Container-Based Setup

Before running the setup, please check Recommended System Configuration to install all required dependencies of MetaDefender Distributed Cluster (MDDC).

Setup order requirement

Please follow installation steps in order to complete the system setup properly:

Order no.ServiceNotes
1Redis, RabbitMQ, PostgreSQL, Identity Service and File Storage
  • Could be setup in parallel in any order among them.
  • Make sure they are all fully functional and accessible before proceeding to the next setup order #2.
2Control Center
  • Ensure it's able to connect to those services in #1
  • Make sure it is fully functional and accessible.
3Worker for API Gateway and Worker for MetaDefender Core
  • Could be setup in parallel in any order among them.
  • Ensure they're able to connect to Control Center
  • Make sure they are all fully functional and accessible.

Image name and version

All the images can be found at OPSWAT Docker Hub with the following information:

Note: version is the currently release version.

MetaDefender Distributed Cluster Identity Service

Docker image
Copy

MetaDefender Distributed Cluster File Storage

Docker image
Copy

MetaDefender Distributed Cluster Control Center

Docker image
Copy

MetaDefender Distributed Cluster Worker for API Gateway

Docker image
Copy

MetaDefender Distributed Cluster Worker for MetaDefender Core

Docker image
Copy

Environment variables

1. MDDC Identity Service

Environment VariableNecessityDescription
MDDC_IDENTITY_SERVICE_DB_HOSTRequiredProvide the database host for Identity Service
MDDC_IDENTITY_SERVICE_DB_PORTOptionalProvide the database port for Identity Service Default: 5432
MDDC_IDENTITY_SERVICE_DB_USERRequiredProvide the database user for Identity Service
MDDC_IDENTITY_SERVICE_DB_PASSWORDRequiredProvide the database password for Identity Service
MDDC_USERRequired

Define the information to initiate the administrator account. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_PASSWORDRequired

Define the information to initiate the administrator account. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_EMAILRequired

Define the information to initiate the administrator account. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_APIKEYOptional

Define the information to initiate the administrator account. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_IDENTITY_SERVICE_CONNECTION_KEYRequiredDefine the connection key in order to register to Control Center. Must be 4 to 64 characters long, using only letters and digits (0–9, a–z, A–Z).
MDDC_IDENTITY_SERVICE_PORTOptionalDefine the expose port for Identity Service Default: 8891
LOG_LEVELOptionalDefine the log level. Default value: info Accepted values: info/debug

Start Identity Service container with docker run:

Bash
Copy

2. MDDC File Storage

Environment VariableNecessityDescription
MDDC_FILE_STORAGE_CONNECTION_KEYRequiredDefine the connection key in order to register to Control Center. Must be 4 to 64 characters long, using only letters and digits (0–9, a–z, A–Z).
MDDC_FILE_STORAGE_PORTOptionalDefine the expose port for File Storage Default: 8890
LOG_LEVELOptionalDefine the log level. Default value: info Accepted values: info/debug

Start File Storage container with docker run

Bash
Copy

3. MDDC Control Center

Environment VariableNecessityDescription
MDDC_LAKE_DB_HOSTOptionalProvide the database host for Data Lake. In case that the end-user does not have the Data Lake, it's required to provide this variable to automate the database preparation
MDDC_LAKE_DB_PORTOptionalProvide the database port for Data Lake Default: 5432
MDDC_LAKE_DB_USEROptionalProvide the database user for Data Lake. In case that the end-user does not have the Data Lake, it's required to provide this variable to automate the database preparation
MDDC_LAKE_DB_PASSWORDOptionalProvide the database password for Data Lake. In case that the end-user does not have the Data Lake, it's required to provide this variable to automate the database preparation
MDDC_WAREHOUSE_DB_HOSTOptionalProvide the database host for Data Warehouse. In case that the end-user does not have the Data Warehouse, it's required to provide this variable to automate the database preparation
MDDC_WAREHOUSE_DB_PORTOptionalProvide the database port for Data Warehouse Default: 5432
MDDC_WAREHOUSE_DB_USEROptionalProvide the database user for Data Warehouse. In case that the end-user does not have the Data Warehouse, it's required to provide this variable to automate the database preparation
MDDC_WAREHOUSE_DB_PASSWORDOptionalProvide the database password for Data Warehouse. In case that the end-user does not have the Data Warehouse, it's required to provide this variable to automate the database preparation
MDDC_CACHE_HOSTOptionalProvide the caching host (Redis).
MDDC_CACHE_PORTOptionalProvide the caching port (Redis)
MDDC_BROKER_HOSTOptionalProvide the broker host (RabbitMQ)
MDDC_BROKER_PORTOptionalProvide the broker port (RabbitMQ)
MDDC_BROKER_USEROptionalProvide the broker username (RabbitMQ)
MDDC_BROKER_PASSWORDOptionalProvide the broker password (RabbitMQ)
MDDC_CONTROL_CENTER_DB_HOSTRequiredProvide the database host for Control Center
MDDC_CONTROL_CENTER_DB_PORTOptionalProvide the database port for Control Center Default: 5432
MDDC_CONTROL_CENTER_DB_USERRequiredProvide the database username for Control Center
MDDC_CONTROL_CENTER_DB_PASSWORDRequiredProvide the database password for Control Center
MDDC_USERRequired

