Setting up

This documentation will guide you through the process of deploying Raven, a powerful platform designed to drastically deprioritize vulnerabilities, stop application attacks early in the kill chain and prevent vulnerabilities in the first place with runtime patching.

The deployment process involves setting up the necessary cloud infrastructure, IAM permissions, and then deploying the Raven platform on a kubernetes cluster using Helm charts.

Currently, this documentation supports deployment to AWS, GCP, and Azure. The Raven platform is designed to be cloud agnostic, allowing deployment to any cloud provider. While our current documentation is focused on AWS, GCP, and Azure, you are encouraged to attempt deployments on other cloud providers as it should work seamlessly. We are actively working on expanding our documentation to cover more cloud providers in the near future. Stay tuned for updates.

Prerequisites

Before you begin, ensure you have the following:

  • An AWS, GCP, or Azure account with the necessary permissions to create and manage resources.
  • Kubernetes command-line tool (kubectl) installed.
  • Helm package manager installed.
  • Docker installed and configured.

Raven Platform Components

Postgres (AWS RDS Aurora / GCP Cloud SQL / Azure Database for PostgreSQL)

PostgreSQL is a powerful, open-source object-relational database system known for reliability and performance. AWS RDS Aurora, GCP Cloud SQL, and Azure Database for PostgreSQL simplify its setup, operation, and scaling in the cloud.

Blob Storage (AWS S3 / GCP Cloud Storage / Azure Blob Storage)

Blob storage stores large amounts of unstructured data like program traces and stats files. AWS S3, GCP Cloud Storage, and Azure Blob Storage offer scalable, secure object storage for various use cases.

Redis (AWS ElastiCache / GCP Memorystore / Azure Cache for Redis)

Redis is an in-memory data store used as a database, cache, and message broker. AWS ElastiCache, GCP Memorystore, and Azure Cache for Redis manage deployment, operation, and scaling in the cloud.

ClickHouse (AWS EC2 / GCP Compute Engine / Azure Virtual Machines)

ClickHouse is a fast open-source column-oriented database management system that allows generating analytical data reports in real-time using SQL queries. AWS EC2, GCP Compute Engine, and Azure Virtual Machines provide the scalable compute capacity needed to self-host ClickHouse effectively.

Event Processing (AWS Lambda / GCP Cloud Run / Azure Container Apps)

Event processing captures and responds to system changes in real-time. AWS Lambda, GCP Cloud Run, and Azure Container Apps allow serverless execution of code triggered by other cloud services.

Kubernetes (AWS EKS / GCP GKE / Azure AKS)

Kubernetes is an open-source platform for automating the deployment, scaling, and management of containerized applications. AWS EKS (Elastic Kubernetes Service), GCP GKE (Google Kubernetes Engine), and Azure AKS (Azure Kubernetes Service) provide managed Kubernetes services, simplifying cluster setup and operations.

You will need to configure these resources according to the specifications required by Raven. Detailed instructions for each resource will be provided in the subsequent sections.

1

Cloud Resources Provisioning

2

Setup ClickHouse

Raven relies on ClickHouse for efficient data storage and retrieval. Instructions for setting up and configuring ClickHouse will be provided.

3

Helm Installation

Install and configure raven-platform helm chart. An ArgoCD example is provided for reference.

Raven Platform Deployment

Once the cloud resources are provisioned (Step 1), the next step is to deploy the ClickHouse instance (Step 2) and Raven platform on a Kubernetes cluster (Step 3). This involves several key steps:

By following this guide, you will be able to deploy and configure the Raven platform on your cloud infrastructure. Each section of the documentation will provide detailed instructions and examples to ensure a smooth deployment process. Happy deploying!