Configuration wizard for the Kaspersky Next XDR Expert deployment
For the distributed and single node Kaspersky Next XDR Expert deployment, you have to prepare a configuration file that contains the installation parameters of the Kaspersky Next XDR Expert components. The Configuration wizard allows you to specify the installation parameters that are required to deploy Kaspersky Next XDR Expert, and then generate the resulting configuration file.
Prerequisites
Before specifying the installation parameters by using the Configuration wizard, you must do the following:
- Select the option for deploying Kaspersky Next XDR Expert.
- Download the distribution package with the Kaspersky Next XDR Expert components.
- Install a database management system on a separate server that is located outside the Kubernetes cluster, if needed (only for the distributed deployment).
- Prepare the administrator and target hosts.
- Prepare the hosts for installation of the KUMA services.
- Prepare the KUMA inventory file.
Process
To specify the installation parameters by using the Configuration wizard:
- On the administrator host where the KDT utility is located, run the Configuration wizard by using the following command:
./kdt wizard <path_to_transport_archive> -o <path_to_configuration_file>where:
<path_to_transport_archive>is the path to the transport archive.<path_to_configuration_file>is the path where you want to save the configuration file and the configuration file name.
The Configuration wizard prompts you to specify the installation parameters. The list of the installation parameters that are specific for the distributed and single node deployment differs.
If you do not have the Write permissions on the specified directory or a file with the same name is located in this directory, an error occurs and the wizard terminates.
- Enter the IPv4 address of a primary node (the
hostparameter of the configuration file).If you want to perform the single node deployment, this node will act as a primary-worker node.
- Enter the username of the user account used for connection to the primary node by KDT (the
userparameter of the configuration file). - Enter the path to the private part of the SSH key located on the administrator host and that is used for connection to the primary node by KDT (the
keyparameter of the configuration file).The default value is
/root/.ssh/id_rsa. - Enter the number of worker nodes.
Possible values:
- 0—Single node deployment.
- 3 or more—Distributed deployment.
This step defines the option of deploying Kaspersky Next XDR Expert. If you want to perform single node deployment, the following parameters specific for this deployment option will take the default values:
type—primary-workerlowResources—truevault_replicas—1vault_ha_mode—falsevault_standalone—truedefaultClassReplicaCount—1
- For each worker node, enter the IPv4 address (the
hostparameter of the configuration file).Note that the primary and worker nodes must be included in the same subnet.
The
kindparameter of the first worker node is set toadmsrvby default. That means that Administration Server will be installed on the first worker node. - For each worker node, enter the username used for connection to the worker node by KDT (the
userparameter of the configuration file). - For each worker node, enter the path to the private part of the SSH key used for connection to the worker node by KDT (the
keyparameter of the configuration file).The default value is
/root/.ssh/id_rsa. - Enter the connection string for accessing the DBMS that is installed and configured on a separate server (the
psql_dsnparameter of the configuration file).Specify this parameter as follows:
postgres://<dbms_username>:<password>@<fqdn>:<port>. - Enter the reserved static IP address of the Kubernetes cluster gateway (the
ipaddressparameter of the configuration file).The gateway must be included in the same subnet as all cluster nodes. The gateway IP address must contain the subnet mask /32.
- Enter the username of the Kaspersky Next XDR Expert user account that will be created by KDT during the installation (the
adminLoginandkumaLoginparameters of the configuration file).The default username of this account is "admin." The Main administrator role is assigned to this user account.
- Enter the password of the Kaspersky Next XDR Expert user account that will be created by KDT during the installation (the
kscpasswordandadminPasswordparameters of the configuration file). - Enter the path to the KUMA inventory file located on the administrator host (the
inventoryparameter of the configuration file).The KUMA inventory file contains the installation parameters for deployment of the KUMA services that are not included in the Kubernetes cluster.
- Enter the path to the private part of the SSH key located on the administrator host and used for connection to the nodes with the KUMA services (the
sshkeyparameter of the configuration file). - Enter the path to the LICENSE file of KUMA (the
licenseparameter of the configuration file). - Enter the domain name that is used in the addresses of the public Kaspersky Next XDR Expert services (the
smp_domainparameter of the configuration file). - Enter the path to the custom certificates used to work with the public Kaspersky Next XDR Expert services (the
intermediate_bundleparameter of the configuration file).If you want to use self-signed certificates, press Enter to skip this step.
- Check the specified parameters that are displayed in the numbered list.
To edit the parameter, enter the parameter number, and then specify a new parameter value. Otherwise, press Enter to continue.
- Press Y to save a new configuration file with the specified parameters or N to stop the Configuration wizard without saving.
The configuration file with the specified parameters is saved in the YAML format.
Other installation parameters are included in the configuration file, with default values. You can edit the configuration file manually before the deployment of Kaspersky Next XDR Expert.
