Skip to content

Deployment Overview

Audience: Administrators deploying Sentari in their environment

Deployment method selection

Deployment method Guide
Quick evaluation on a single VM or server Docker Compose
Production on Kubernetes Kubernetes (Helm)
Production on OpenShift OpenShift (Helm)
Installing the agent on endpoints Agent Deployment
Using a private or air-gap registry Private Registry
Deploying with plain PostgreSQL Plain PostgreSQL
All settings, defaults, and how to set them Configuration Reference

Ready-to-run packages that need only images / a chart / the agent binary plus a license — no source repository. Download the bundle from your Sentari release page. Each ships the runnable files and an end-to-end guide:

Bundle Use it for
Docker Compose bundle Single VM / server
OpenShift bundle Production OpenShift
Agent bundle Endpoint agent install

Server infrastructure requirements

Requirement Minimum Recommended
CPU 2 vCPU 4 vCPU
RAM 4 GB 8 GB
Disk 40 GB 100 GB+
OS Linux (amd64) RHEL 8/9, Ubuntu 22.04

Required ports

Port Protocol Direction Purpose
8000 HTTPS Inbound Dashboard & API
8001 HTTP Inbound (optional) Versioned API docs (ReDoc) — sentari-docs
5432 TCP Internal only PostgreSQL (TimescaleDB)
6379 TCP Internal only Redis

Agents connect outbound only on port 8000. No inbound ports are required on managed endpoints.

Software requirements

Component Version
Docker Engine 24.0+
Docker Compose v2.20+
Helm (Kubernetes/OpenShift) v3.14+
kubectl / oc matching cluster version

First login (all deployment methods)

Once the server is running:

  1. Open https://<server>:8000 in your browser.
  2. Log in with the bootstrap admin credentials you configured (SENTARI_BOOTSTRAP_ADMIN_EMAIL / SENTARI_BOOTSTRAP_ADMIN_PASSWORD).
  3. Navigate to Settings to configure the SIEM webhook, CVE feed path, and SMTP alerts.
  4. Go to Devices to verify enrolled agents appear and are submitting scans.

Health check (all deployment methods)

GET /api/health
Response: {"status": "ok", "version": "..."}
Component How to check
API GET /api/health returns 200
Worker Pod/container log shows celery@... ready
Beat Pod/container log shows beat: Starting...
Database pg_isready -U sentari
Redis redis-cli pingPONG

For additional assistance, contact your Sentari representative or visit the support portal.