Server Host Requirements
Whether the installation is PoC or Production will determine the Kondukto server requirements.
This page will help you determine the appropriate system resources to allocate for your Kondukto instance.
All-In-One Installation
| Purpose | Cores | RAM (GB) | Disk Space (GB) | OS | Web Server | Other Required Software |
|---|---|---|---|---|---|---|
| Kondukto PoC | 4 | 16 | 90 | Debian & RHEL based distros | Latest Nginx | Latest Docker & Docker Compose Latest Git |
| Kondukto Production | 8 | 32 | 250 | Debian & RHEL based distros | Latest Nginx | Latest Docker & Docker Compose Latest Git **MongoDB 5 + |
** Note: It will be necessary if your organization does not prefer to use Docker for the database environment, but this is optional.
During the PoC phase, the database will be hosted on a Docker container for quick responsiveness.
The services (Jira, Jenkins, etc.) that Kondukto will be orchestrating will also need to be connected to the server.
Distributed Installation
Depending on the usage intensity of Kondukto, this installation option can be applied.
Usage intensity depends on the number of the following values:
- Projects
- Users
- Scans
| Server | Cores | RAM (GB) | Disk Space (GB) | OS | Web Server | Other Required Software |
|---|---|---|---|---|---|---|
| Application Server | 4 | 32 | 90 | Debian & RHEL based distros | Latest Nginx | Latest Docker & Docker Compose Latest Git |
| Database Server | 8 | 32 | 250 | - | - | MongoDB 5 + |
This installation is recommended when the resources of the Docker database environment or the server that is used as both application and database servers are insufficient.
"SCRAM-SHA-1" and "SCRAM-SHA-256" are the default authentication mechanisms used by Kondukto for the DB.
Network Requirements
The following services should be reachable by the Kondukto host:
- Application Lifecycle Management(ALM) tools such as Github, Gitlab, etc.,
- Issue Manager Service,
- Scanner Tools,
- Docker.hub(source)
- https://hub.docker.com
- https://registry-1.docker.io
- https://production.cloudflare.docker.com
- https://login.docker.com
- or your private container registry,
- Registration server: https://control-panel.kondukto.io
- Demohub server(optional): https://demohub.kondukto.io
- SBOM Radar (optional): https://api.osv.dev
- Download server: https://download.kondukto.io
- SecureCodeWarrior(optional): https://integration-api.securecodewarrior.com
- SecureFlag(optional): https://knowledge-base.secureflag.com
- EPSS: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
- EPSS: https://api.first.org/data/v1/epss
Best Practices For The Kondukto Environment
- The Kondukto Application Server will perform better with r5.xlarge instances and gp3 disks if AWS is used.
- Installing the DB as a cluster would make your environment more redundant against possible corruption issues. It will also make the I/O faster.
- Getting a daily backup of the environments is recommended to have data recovery plans.
- While sizing the disk, make sure these three paths have at least 20 GB of space separately:
- /opt/
- /tmp
- /var/log/
Updated 6 months ago