VM Scale Set

Steps to follow for a Production Environment

When running MetaDefender Core is needed to generate a Azure VM image with the desired configuration as the image published in the Azure Marketplace is only covering one use case and is not recommended to be used for production.

Create Networking and Resource Group for MetaDefender
Create Azure PostgreSQL in case of wanting remote database (Optional but recommended)
Create Azure VM (Linux or Windows) and follow the installation process for the desired OS. See Installation
1. Generate an APIKEY from the UI and save it for later.
2. Generate a Azure VM image based on the current VM
Create a Azure VMSS
Create the Licensing Automation. Following Licensing Automation on Azure page

Running a POC Environment using Terraform example

For a multi instance deployment of MetaDefender Core in Azure you can use the terraform code provided by OPSWAT to test this deployment type.

This terraform code is just an example to test the deployment type. Customers can reuse the code as needed.

Prerequisites and Requirements

Azure knowledge: This guide assumes familiarity with Azure Services

Azure account: needs permission to create Azure Services listed in Recommended Architecture for Azure

Tools installation: Terraform

System/OS requirements

For OS, database type, 3rd party dependencies and storage requirements on Windows installations, please refer to the Microsoft Windows Deployments section of the Recommended System Configuration page.

For OS, database type, 3rd party dependencies and storage requirements on Linux installations, please refer to the Linux Deployments section of the Recommended System Configuration page.

Deploy using Terraform

Locally clone the metadefender-csp repository and go to Azure/vm-scale-set-deployment

Bash
    
 
git clone git@github.com:OPSWAT/metadefender-csp.gitcd Azure/vm-scale-set-deployment
Copy

Deploy activating the instances using Azure Function

Modify terraform.tfvars with the desired options
- (Required) VM_PWD required to access to the instances (ssh or RDP)
- (Required) LICENSE_AUTOMATION_FUNCTION= true required if wanted to have the instance activated automatically
- (Required) APIKEY_GENERATION=false only supported for User-data. The instance is activated with temporary session id
- (Required) LICENSE_KEY_CORE required if wanted to have the instance activated automatically
- There is one general section and one section for each product that is supported using this Terraform project in case of needing to install additional OPSWAT products

terraform.tfvars
    
​x
 
# General variables​RG_NAME                 = "opswatmd" # Prefix to add to all the resourcesMD_REGION               = "eastus" # Region for all the resourcesMD_VNET_CIDR            = "192.168.0.0/16"  # VPC CIDR where to create the MetaDefender productsPUBLIC_ENVIRONMENT      = trueAPIKEY_GENERATION       = falseIMPORT_RG               = falseVM_PWD                  = ""LICENSE_AUTOMATION_FUNCTION   = true​# MetaDefender Core variables​DEPLOY_CORE             = trueCORE_INSTANCE_TYPE      = "Standard_D8s_v5"   # Instance type for MetaDefender CoreLICENSE_KEY_CORE        = ""APIKEY                  = ""CORE_USER               = ""CORE_PWD                = ""OFFER_PRODUCT_CORE      = "opswat-mdcore-linux"  # Windows opswat-mdcore-windowsSKU_CORE                = "opswat-mdcore-linux"  # Windows opswat-mdcore-windowsNUMBER_INSTANCES_CORE   = 2
Copy

Run terraform init and apply. Check the resource to be created, after that enter "y"

Bash
    
 
terraform initterraform apply
Copy

Deploy activating the instances using the User-Data (POC Only)

Modify terraform.tfvars with the desired options
- (Required) LICENSE_KEY_CORE required if wanted to have the instance activated automatically
- (Required) APIKEY_GENERATION=true to have the apikey generated by terraform. Need to activate the instance automatically
- There is one general section and one section for each product that is supported using this Terraform project in case of needing to install additional OPSWAT products

terraform.tfvars
    
 
# General variables​RG_NAME                 = "metadefender" # Prefix to add to all the resourcesMD_REGION               = "eastus" # Region for all the resourcesMD_VNET_CIDR            = "192.168.0.0/16"  # VPC CIDR where to create the MetaDefender productsPUBLIC_ENVIRONMENT      = trueAPIKEY_GENERATION       = trueIMPORT_RG               = falseVM_PWD                  = "<SET_UP_VM_PWD>"​# MetaDefender Core variables​DEPLOY_CORE             = trueCORE_INSTANCE_TYPE      = "Standard_D8s_v5"   # Instance type for MetaDefender CoreLICENSE_KEY_CORE        = ""OFFER_PRODUCT_CORE      = "opswat-mdcore-linux"  # Windows opswat-mdcore-windowsSKU_CORE                = "opswat-mdcore-linux"  # Windows opswat-mdcore-windowsNUMBER_INSTANCES_CORE   = 2
Copy

Run terraform init and apply. Check the resource to be created, after that enter "y"

Bash
    
 
terraform initterraform apply
Copy

Next Steps

Create Azure function to handle the license automation to Azure function App using Visual Studio Code, or Command Line. See Licensing Automation on Azure
After the function is created withing the Azure Function App. We need to trigger the function using Azure Alerts based on the

Last updated on

Was this page helpful?