Single node deployment: Specifying the installation parameters
If you want to deploy Kaspersky Next XDR Expert on a single node, fill out the installation parameters of the configuration file that are required both for the distributed and single node deployment, as well as define the following specific parameters: type
, lowResources
, vault_replicas
, vault_ha_mode
, vault_standalone
, and defaultClassReplicaCount
.
The template of the configuration file for the single node deployment is located in the distribution package with the Kaspersky Next XDR Expert components. You can fill out the configuration file template manually; or use the Configuration wizard to specify the installation parameters that are required for the Kaspersky Next XDR Expert deployment, and then generate the configuration file.
For correct work of KDT with the configuration file, enter an empty line at the end of the file.
The nodes
section of the configuration file contains the target host parameters that are listed in the table below.
Installation parameters of the nodes section
Parameter name | Required | Description | Possible values |
---|---|---|---|
| Yes | The name of the node. | String value |
| Yes | For the target host, set the |
|
| Yes | The IP address of the node. All nodes must be included in the same subnet. | IP address |
| No | The node type that specifies the Kaspersky Next XDR Expert component that will be installed on this node. If the Do not specify the |
|
| Yes | The username of the user account created on the target host and used for connection to the node by KDT. | String value |
| Yes | The path to the private part of the SSH key located on the administrator host and used for connection to the node by KDT. | String value |
The parameters
section of the configuration file contains the parameters listed in the table below.
Installation parameters of the parameters section
Parameter name | Required | Description | Possible values |
---|---|---|---|
| Yes | The connection string for accessing the DBMS that is installed and configured on a separate server. Specify this parameter as follows:
If the We recommend installing a DBMS on a separate server outside the cluster. | String value |
| Yes | The language of the OSMP Console interface specified by default. After installation, you can change the OSMP Console language. |
|
| Yes | The reserved static IP address of the Kubernetes cluster gateway. The gateway must be included in the same subnet as all cluster nodes. If you install the DBMS on a separate server, the gateway IP address must contain the subnet mask /32. If you install the DBMS inside the cluster, set the gateway IP address to an IP range in the format | IP address |
| Yes | The path to the private part of the SSH key located on the administrator host and used for connection to the node by KDT. | String value |
| Yes | The path to the private part of the SSH key located on the administrator host and used for connection to the nodes with the KUMA services (collectors, correlators and storages). | String value |
| Yes | The The Main administrator role is assigned to this user account. The The The password must comply with the following rules:
| String value |
| No | The parameter that indicates that Kaspersky Next XDR Expert is installed on the target host with limited computing resources. Set the |
|
| No | The number of replicas of the secret storage in the Kubernetes cluster. Set the | Integer value |
| No | The parameter that indicates whether to run the secret storage in the High Availability (HA) mode. Set the |
|
| No | The parameter that indicates whether to run the secret storage in the standalone mode. Set the |
|
| Yes | The parameter that specifies the amount of disk space for the operation of KUMA Core. This parameter is used only if the | String value |
| Yes | The path to the KUMA inventory file located on the administrator host. The inventory file contains installation parameters for deployment of the KUMA services that are not included in the Kubernetes cluster. | String value |
| No | The path to the additional KUMA inventory file located on the administrator host. This file contains the installation parameters used to partially add or remove hosts with the KUMA services. If you perform an initial deployment of Kaspersky Next XDR Expert or you do not need to partially add or remove hosts with the KUMA services, set this parameter to | String value |
| Yes | The path to the license key of KUMA. | String value |
| Yes | The domain name that is used in the addresses of the public Kaspersky Next XDR Expert services. | String value |
| Yes | The domain name for which a self-signed or custom certificate is to be generated. The | String value |
| Yes | The addresses of the Kaspersky Next XDR Expert services. These addresses contain the domain name, which must match the | String value |
| Yes | The list of addresses of the public Kaspersky Next XDR Expert services for which a self-signed or custom certificate is to be generated. These addresses contain the domain name, which must match the | String value |
| No | The path to the custom intermediate certificate used to work with public Kaspersky Next XDR Expert services. | String value |
| No | The parameter that indicates whether to use the custom intermediate certificate instead of the self-signed certificates for the public Kaspersky Next XDR Expert services. |
|
| No | The paths to the custom leaf certificates used to work with the corresponding public Kaspersky Next XDR Expert services: admsrv.<smp_domain>, api.<smp_domain>, console.<smp_domain>, psql.<smp_domain>. Specify the If you want to specify the leaf custom certificates, set the | String value |
| Yes | The address of KUMA Console. This address contains the domain name, which must match the | String value |
| Yes | The address of OSMP Console. This address contains the domain name, which must match the | String value |
| Yes | The names of the secret files that are stored in the Kubernetes cluster. These names contain the domain name, which must match the | String value |
| Yes | The amount of free disk space allocated to store the Administration Server data (updates, installation packages, and other internal service data). | String value |
| No | The number of disk volumes that are used to store the service data of Kaspersky Next XDR Expert components and KDT. The default value is Set the | Integer value |
| No | The amount of free disk space allocated to store the internal service KDT data. The default value is | String value |
| Yes | The amount of free disk space allocated to store metrics. The minimum recommend value is 5 GB. | String value |
| Yes | The amount of free disk space allocated to store OSMP logs. The minimum recommend value is 20 GB. | String value |
| Yes | The The The default parameter value is | String value |
| No | The parameter that indicates whether to encrypt the traffic between the Kaspersky Next XDR Expert components and the DBMS by using the TLS protocol. Specify the |
|
| No | The path to the PEM file that can contain the TLS certificate of the DBMS server or a root certificate from which the TLS server certificate can be issued. Specify the | String value |
| No | The path to the PEM file that contains a certificate and a private key of the Kaspersky Next XDR Expert component. This certificate is used to establish the TLS connection between the Kaspersky Next XDR Expert components and the DBMS. Specify the | String value |
| No | The parameter that indicates whether to use the proxy server to connect the Kaspersky Next XDR Expert components to the internet. If the host on which Kaspersky Next XDR Expert is installed has internet access, you can also provide internet access for operation of Kaspersky Next XDR Expert components (for example, Administration Server) and for specific integrations, both Kaspersky and third-party (for example, Kaspersky TIP). To establish the proxy connection, you must also specify the proxy server parameters in the Administration Server properties. |
|
| No | The IP address of the proxy server. If the proxy server uses multiple IP addresses, specify these addresses separated by a space (for example, " | String value |
| No | The number of the port through which the proxy connection will be established. | String value |
| No | The trace level. The default value is | Integer value ( |
| Yes | The parameters for internal use. Do not change the parameter value. | String value |
Sample of the configuration file for the single node deployment of Kaspersky Next XDR Expert