Global Lineaje Open Source Intelligence (GLOSI) Deployment Guide

© 2026 Lineaje, Inc. All rights reserved. Proprietary and Confidential.

Objective: This guide helps you deploy GLOSI in your environment using Docker Compose.

What Is GLOSI?

GLOSI is an intelligence data platform from Lineaje for open source components and vulnerabilities. It enables customers to look up open source intelligence (Package Attestation, Source Attestation, Vulnerability Info, Security Posture, Code Quality, Embedded Secrets, Mitre HipCheck, Source Code Metrics, Dependency Decomposition, EOL, Lineaje Reputation, and Geo Provenance) within their own environment. GLOSI supports a variety of environments, from cloud to on-premises. It publishes updated intelligence data regularly to keep pace with the latest changes.

How Is GLOSI Deployed On-Premises?

GLOSI ships as a container image (tarball) and deploys using Docker Compose.

What Does GLOSI Contain?

The GLOSI image bundles open source component data, vulnerability data, and a set of services with a user interface. It includes the following:

• Frontend UI — React/Next.js application for querying open source components and vulnerabilities

• Data service — FastAPI API layer providing access to the data

• Orchestration service — FastAPI application that manages the database

• Elasticsearch 7.17.0 database — stores the open source component data

How Can I Get Access to GLOSI?

The GLOSI image is hosted in the Lineaje registry. Contact Lineaje support at [email protected] to request access.

GLOSI Setup

System Configuration

You can deploy all containers on a single VM (Ubuntu or Alpine) or in a distributed configuration. For a single-VM deployment, the following minimum specifications are recommended.

Prerequisites

1. Obtain the installation tarball, which contains the installation guide, API documentation, and a Resources folder with the docker-compose.yaml file.

2. Obtain access to the Lineaje Amazon Elastic Container Registry (ECR) that hosts the GLOSI Docker image. If you do not have access, contact Lineaje Support at [email protected] with your AWS Account ID. Once Lineaje grants ECR access to your account, proceed to Step 3.

3. Install Docker on the host VM.

4. Install the AWS CLI on the host VM.

5. For automated installation, allowlist the gold.lineaje.com domain on the host VM.

Deployment

Custom Deployment

The deployment can be customized using the following configuration files.

Elasticsearch Configuration

To deploy Elasticsearch on a separate VM, expose port 9200 to make it accessible from the data service. The following configuration runs Elasticsearch at the recommended port 9200, which you can change as needed:

Data Service Configuration

The data service is a FastAPI application that connects to Elasticsearch and converts client requests into Elasticsearch queries. It runs on port 8000 by default. The Swagger UI is available at: http://<data-service:VM_IP>:<port:8000>/docs

Frontend

The frontend is a React/Next.js application that calls backend APIs and displays data in the browser. It runs on port 3000 (http://localhost:3000) by default.

GLOSI Orchestration Service

The orchestration service handles workflows, connects UI actions with the data service, and adds logic, routing, and validation. It runs on port 8500 by default. The Swagger UI is available at: http://<orchestration-service:VM_IP>:<port:8000>/docs

Data Persistence, Networking, and Volumes

• Volumes

Volumes ensure data inside containers persists when containers restart or rebuild. For example, the elasticsearch_data volume stores all Elasticsearch index data. elasticsearch_data — stores data generated by Elasticsearch after package and vulnerability index synchronization

• Networking

Docker Compose automatically creates an internal bridge network. Containers communicate using service names, which avoids hardcoding IP addresses and makes scaling or relocating services straightforward.

• Health checks

Health checks ensure each service is only marked healthy once it responds correctly, improving deployment reliability.

Service Interaction

The following describes how the GLOSI services communicate with each other:

1. Frontend — The user opens the UI at http://localhost:3000. The browser sends API requests (such as search queries) to the orchestration service at http://localhost:8500.

2. Orchestration service — Validates the request and forwards it to the appropriate backend service (typically the data service).

3. Data service — Receives requests from the orchestration service, transforms them into Elasticsearch-compatible queries, and sends them to Elasticsearch.

4. Elasticsearch — Performs search and indexing operations and returns results to the data service.

5. Response propagation — The data service formats the Elasticsearch results and returns them to the orchestration service for any additional processing.

6. Frontend rendering — The UI receives the final result and displays it to the user.

The architecture follows this request loop:

UI ➝ Orchestration ➝ Data service ➝ Elasticsearch ➝ Data service ➝ Orchestration ➝ UI

Docker Compose starts services in dependency order, ensuring each service waits for its required dependencies to become healthy before starting.

Access URLs