Kaspersky Next XDR Expert

Specifying the installation parameters by using the Configuration wizard

For the multi-node and single-node Kaspersky Next XDR Expert deployment, you have to prepare a configuration file that contains the installation parameters of the Kaspersky Next XDR Expert components. The Configuration wizard allows you to specify the installation parameters that are required to deploy Kaspersky Next XDR Expert, and then generate the resulting configuration file. Optional installation parameters have default values, and they are not to be specified in the Configuration wizard. You can manually add these parameters to the configuration file to override their default values.

Prerequisites

Before specifying the installation parameters by using the Configuration wizard, you must install a database management system on a separate server that is located outside the Kubernetes cluster, perform all preparatory steps necessary for the administrator, target hosts (depending on the multi-node or single-node deployment option), and KUMA hosts.

Process

To specify the installation parameters by using the Configuration wizard:

1. On the administrator host where the KDT utility is located, run the Configuration wizard by using the following command:

   ./kdt wizard -k <path_to_transport_archive> -o <path_to_configuration_file>

   where:

   • <path_to_transport_archive> is the path to the transport archive.
   • <path_to_configuration_file> is the path where you want to save the configuration file and the configuration file name.

   The Configuration wizard prompts you to specify the installation parameters. The list of the installation parameters that are specific for the multi-node and single-node deployment differs.

   If you do not have the Write permissions on the specified directory or a file with the same name is located in this directory, an error occurs and the wizard terminates.

2. Enter the IPv4 address of a primary node (or a primary worker node, if you will perform the single-node deployment). This value corresponds to the host parameter of the configuration file.

   This node must be included in the same subnet as the Kubernetes cluster gateway.

3. Enter the user name of the account used for connection to the primary node by KDT (the user parameter of the configuration file).

   The value must comply with the following rules:

   • The user name must be 1 to 31 characters long.
   • The user name can contain the following characters:
     • Lowercase letters (a–z)
     • Numbers (0–9)
     • Underscore (_), hyphen (-)
4. Enter the path to the private part of the SSH key located on the administrator host and that is used for connection to the primary node by KDT (the key parameter of the configuration file).

   The parameter value must be a Linux file path or Base64-encoded file content.

5. Enter the number of worker nodes.

   Possible values:

   • 0—Single-node deployment.
   • 3 or more—Multi-node deployment.

   This step defines the option of deploying Kaspersky Next XDR Expert. If you want to perform single-node deployment, the following parameters specific for this deployment option will take the default values:

   • type—primary-worker
   • low_resources—true
   • vault_ha_mode—false
   • vault_standalone—true
   • default_class_replica_count—1
6. For each worker node, enter the IPv4 address (the host parameter of the configuration file).

   All nodes must be included in the same subnet as the Kubernetes cluster gateway.

   For multi-node deployment, the kind parameter of the first worker node is set to admsrv by default. That means that Administration Server will be installed on the first worker node. For single-node deployment, the kind parameter is not specified.

7. For each worker node, enter the user name used for connection to the worker node by KDT (the user parameter of the configuration file).

   The value must comply with the following rules:

   • The user name must be 1 to 31 characters long.
   • The user name can contain the following characters:
     • Lowercase letters (a–z)
     • Numbers (0–9)
     • Underscore (_), hyphen (-)
8. For each worker node, enter the path to the private part of the SSH key used for connection to the worker node by KDT (the key parameter of the configuration file).

   The parameter value must be a Linux file path or Base64-encoded file content. Also, the value must match the ssh_pk parameter value.

9. Enter the connection string for accessing the DBMS that is installed and configured on a separate server (the psql_dsn parameter of the configuration file).

   Specify this parameter as follows: postgres://<dbms_username>:<password>@<fqdn>:<port>

   where:

   • dbms_username—The user name of a privileged internal DBMS account. This account is granted permissions to create databases and other DBMS accounts. By using this privileged DBMS account, the databases and other DBMS accounts required for the Kaspersky Next XDR Expert components will be created during the deployment. 
   • password—The password of the privileged internal DBMS account.
   • fqdn:port—The FQDN and connection port of the target host on which the DBMS is installed.

