanner

image-handler

Processing scan jobs using vulnerability and malware scanners: starting scan jobs, scanning objects, aggregating and publishing scan results.

Scanner server

scanner-server

Managing the scanner server, which is used to store the vulnerabilities database and the image layer cache, as well as to support the image handler.

Licensing module

licenses

Manage functionalities provided under the license.

File storage

minio

Managing the storage for storing and distributing to users the files that the solution generates.

Message Broker

nats

Determining the order of communication requests in the form of messages.

File server with updates for private corporate networks

updates

Delivery of updates when the solution is deployed.

Solution interface

nginx

Functioning of the Kaspersky Container Security graphical user interface.

Agents

node-agent

kube-agent

Maintaining security on the nodes in accordance with configured security policies and integration with the orchestrator.