AppSentinels Controller Deployment

The AppSentinels Controller processes API traffic from Sensors, and forwarding it to the Cloud Platform. This enables API discovery, parameter analysis, and AI/ML-driven security insights. As the first line of defense, the Controller detects and mitigates API attacks in real-time, enforcing security policies either directly or through Firewalls and API Gateways to ensure robust application protection.

Prerequisites

The following requirements must be met for deploying the AppSentinels Controller:

System Requirements

Required Packages

Network Connectivity Requirements

Deployment Options

AppSentinels Controller is available as a containerized application and can be deployed in a Docker or Kubernetes environment.

AppSentinels Controller Configuration Parameters

The following table provides details of the essential configuration parameters required for deploying the AppSentinels Controller. These parameters define the controller's connectivity, authentication, and integration with the application environment.

Parameter Description Example
SAAS_SERVER_NAME The fully qualified domain name (FQDN) of the AppSentinels Security Platform. cloud.appsentinels.com
SAAS_API_KEY_VALUE The API key used to authenticate the controller. *******
APPLICATION_DOMAIN The domain of the application integrated with the controller. PartnerApps
ENVIRONMENT The deployment environment where the controller is running. Production or Staging

Deploying Controller Using Docker-Compose

Use the following YAML configuration:

Copy
          
version: "3.3"

volumes:
  appsentinels_onprem_config: {}

services:
  ng-edge-controller:
    container_name: appsentinels-controller
    restart: on-failure:5
    image: appsentinels/ng-controller:latest
    hostname: appsentinels-controller-prod
    environment:
      - APPLICATION_DOMAIN=<App Domain>
      - ENVIRONMENT=<App Environment>
      - SAAS_SERVER_NAME=<AppSentinels-Platform-FQDN>
      - SAAS_API_KEY_VALUE=<API-KEY>
    ports:
      - "9004:9004"
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
      resources:
        limits:
          cpus: '4'
          memory: 8192M      
    logging:
      driver: local
      options:
        max-size: 10m
    volumes:
      - appsentinels_onprem_config:/usr/local/appsentinels-onprem/config
        

To deploy the controller using the above Docker Compose configuration, execute the following command in the terminal:

docker-compose -f docker-compose.yaml up -d

Deploying Controller Using Kubernetes

Use the following Kubernetes Deployment configuration:

Copy
          
apiVersion: apps/v1
kind: Deployment
metadata:
  name: appsentinels-controller
  labels:
    app: appsentinels-controller
spec:
  replicas: 1
  selector:
    matchLabels:
      app: appsentinels-controller
  template:
    metadata:
      labels:
        app: appsentinels-controller
    spec:
      containers:
        - name: appsentinels-controller
          image: appsentinels/ng-controller:latest
          imagePullPolicy: Always
          ports:
            - containerPort: 9004
          env:
            - name: APPLICATION_DOMAIN
              value: "<App Domain>"
            - name: ENVIRONMENT
              value: "<App Environment>"
            - name: SAAS_SERVER_NAME
              value: "<AppSentinels-Platform-FQDN>"
            - name: SAAS_API_KEY_VALUE
              value: "<API-KEY>"
          resources:
            limits:
              memory: "8192Mi"
              cpu: "4"
          readinessProbe:
            httpGet:
              path: /dp-ready
              port: 9004
            initialDelaySeconds: 180
            periodSeconds: 5
            timeoutSeconds: 5
            successThreshold: 1
            failureThreshold: 3
          livenessProbe:
            httpGet:
              path: /dp-health
              port: 9004
            initialDelaySeconds: 30
            periodSeconds: 5
            timeoutSeconds: 5
            successThreshold: 1
            failureThreshold: 3          
          volumeMounts:
            - name: config-volume
              mountPath: /usr/local/appsentinels-onprem/config
      restartPolicy: Always
      volumes:
        - name: config-volume
          emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
  name: appsentinels-controller-service
spec:
  selector:
    app: appsentinels-controller
  type: ClusterIP
  ports:
    - name: http-9004
      port: 9004
      targetPort: 9004
        

To deploy the controller using the above Kubernetes configuration, execute the following command in the terminal:

kubectl apply -f <kubernetes-deployment.yaml>