   To use a highly available cluster, specify this parameter as follows: psql_dsn=postgres://<dbms_username>:<password>@<fqdn1>:<port>,<fqdn2>:<port>,<fqdn3>:<port>

   The psql_dsn parameter value must comply with the URI format. If the connection URI includes symbols with special meaning in any of its parts, it must be encoded with percent-encoding.

   Symbols that must be replaced in the psql_dsn parameter value:

   • Whitespace → %20
   • % → %25
   • & → %26
   • / → %2F
   • : → %3A
   • = → %3D
   • ? → %3F
   • @ → %40
   • [ → %5B
   • ] → %5D

   Refer to the PostgreSQL connection string article for details.

   The Configuration wizard specifies the installation parameters only for the deployment option with the DBMS installed on a separate server that is located outside the Kubernetes cluster.

10. Enter the IPv4 address of the Kubernetes cluster gateway (the ingress_ip parameter of the configuration file).

    The gateway must be included in the same subnet as all cluster nodes.

11. Enter the password of the Kaspersky Next XDR Expert user account that will be created by KDT during the installation (the admin_password parameter of the configuration file).

    The default user name of this account is "admin." The Main administrator role is assigned to this user account.

    The password must comply with the following rules:

    • The user password cannot have fewer than 8 or more than 256 characters.
    • The password must contain characters from at least three of the groups listed below:
      • Uppercase letters (A–Z)
      • Lowercase letters (a–z)
      • Numbers (0–9)
      • Special characters (@ # $ % ^ & * - _ ! + = [ ] { } | : ' , . ? / \ ` ~ " ( ) ;)
    • The password must not contain any whitespaces, or the ".@" combination.

    When you specify the admin_password parameter value manually (not by the Configuration wizard), make sure that this value meets the YAML standard requirements for values in strings:

    • The parameter value containing special characters must be enclosed in single quotes.
    • Any single quote ' inside the parameter value must be doubled to escape this single quote.

    Example: the user account password Any_pass%1234'5678"90 must be specified as the value 'Any_pass%1234''5678"90' of the admin_password parameter.

12. Enter the path to the KUMA inventory file located on the administrator host (the inventory parameter of the configuration file).

    The KUMA inventory file contains the installation parameters for deployment of the KUMA services that are not included in the Kubernetes cluster. The parameter value must be a Linux file path or Base64-encoded file content.

13. Enter the path to the private part of the SSH key located on the administrator host and used for connection to the worker node and nodes with the KUMA services (collectors, correlators, and storages) by using KDT (the ssh_pk parameter of the configuration file).

    The parameter value must be a Linux file path or Base64-encoded file content. Also, the value must match the key parameter value.

14. Enter the path to the LICENSE file of KUMA Core (the license parameter of the configuration file).

    The parameter value must be a Linux file path or Base64-encoded file content.

15. Enter the domain name that is used in the FQDNs of the public Kaspersky Next XDR Expert services (the smp_domain parameter of the configuration file).

    The parameter value must meet the requirements for second-level domain naming.

16. Enter the path to the custom certificates used to work with the public Kaspersky Next XDR Expert services (the intermediate_bundle parameter of the configuration file).

    The parameter value must be a Linux file path or Base64-encoded file content.

    If you want to use self-signed certificates, press Enter to skip this step.

17. Skip the step to specify the extended_incident_lifecycle parameter. This is a service parameter. By default, the extended_incident_lifecycle parameter is disabled, do not change it.
18. Check the specified parameters that are displayed in the numbered list.

    To edit the parameter, enter the parameter number, and then specify a new parameter value. Otherwise, press Enter to continue.

19. Press Y to save a new configuration file with the specified parameters or N to stop the Configuration wizard without saving.

The configuration file with the specified parameters is saved in the YAML format.

Other installation parameters are included in the configuration file, with default values. You can edit the configuration file manually before the deployment of Kaspersky Next XDR Expert.