OpenCTI EE deployment on Kubernetes
Introduction
Filigran provides a helm chart and this documentation to its on-premise customers. Please note that these resources are not public and cannot be redistributed.
The helm chart can be used to deploy either OpenCTI components only, or OpenCTI and the required backends/databases (Elasticsearch, RabbitMQ, MinIO, Redis). In this case, the helm chart is not self-sufficient and relies on other softwares that need to be installed on the Kubernetes cluster: operators.
Info
Each component can be selected separately. It is thus possible to mix externally-managed backend dependencies and helm-managed dependencies (for example: by using ElasticSearch managed service (external) but rely on the helm chart to setup the other dependencies).
Externally VS Helm managed backend dependencies
-
Externally managed backends
With external backends, OpenCTI consists only of a set of stateless components.
Use this mode if you don't want to deal with the constraints of managing data on your Kubernetes cluster or if you already have easily access to those backends as managed services (for example through your infrastructure provider).
-
Internally managed backends
With Helm managed backends, the operators are in charge of managing their own backend with the use of Kubernetes Custom Resource Definitions (with the exception of Redis).
Each operator is installed in a dedicated namespace, the Helm chart only configure the related custom resource definitions.
Use this mode if you are confident with the management of stateful applications on your Kubernetes cluster and if you want full control and no external traffic on your various backends.
Additional resources
Below, you will find external resources which may be useful along your journey.