# Infrastructure Deployment ### 1. Access the StackStorm and Initiate Workflows * Log in to StackStorm: Access the StackStorm interface by logging in through the Virtual Machine's IP address. * Initiate the Workflow: Enter the required credentials to start the deployment workflow. * Run the Workflow: Once credentials are entered, execute the workflow to trigger the infrastructure creation process. ### 2. Infrastructure Setup via Terraform The deployment workflow triggers a Terraform action that automates the provisioning and configuration of the infrastructure. This includes the following core steps: #### Network Setup * Virtual Network: A dedicated virtual network is provisioned, featuring subnets across multiple availability zones or data centers to ensure redundancy and high availability. * Network Interfaces: The configuration includes network interfaces for the virtual machines or nodes in the Kubernetes cluster to ensure seamless communication across required services. * Security Rules: Firewall and security rules are defined to control inbound and outbound traffic. These rules are configured to allow only authorized traffic (e.g., SSH, HTTP, HTTPS) to access the resources. #### Add-ons & Plugins * Storage Integration: Necessary Container Storage Interfaces (CSI) or other relevant drivers are installed to support persistent storage integration and enable dynamic provisioning of storage for applications. * Cluster Add-ons: Other essential add-ons, such as monitoring tools or logging utilities, are configured as required. #### Kubernetes Cluster Setup The Kubernetes cluster is deployed and configured to handle the required workloads efficiently. **Node Deployment** A total of five virtual machines (VMs) are deployed with the following specifications for the Kubernetes cluster: * 4 vCPU per node * 32GB Memory (GiB) per node * Network bandwidth up to 12.5 Gbps per node **Autoscalers** * Horizontal Pod Autoscaler (HPA): Configured to dynamically scale the number of pods based on workload. * Vertical Pod Autoscaler (VPA): Configured to adjust resource allocations (CPU and memory) for pods to meet performance demands. * Load Balancers: Load balancers are set up to evenly distribute network traffic across the deployed services, ensuring efficient traffic management and optimal performance. ### 3. Service Deployment The necessary services are deployed across different environments, including * Managed Security Service Providers (MSSP) * Distributors * System Integrators (SI) * Direct customer environments ### 4. Final Setup Using Python Service: A Python service is implemented to automatically store essential metadata related to the cluster in the database. The stored information includes: * Organization Name * Cluster Role ARN * Service Load Balancers * Cluster Name By following these steps, the infrastructure and services necessary for HawkShield’s data security solution are successfully deployed, ensuring a reliable and secure environment for all users.