Kaspersky Next XDR Expert
1.1.9

Contents

Preparing the KUMA inventory file

Expand all | Collapse all

The KUMA inventory file is a file in the YAML format that contains installation parameters for deployment of the KUMA services that are not included in the Kubernetes cluster. The path to the KUMA inventory file is included in the configuration file that is used by Kaspersky Deployment Toolkit for the Kaspersky Next XDR Expert deployment.

The templates of the KUMA inventory file are located in the distribution package. If you want to install the KUMA services (storage, collector, and correlator) on one host, use the single.inventory.yaml file. To install the services on several hosts in the network infrastructure, use the distributed.inventory.yaml file.

We recommend backing up the KUMA inventory file that you used to install the KUMA services. You can use it to remove KUMA.

To prepare the KUMA inventory file,

Open the KUMA inventory file template located in the distribution package, and then edit the variables in the inventory file.

The KUMA inventory file contains the following blocks:

  • all block

    The all block contains the variables that are applied to all hosts specified in the inventory file. The variables are located in the vars section.

  • kuma block

    The kuma block contains the variables that are applied to hosts on which the KUMA services will be installed. These hosts are listed in the kuma block in the children section. The variables are located in the vars section.

The following table lists possible variables, their descriptions, possible values, and blocks of the KUMA inventory file where these variables can be located.

List of possible variables in the vars section

Variable

Description

Possible values

Block

Variables located in the vars section of the all and kuma blocks

ansible_connection

Method used to connect to the KUMA service hosts.
  • ssh—Connection to the target hosts via SSH is established.
  • local—No connection to the target hosts is established.

To provide the correct installation of the KUMA services, in the all block, set the ansible_connection variable to local.

In the kuma block, you must specify the ansible_connection variable and set ansible_connection to ssh to provide the connection to the hosts on which the KUMA services are installed via SSH.
  • all
  • kuma

ansible_user

User name used to connect to KUMA service hosts to install external KUMA services.

If the root user is blocked on the target hosts, specify a user name that has the right to establish SSH connections and elevate privileges by using su or sudo.

To provide the correct installation of the KUMA services, in the all block, set the ansible_user variable to nonroot.

In the kuma block, you must override the ansible_user variable and set ansible_user to the username of the account that can connect to remote hosts via SSH, to prepare them for the installation of the KUMA services.
  • all
  • kuma

deploy_example_services

Variable used to indicate the creation of predefined services during installation.
  • false—No services are needed. The default value for the KUMA inventory file template.

    Set the deploy_example_services variable to false for the standard deployment of KUMA services.

  • true—Services must be created during installation.

    Set the deploy_example_services variable to true only for the demonstration deployment of KUMA services.

all

ansible_become

Variable used to indicate the need to increase the privileges of the user account that is used to install KUMA components.
  • false—If the ansible_user value is root.
  • true—If the ansible_user value is not root.

kuma

ansible_become_method

Method used for increasing the privileges of the user account that is used to install KUMA components.

su or sudo if the ansible_user value is not root.

kuma

Variables located in the children section of the kuma block

kuma_utils

Group of hosts used for storing the service files and utilities of KUMA.

A host can be included in the kuma_utils group and in the kuma_collector, kuma_correlator, or kuma_storage group at the same time. The kuma_utils group can contain multiple hosts.

During the Kaspersky Next XDR Expert deployment, on the hosts that are included in kuma_utils, the following files are copied to the /opt/kaspersky/kuma/utils/ directory:

  • kuma is an executable file with which the KUMA services are installed.
  • kuma.exe is an executable file with which the KUMA agents are installed on Windows-based hosts.
  • LEGAL_NOTICES is a file with information about third-party code.
  • maxpatrol-tool, kuma-ptvm.tar.gz are utilities for integration with MaxPatrol.
  • ootb-content is an archive with out of the box resources for the KUMA services.

The group of hosts contains the ansible_host variable that specifies the unique host FQDN and IP address.

kuma

kuma_collector

Group of KUMA collector hosts. This group can contain multiple hosts.

The group of KUMA collector hosts contains the ansible_host variable that specifies the unique host FQDN and IP address.

kuma

kuma_correlator

Group of KUMA correlator hosts. This group can contain multiple hosts.

The group of KUMA correlator hosts contains the ansible_host variable that specifies the unique host FQDN and IP address.

kuma

kuma_storage

Group of KUMA storage hosts. This group can contain multiple hosts.

The group of KUMA storage hosts contains the ansible_host variable that specifies the unique host FQDN and IP address.

In this group, you can also specify the storage structure if you install the example services during the demonstration deployment (deploy_example_services: true). For the standard deployment (deploy_example_services: false), specify the storage structure in the KUMA Console interface.

kuma

Sample of the KUMA inventory file template for installation of the KUMA services on a single host (the single.inventory.yaml file)

all:

vars:

deploy_example_services: false

ansible_connection: local

ansible_user: nonroot

kuma:

vars:

ansible_connection: ssh

ansible_user: root

children:

kuma_utils:

hosts:

kuma.example.com:

ansible_host: 0.0.0.0

kuma_collector:

hosts:

kuma.example.com:

ansible_host: 0.0.0.0

kuma_correlator:

hosts:

kuma.example.com:

ansible_host: 0.0.0.0

kuma_storage:

hosts:

kuma.example.com:

ansible_host: 0.0.0.0

shard: 1

replica: 1

keeper: 1

Sample of the KUMA inventory file template for installation of the KUMA services on several hosts (the distributed.inventory.yaml file)

all:

vars:

deploy_example_services: false

ansible_connection: local

ansible_user: nonroot

kuma:

vars:

ansible_connection: ssh

ansible_user: root

children:

kuma_utils:

hosts:

kuma-utils.example.com:

ansible_host: 0.0.0.0

kuma_collector:

hosts:

kuma-collector-1.example.com:

ansible_host: 0.0.0.0

kuma_correlator:

hosts:

kuma-correlator-1.example.com:

ansible_host: 0.0.0.0

kuma_storage:

hosts:

kuma-storage-1.example.com:

ansible_host: 0.0.0.0

shard: 1

replica: 1

keeper: 1

kuma-storage-2.example.com:

ansible_host: 0.0.0.0

shard: 1

replica: 2

keeper: 2

kuma-storage-3.example.com:

ansible_host: 0.0.0.0

shard: 2

replica: 1

keeper: 3

kuma-storage-4.example.com:

ansible_host: 0.0.0.0

shard: 2

replica: 2

Page top
[Topic 265307]