Skip to content

Low-Level Design – Node Agent

{: .doc-audience-internal}

The Node Agent is the execution engine that runs inside each PCI Black Box rack.
It is responsible for:

  • Inventory collection
  • Config snapshot pulls
  • ACL enforcement on Jumpboxes / Firewalls
  • Scan orchestration (ephemeral containers)
  • Health / status reporting
  • Secure communication with the Infini-Connect Control Plane

This LLD defines the Agent's internal architecture, modules, message flows, job execution lifecycle, and security model.

1. High-Level Internal Architecture

```mermaid graph TD title INTERNAL – Node Agent Internal Architecture %% audience: internal

CP[(Control Plane
ic-agent-api)]

subgraph AG["Node Agent (Rack-Side)"]

CORE[agent-core<br/>(Loop, Scheduler, RPC)]

subgraph JOBS["Job Executors"]
  INV[agent-inventory<br/>Inventory Jobs]
  CFG[agent-config<br/>Config Pulls & Baselines]
  ACL[agent-access<br/>Jumpbox & Firewall ACLs]
  SCN[agent-scan<br/>Scan Container Orchestration]
  LOGS[agent-logging<br/>Local Logs → SIEM]
end

subgraph LOCAL["Runtime & System Interfaces"]
  SSH[SSH / API Connectors]
  DOCK[Container Engine<br/>(Docker/Podman)]
  SNMP[SNMP Pollers]
  FILES[Config Storage<br/>(tmpfs / local cache)]
end

end

CP --> CORE CORE --> JOBS JOBS --> LOCAL LOCAL --> JOBS CORE --> CP