Description of cbw-on-premise services

The Cyberwatch software is based on Docker images. It is possible to use Docker swarm or Kubernetes as an orchestrator to manage the containers. These containers provide a set of services working and communicating together that make up for the main functions of the software suite.

This documentation lists and describes all services necessary for the cbw-on-premise suite, and also indicates their presence on Cyberwatch servers depending on the architecture type deployed.

The status of these services can be consulted from the Cyberwatch server, with the following command:

sudo cyberwatch status

If one service is not running, consult its logs.

Description of each service

db: MariaDB database in which the application data is stored.
nginx: Web server responsible for the interface between the application and the outside world. The service redirects requests to the appropriate container (web, kibana, third_parties).
web: Olympe container responsible for processing web requests.
sidekiq: Olympe container responsible for the execution of jobs in asynchronous mode. The service run all tasks that do not need to be performed on a particular scanner.
sidekiq_node: Similar to sidekiq but used to perform tasks on a particular scanner. In particular, the service is responsible for connecting to supervised machines in agentless mode.
cron: Application task scheduler.
redis: RAM database used for the task stack.
cache: RAM database used for the application’s cache.
elasticsearch: Container responsible for Elasticsearch indexes.
kibana: Visualization tool to create custom dashboards.
third_parties: Container containing the Windows cab file.

Services expected on each node

Service	Master node	Independent satellite node	Integrated satellite node (Swarm)
db	✓
nginx	✓	✓	✓
web	✓	✓	✓
sidekiq	✓	✓
sidekiq_node	✓	✓	✓
cron	✓
redis	✓
cache	✓	✓
elasticsearch	✓
kibana	✓
third_parties	✓⁽¹⁾	✓ ⁽¹⁾	✓⁽¹⁾

⁽¹⁾ Only on offline nodes.