Physical or Virtual Machine-Based Setup
Before executing the setup, please ensure System requirements are met and that any necessary dependencies are installed.
Installation order
MetaDefender Distributed Cluster consists of the following components along with their corresponding default ports.
| Step | Component | How to install (short name) | Default port | 
|---|---|---|---|
| 1 | Redis Caching Server | Redis | 6379 | 
| 2 | RabbitMQ Message Broker | RabbitMQ | 5672 | 
| 3 | PostgreSQL Database Server | PostgreSQL | 5432 | 
| 4 | MetaDefender Distributed Cluster File Storage | MDDC File Storage | 8890 | 
| 5 | MetaDefender Distributed Cluster Identity Service | MDDC Identity Service | 8891 | 
| 6 | MetaDefender Distributed Cluster Control Center | MDDC Control Center | 8892 | 
| 7 | MetaDefender Distributed Cluster Worker | MDDC Worker | 8893 | 
The system administrator should adhere to the following service installation sequence to prevent conflicts:
- Install Redis, RabbitMQ, Postgres, MDDC File Storage, MDDC Identity Service.
- Install MDDC Control Center.
- Install MDDC Worker on the targeted machines (for deploying MDDC API Gateway or MetaDefender Core).
An exception rule for the firewall needs to be created to permit both incoming (inbound) and outgoing (outbound) connections to every component.
While many components can be set up on a single machine, they should be installed individually on different machines according to their features. Kindly consult Best practices for further information.
Installation
Install Redis Caching Server
Redis version 7.0 or higher is required.
Only Redis on Linux is officially recommended.
- Follow steps to install Redis Caching server.
- Access Redis configuration file/etc/redis/redis.conffor editing.
- Comment out the bindsetting and setprotected-modeoption to no.
...# The following line should be commented# bind 127.0.0.1...# The following line should be uncommented and set to noprotected-mode no...- Restart the service.
# Red Hat/Rocky $ sudo systemctl enable redis $ sudo systemctl restart redis# Debian/Ubuntu$ sudo systemctl enable redis-server$ sudo systemctl restart redis-serverInstall RabbitMQ Message Broker
RabbitMQ version 3.13.0 or higher is required.
RabbitMQ functions effectively only with specific supported versions of Erlang. Please refer to the link for the Erlang-RabbitMQ compatibility matrix.
Windows
- Download Erlang and follow the instructions to install Erlang.
- Download RabbitMQ for Windows.
- Run the executable file as administrator, follow instructions to complete the RabbitMQ installation.
- In Command Prompt, change working directory to <RabbitMQ installation folder>/rabbitmq_server-<version>/sbinand run the following command:
> rabbitmqctl.bat add_user <username> <password>> rabbitmqctl.bat set_permissions -p / <username> "." "." "."> rabbitmqctl.bat set_user_tags <username> administratorLinux
- Download Erlang and follow the instructions to install Erlang and its dependencies.
- Download RabbitMQ for Red Hat/Rocky or Debian/Ubuntu .
- In Terminal, run the following command:
# Red Hat/Rocky$ sudo rpm -Uvh --nodeps rabbitmq-server-<rabbitmq version>.el8.noarch.rpm$ sudo systemctl enable rabbitmq-server$ sudo systemctl start rabbitmq-server # Debian/Ubuntu$ sudo dpkg -i rabbitmq-server_<rabbitmq version>_all.deb- In Terminal, run the following command:
$ sudo rabbitmqctl add_user <username> <password>$ sudo rabbitmqctl set_permissions -p / <username> "." "." "."$ sudo rabbitmqctl set_user_tags <username> administratorInstall PostgreSQL Database Server
PostgreSQL version 16.9 or higher is required.
pg_trgm extension is required for PostgreSQL running on Linux.
- Download PostgreSQL Database Server.
- Follow steps to setup Postgres Database Server to allow connections from external applications.
- Restart Postgres Database Server.
Install MDDC File Storage
- Build Ignition file for MDDC File Storage service.
- Start Command Prompt as Administrator on Windows or Terminal on Linux and run the following command:
# Windows> msiexec.exe /i <mddc_file_storage_package> /qn# Debian or Ubuntu$ sudo apt -y install uuid$ sudo dpkg -i <mddc_file_storage_package> || sudo apt install -f# Red Hat or Rocky$ sudo dnf -y install uuid$ sudo yum install <mddc_file_storage_package> -y- Check the service status.
Install MDDC Identity Service
- Build Ignition file for MDDC Identity Service.
- Start Command Prompt as Administrator on Windows or Terminal on Linux and run the following command:
# Windows> msiexec.exe /i <mddc_identity_service_package> /qn# Ubuntu or Debian$ sudo apt -y install uuid$ sudo dpkg -i <mddc_identity_service_package> || sudo apt install -f# Red Hat or Rocky$ sudo dnf -y install uuid$ sudo yum install <mddc_identity_service_package> -y- Check the service status.
Install MDDC Control Center
- Build Ignition file for MDDC Control Center service.
- Start Command Prompt as Administrator on Windows or Terminal on Linux and run the following command:
# Windows> msiexec.exe /i <mddc_control_center_package> /qn# Ubuntu or Debian$ sudo apt -y install uuid$ sudo dpkg -i <mddc_control_center_package> || sudo apt install -f# Red Hat or Rocky$ sudo dnf -y install uuid$ sudo yum install <mddc_control_center_package> -y- Check the service status.
Setup Data Lake and Data Warehouse
- Go to  C:\Program Files\OPSWAT\MetaDefender Distributed Cluster Control Centerdirectory in Windows Command Prompt or/usr/sbindirectory in Linux Terminal.
- Run the following command:
    # Windows> mddc-dbready.exe --host=<postgres-host> --port=<postgres-port> --user=<postgres-user> --password=<postgres-password> --target=lake,warehouse# Linux (Ubuntu, Debian, Red Hat or Rocky)$ mddc-dbready --host=<postgres-host> --port=<postgres-port> --user=<postgres-user> --password=<postgres-password> --target=lake,warehouseMake sure the postgres-user possesses superuser rights to successfully create the database.
Install MDDC Worker
You need to prepare at least two workers: one for MetaDefender Core and the other for MDDC API Gateway.
- Build Ignition file for MDDC Worker service.
- Start Command Prompt as Administrator on Windows or Terminal on Linux and run the following command:
# Windows> msiexec.exe /i <mddc_worker_package> /qn# Ubuntu or Debian$ sudo apt -y install uuid$ sudo dpkg -i <mddc_worker_package> || sudo apt install -f# Red Hat or Rocky$ sudo dnf -y install uuid$ sudo yum install <mddc_worker_package> -y- Check the service status.
- Repeat the above steps for other MDDC Workers.
Configurations
When all MDDC Worker instances are installed successfully, it marks a completed installation. Now, heading to essential configuration steps.
Connect essential services
Essential services for the Distributed Cluster includes Redis, Postgres, RabbitMQ, and MDDC File Storage.
The system is operational only when MDDC Control Center can effectively connect to all essential services.
- Sign in to MDDC Control Center web console with the initial administrator user account that you created in Install MDDC Identity Service.
- Go to Inventory>Services, open the relevant service category, and click onAdd service.