Provide the administrator account that is defined in Identity Service. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_PASSWORDRequired

Provide the administrator account that is defined in Identity Service. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_APIKEYOptional

Provide the administrator account that is defined in Identity Service. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_IDENTITY_SERVICE_HOSTRequiredProvide the Identity Service host in order to add it to Control Center
MDDC_IDENTITY_SERVICE_PORTOptionalProvide the Identity Service port in order to add it to Control Center Default: 8891
MDDC_IDENTITY_SERVICE_CONNECTION_KEYRequiredProvide the Identity Service connection key in order to add it to Control Center. Must be 4 to 64 characters long, using only letters and digits (0–9, a–z, A–Z).
MDDC_CONTROL_CENTER_ENCRYPTION_KEYRequiredDefine the encryption key for communication between Control Center and the services. Must be 32 characters long and contain only lowercase letters (a–z) and digits (0–9)
MDDC_FILE_STORAGE_HOSTRequiredProvide the File Storage host in order to add it to Control Center
MDDC_FILE_STORAGE_PORTOptionalProvide the File Storage port in order to add it to Control Center Default: 8890
MDDC_FILE_STORAGE_CONNECTION_KEYRequiredProvide the File Storage connection key in order to add it to Control Center. Must be 4 to 64 characters long, using only letters and digits (0–9, a–z, A–Z).
MDDC_CERT_PATHOptionalProvide the directory path that contains the certificate and private key in order to enable https Note: when provide this variable, it's supposed to mount this path to /certs/ as volume For example: --volume /your-path:/certs
LOG_LEVELOptionalDefine the log level. Default value: info Accepted values: info/debug

Start Control Center container with Docker run

Bash
Copy

4. MDDC Worker for API Gateway

Environment VariableNecessityDescription
MDDC_WORKER_CONNECTION_KEYRequiredDefine the connection key in order to register to Control Center. Must be 4 to 64 characters long, using only letters and digits (0–9, a–z, A–Z).
MDDC_WORKER_PORTOptionalDefine the expose worker's port. Default: 8893
MDDC_WORKER_HOSTOptionalDefine the worker's host address. If it's not specified, it will get the container's internal IP address
MDDC_CONTROL_CENTER_HOSTRequiredProvide the Control Center's host address
MDDC_CONTROL_CENTER_PORTOptionalProvide the Control Center's port Default: 8892
MDDC_USERRequired

Provide the administrator account that is defined in Identity Service. It can be optional if the end-user provides the MDDC_APIKEY. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_PASSWORDRequired

Provide the administrator account that is defined in Identity Service. It can be optional if the end-user provides the MDDC_APIKEY. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_APIKEYOptional

Provide the administrator account that is defined in Identity Service. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_API_GATEWAY_PORTOptionalDefine the expose port to scan files via API Gateway Default: 8899
LOG_LEVELOptionalDefine the log level. Default value: info Accepted values: info/debug

Start Worker for API Gateway container with Docker run

Bash
Copy

5. MDDC Worker for Core

Environment VariableNecessityDescription
MDDC_WORKER_CONNECTION_KEYRequiredDefine the connection key in order to register to Control Center. Must be 4 to 64 characters long, using only letters and digits (0–9, a–z, A–Z).
MDDC_WORKER_PORTOptionalDefine the expose worker's port. Default: 8893
MDDC_WORKER_HOSTOptionalDefine the worker's host address. If it's not specified, it will get the container's internal IP address
MDDC_CONTROL_CENTER_HOSTRequiredProvide the Control Center's host address
MDDC_CONTROL_CENTER_PORTOptionalProvide the Control Center's port. Default: 8892
MDDC_USERRequired

Provide the administrator account that is defined in Identity Service. It can be optional if the end-user provides the MDDC_APIKEY. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_PASSWORDRequired

Provide the administrator account that is defined in Identity Service. It can be optional if the end-user provides the MDDC_APIKEY. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_APIKEYOptional

Provide the administrator account that is defined in Identity Service. This account is to automatically do the following tasks:

  • Add Redis to Control Center if specified
  • Add RabbitMQ to Control Center if specified
  • Add Data Lake to Control Center if specified
  • Add Data Warehouse to Control Center if specified
  • Add File Storage to Control Center if specified
  • Add Worker to Control Center, upload API Gateway installer to Control Center, and deploy API Gateway to Worker
  • Add Worker to Control Center, upload MetaDefender Core installer to Control Center, and deploy MetaDefender Core to Worker
MDDC_CORE_PORTOptionalDefine the expose port for MD Core Default: 8008
LOG_LEVELOptionalDefine the log level. Default value: info Accepted values: info/debug
MDDC_LICENSE_KEYOptionalProvide the license key to activate MetaDefender Core
MDDC_LICENSE_DESCRIPTIONOptionalDefine description of the license key

Start Worker for Core container with Docker run:

Bash
Copy

Start MetaDefender Distributed Cluster with Docker Compose

  1. Create a local file named docker-compose.yaml and copy the following content to this file:
yaml
Copy
  1. Prepare an environment variable file named .env.example and provide with your own values
  2. Run the application with the command:
YAML
Copy

Known limitation

  • When the host experiences resource limitations or degraded performance, some containers may fail to start properly. In such cases, restarting the container is recommended to restore normal operation.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard