$ helm repo add sdelements https://repository.securitycompass.com/artifactory/sde-helm-prod \
--username ${SERVICE_USERNAME} --password ${SERVICE_PASSWORD}
"sdelements" has been added to your repositories
Requirements
SD Elements Service Accounts
An SD Elements service account is used to access our Helm chart repository and Docker registry. These credentials are provided by the Security Compass support team: sdesupport@securitycompass.com.
Add the sdelements/sde
repo using the helm repo add command.
$ helm search repo sdelements
NAME CHART VERSION APP VERSION DESCRIPTION
sdelements/sde [SDE_VERSION] [SDE_VERSION] SDElements by Security Compass Ltd.
Software
There are a variety of methods of orchestrating a containerized application, and platforms which support this. SD Elements requires the following:
-
Helm >= 3.10.0, preferably latest
-
A platform which supports deploying containers using Helm
-
If using Kubernetes, you must use a kubectl version that is within one minor version difference of your cluster. For example, a v1.30 client can communicate with v1.29, v1.30, and v1.31 control planes. Using the latest compatible version of kubectl helps avoid unforeseen issues. See this link for the official documentation on the matter.
-
A storage provider with support for the
ReadWriteOnly
Kubernetes storage modeStarting with the SD Elements 2022.3 release, the ReadWriteMany
storage mode being replaced withReadWriteOnly
. Existing deployments will need it until they get upgraded to version 2022.3. A kubernetes based storage is required forReadWriteOnly
. -
An ingress controller or load balancer that allows external clients to reach the SD Elements web deployment, and the ability to deploy SD Elements within such an environment. For proper configuration, consult the documentation for the solution that you selected for your environment.
-
Name resolution both within the Kubernetes cluster and for endpoints outside of it. This may be accomplished with an open-source CNI (Container Network Interface) plugin, or if using a cloud Kubernetes environment its native name resolution system.
Hardware
The requirements below are the minimal node compute resources that should be able to support both Kubernetes and SD Elements.
-
Cloud platforms that support Kubernetes will configure and manage the Kubernetes control plane, leaving the data plane resources as configurable. The total amount of resources for SD Elements should be the equivalent of no less than 1 vCPUs and 4GB RAM, as well as EBS/Block storage is for
ReadWriteOnly
storage mode. -
For bare metal Kubernetes clusters, those where both the control plane and data plane are managed by the administrators who will deploy SD Elements, the cluster should consist of at least 3 control plane nodes, and 5 data plane nodes each using 4 vCPUs and 8GB RAM.
Kubernetes Cluster
-
SD Elements may be deployed in a new or existing Kubernetes cluster.
-
SD Elements may be deployed in a cloud or on-premise environment.
-
The officially-supported Kubernetes platforms are AWS Elastic Kubernetes Service (EKS) and Red Hat Openshift.
-
While any Kubernetes platform may be used, only those listed above are guaranteed to be warrantied. Support and troubleshooting on all others will be provided on a best effort basis.
-
See the Tested Versions table for the supported versions of these platforms.
-
Access & Permissions
VM Environment | Container Environment |
---|---|
|
|
Shared Object Storage
SD Elements shares files internally among its microservices. When you install or upgrade SD Elements, you will need to configure Shared Object Storage to facilitate API object storage.
Tested Versions
The table below contains versions of SD Elements that are deployable on corresponding versions of Kubernetes. While all listed versions should work, those emphasized in bold and italics represent deployments verified by QA.
SD Elements Version | Microk8s Version | EKS Version | OpenShift Version |
---|---|---|---|
5.12.29 | 1.18 1.19 1.20 1.21 | 1.18 | |
5.13.38 | 1.18 1.19 1.20 1.21 | 1.18 | |
5.14.17 | 1.18 1.19 1.20 1.21 | 1.18 | |
5.15.17 | 1.18 1.19 1.20 1.21 | 1.18 | |
5.16.25 | 1.18 1.19 1.20 1.21 | 1.18 1.19 | |
5.17.19 | 1.18 1.19 1.20 1.21 | 1.18 1.19 | |
5.18.24 | 1.18 1.19 1.20 1.21 | 1.18 1.19 | |
5.19.21 | 1.18 1.19 1.20 1.21 | 1.18 1.19 | |
5.20.19 | 1.18 1.19 1.20 1.21 | 1.18 1.19 1.20 | |
2022.2.XX | 1.18 1.19 1.20 1.21 | 1.18 1.19 1.20 1.21 | 4.8 |
2022.3.XX | 1.21 1.22 | 1.20 1.21 1.22 | 4.8 |
2022.4.XX | 1.21 1.22 1.23 | 1.20 1.21 1.22 1.23 | 4.9 |
2023.1.XX | 1.22 1.23 1.24 1.25 1.26 | 1.23 | 4.11 |
2023.2.XX | 1.22 1.23 1.24 1.25 1.26 | 1.23 | 4.11 |
2023.3.XX | 1.22 1.23 1.24 1.25 1.26 1.27 1.28 | 1.24 | 4.12 |
2023.4.XX | 1.22 1.23 1.24 1.25 1.26 1.27 1.28 | 1.25 | 4.12 |
2024.1.XX | 1.22 1.23 1.24 1.25 1.26 1.27 1.28 | 1.26 | 4.12 |