Technical Details - Jobs
General Architecture
Compliance Jobs
Scheduling Jobs:
The Scheduler Service checks every 60 seconds to identify jobs that need scheduling.
Jobs are recorded in PostgreSQL as "Queued" and written to NATS.
Job Execution Rules:
Each control per account per benchmark constitutes one job.
If a control is shared between two root benchmarks, it is triggered twice.
If a control is shared between two benchmarks under the same root, it is triggered once.
Job Completion and Summarization:
After job execution, the Summarizer is triggered to generate a compliance summary.
The job status in PostgreSQL is updated to "Summarizer in progress."
Recording Findings:
Findings are generated per worker and recorded in the database.
Accessing Summary Data:
Summary data becomes available after the Summarizer has processed all jobs.
Discovery works
Scheduling: Every 60 seconds, the Scheduler Service checks for jobs that need scheduling. It marks the jobs as "Queued" in PostgreSQL and notifies NATS.
Job Distribution: NATS workers continuously poll NATS to determine which jobs need execution.
Resource Management: KEDA monitors the NATS queue and scales Describer Workers accordingly. Each Describer Worker is specific to a resource type and account and uses encrypted credentials to operate.
Data Handling: Describer Workers decrypt credentials, execute tasks, and log results to Elasticsearch.
Data Summarization: The Summarizer processes data for each account every 24 hours, generating summarized metrics from the discovery workers.
Last updated