- Complete all necessary fields as specified by the selected services.

- Save result.
- Check status of the service connections.

Submit MetaDefender Core and MDDC API Gateway installers
The installers of MetaDefender Core and MDDC API Gateway will be subsequently deployed on MDDC Worker remotely by MDDC Control Center.
Various versions of installation files may be submitted to MDDC Control Center. The correct version to install will be chosen during Deployment phase.
- Sign in to MDDC Control Center web console with the initial administrator user account that you created in Install MDDC Identity Service.
- Go to Inventory> Installers and selectUpload installer.
- Select MetaDefender Core or MDDC API Gateway installation files.
- Click Upload.

Connect to MDDC Workers
- Sign in to MDDC Control Center web console with the initial administrator user account that you created in Install MDDC Identity Service.
- Go to Inventory>Workersand selectAdd workers.
- Complete the required fields to add new workers and select Submit.

- Check the status of MDDC Worker connections.

Deploy MetaDefender Core and MDDC API Gateway instances
- Sign in to MDDC Control Center web console with the initial administrator user account that you created in MDDC Identity Service.
- Go to Inventory>Workersand selectDeploy workers.
- Choose the workers for deployment and decide which package will be deployed on the workers.

The license to activate MetaDefender Core instances can be selected in this phrase.
Advanced settings (enable HTTPS, select log level, define engine parallel count, etc.) are configurable.
- Choose Next.
- Confirm the deployment details, then click DeployandFinish.
- Hold off until the deployment is completed successfully.

- Once the system is up, MDDC API Gateway can efficiently accept scan requests.
