Preparing the administrator and target hosts

Before you start deploying Kaspersky XDR Expert, you have to prepare the administrator and target hosts. The administrator host is used to deploy and manage the Kubernetes cluster and Kaspersky XDR Expert. The target hosts are included in the Kubernetes cluster and perform the workload of the Kaspersky XDR Expert components. Kaspersky XDR Expert is deployed on the target hosts.

To prepare the administrator and target hosts:

  1. Select an administrator host.

    Prepare a device that will act as an administrator host from which KDT will launch.

    The administrator host will not be included in the Kubernetes cluster that is created by KDT during the deployment.

    Make sure that the hardware and software on the administrator host meet the requirements for KDT.

    On the administrator host, allocate at least 10 GB of free space in the temporary files directory (\tmp) for KDT. If you do not have enough free space in this directory, run the following command to specify the path to another directory:

    export TMPDIR=<new_directory>/tmp

  2. Select the target hosts for the Kaspersky XDR Expert deployment.

    Prepare the physical or virtual machines on which Kaspersky XDR Expert will be deployed. A minimum cluster configuration includes four nodes:

    • One primary node

      The primary node is intended for managing the cluster, storing metadata, and distributing of the workload.

    • Three worker nodes

      The worker nodes are intended for performing the workload of the Kaspersky XDR Expert components.

      For optimal allocation of computing resources, it is recommended to use nodes with the same resources.

      You can install the DBMS inside the Kubernetes cluster when you perform the demonstration deployment of Kaspersky XDR Expert. In this case, allocate the additional worker node for the DBMS installation. KDT will install the DBMS during the Kaspersky XDR Expert deployment.

      We recommend installing a DBMS on a separate server outside the cluster.
      After you deploy Kaspersky XDR Expert, changing the DBMS installed inside the cluster to a DBMS installed on a separate server is not available. You have to remove all Kaspersky XDR Expert components, and then install Kaspersky XDR Expert again. In this case, the data will be lost.

    Make sure that the hardware and software on the target hosts meet the requirements for KDT, and the target hosts are located in the same broadcast domain.

    Do not install Docker on the selected target nodes. KDT will install all necessary software and dependencies during the deployment.

  3. On the administrator host, install the package for Docker version 20 or later.
  4. On the target hosts, install the sudo package, if this package is not already installed. For Debian family operating systems, install the UFW package on the target hosts.
  5. Provide access to the package repository where the packages required for the function of Kaspersky XDR Expert are located:
    • nfs-common
    • tar
    • iscsi-package
    • wireguard
    • wireguard-tools

    KDT will try to install these packages during the deployment from the package repository. You can also install these packages manually.

  6. Reserve static IP addresses for the target hosts, for the Kubernetes cluster gateway, and for the DBMS (if the DBMS is installed inside the cluster).

    The Kubernetes cluster gateway is intended for connecting to the Kaspersky XDR Expert components installed inside the Kubernetes cluster.

  7. On the target hosts, create user accounts that will be used for the Kaspersky XDR Expert deployment.

    Add the created user accounts to the /etc/sudoers file.

  8. Configure the SSH connection between the administrator and target hosts:
    1. On the administrator host, generate SSH keys by using the ssh-keygen utility.
    2. After you generate a pair of SSH keys, copy the public key to every target host (for example, to the /home/<user_name>/.ssh directory).
  9. For proper function of the Kaspersky XDR Expert components, provide network access between the target hosts and open the required ports on the firewall of the administrator and target hosts, if necessary.
  10. Configure time synchronization over Network Time Protocol (NTP) on the administrator and target hosts.
Page top