Advanced installation for Unix-based deployments

This page describes in detail how you can achieve the following tasks:

  • Use an external MongoDB server instead of the built-in database
  • Configure HTTPS communication for the web server
  • Install MetaDefender Storage Security on a different disk

Use an external database

Production deployments of MetaDefender Storage Security should ensure high availability and/or load-balancing at the database level by using an external MongoDB (or any compatible service) instead of the built-in database that is included with the basic installation.

We recommend using a version of MongoDB that is the same as the built-in database version from the system requirements page.

How to setup an external MongoDB in MetaDefender Storage Security

The following steps should be performed before initializing MetaDefender Storage Security for the first time (i.e before the mdss -u init command from the installation guide).

These steps can be performed after the installation or at any other time but the existing data (if any) will be lost. In this case, the last step should be replaced with a restart instead of a start command.

  1. Ensure that your external MongoDB is properly configured and ready to accept remote connections

Note: it is recommended to setup access control for your external database as well as taking the necessary network security measures to ensure that only the server running MetaDefender Storage Security can access the database.

  1. Locate the configuration file created by the installer in /etc/mdss/customer.env
  2. Add the following configuration line:
Copy
  1. Please check the connection string documentation for more information. Make sure you add MDCS as the target database as shown in the example above.
  2. Save the file.
  3. Initialize MetaDefender Storage Security by running the following command:
Copy
  1. Return to the installation process and continue the installation.

MongoDB advanced setup

For special use cases you may need to backup your database or restore it. MetaDefender Storage Security allows you to do this by using the following commands

Copy

Running this command will create a dump file in /etc/mdss/db_[...].tar this file can be use afterwards as a restore file using the import command:

Copy

The import_db utility will use the latest db_[...].tar file as restore point

Configure HTTPS communication for the web server

Production deployments should ensure that any HTTP traffic between clients (browsers or other API client) and MetaDefender Storage Security is encrypted using HTTPS.

Click here for detailed instructions on how to setup a certificate for NGINX web server.

Install MetaDefender Storage Security on a different disk

The following steps should be performed before initializing MetaDefender Storage Security for the first time (i.e before the mdss -u init command from the installation guide).

These steps should be performed right after the installation of Docker so that no data is lost.

  1. First make sure Docker is not running and the default directory is clean
  2. Remove existing images and volumes
Copy
  1. Stop Docker
Copy
  1. Remove the default Docker location
Copy
  1. Create a new empty directory in the default location
Copy
  1. Create a new empty directory on the new partition
Copy
  1. Mount the new location in the default directory
Copy
  1. Start back the docker service
Copy
  1. Initialize MetaDefender Storage Security by running the following command:
Copy
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard