docker-misp icon indicating copy to clipboard operation
docker-misp copied to clipboard

Published 20 hours ago verified publisher icon coolacid

Kurbenetes Manifest

Open georgesouzafarias opened this issue 4 years ago • 4 comments

Hello,

I am working on write the Kubernetes manifest for this project.

It is already working in the development environment, but I have some doubts, but for now:

Which are directory persistent? Or all important data is kept in DB?

If you have some interesting in these manifests let me know, that I can share with you.

And, you did a great job congratulations.

Thank you.

georgesouzafarias avatar Jun 08 '20 21:06 georgesouzafarias

I've never used Kube, so you'll have to take some of my info with sugar ;)

Here's the volume mounts that I typically use: https://github.com/coolacid/docker-misp/blob/master/docker-compose.yml#L31-L35

The important one is the /var/www/MISP/app/files which stores a bunch of stuff that is uploaded, additionally, the config directory is important.

A gotcha that I haven't figured out how to fix is https://github.com/coolacid/docker-misp/issues/35

All the rest of the data is in the DB.

If you get it working, Maybe a wiki page? Or does it make sense to include it in a sub-directory of the project? Again, never Kube'd so I don't know what's best.

coolacid avatar Jun 08 '20 22:06 coolacid

Perfect, so let's do this way.

I'm going to prepare the manifests to be agnostic for everyone, and We can put it into a sub-directory and write a wiki page.

About #35 I have an idea to fix that using volumeMount on Kubenetes. Have you tried another volume path in docker-compose?

Thank you for all information.

georgesouzafarias avatar Jun 08 '20 22:06 georgesouzafarias

The problem with #35 is the directory layout. Only the logos are dynamic, everything else is static, so to volume mount it, I'd have to move the data into a .dist DIR and rsync it every startup. I potentially could. But, It's something I need to raise to the MISP team.

Edit: I just re-looked at #35 and the layout, and I remember now why I didn't do that. I didn't want yet another volume mount. I'm thinking of submitting a MISP PR that handles org logos so it can be stored in a more dynamic location.

coolacid avatar Jun 09 '20 00:06 coolacid

I see, that a problem, with Kubernetes we be able to replace just a file with subPath + configmap.

I suppose that you can bind a file to another one, for example:

docker run --name test -d -p "80:80" \
  -v ${PWD}/test:/test nginx

Have tried it?

But, it is such as a good idea contact the MISP Team, maybe there is another away to put the logos.

georgesouzafarias avatar Jun 09 '20 00:06 georgesouzafarias