Solution architecture

ClickHouse DBMS

clickhouse

Managing ClickHouse databases for storing and processing informational messages from agents.

PostgreSQL DBMS

postgresql

Managing databases using tools for analyzing and optimizing query parsing and query engines.

Middleware

middleware

Implements the data processing business logic of the server component of the solution and exposes a REST API to the graphical user interface of Kaspersky Container Security.

Event Broker

event-broker

Ensuring communication between various elements of the distributed solution system.

Image Handler, client scanner

image-handler

Processing scan jobs using vulnerability and malware scanners: starting scan jobs, scanning objects, aggregating and publishing scan results.

Scanner server

scanner-server

Managing the scanner server, which is used to store the vulnerabilities database and the image layer cache, as well as to support the image handler.

Licensing module

licenses

Manage functionalities provided under the license.

File storage

minio

Managing the storage for storing and distributing to users the files that the solution generates.

Multi-threaded event-based key-value cache storage

memcached

Managing the cache storage for keys and values that the solution receives as part of events.

File server with updates for private corporate networks

updates

Delivery of updates when the solution is deployed.

Solution interface

nginx

Functioning of the Kaspersky Container Security graphical user interface.

Agent Broker

agent-broker

Ensuring communication between various elements of the distributed solution system.

Agents

node-agent

kube-agent

Maintaining security on the nodes in accordance with configured security policies and integration with the orchestrator.