To add a cluster to the Carbon Black Cloud console and install the Kubernetes Sensor into that cluster, perform the following procedure.

Prerequisites

Before you begin, open both the Carbon Black Cloud console and a terminal window.

Procedure

  1. On the left navigation pane of the console, do one of the following depending on your system configuration and role:
    • If you have the Kubernetes Security DevOps or SecOps role and your system has the Containers Security feature only, click Inventory > Clusters.
    • If you have any other role and your system has Container security and other Carbon Black Cloud features, click Inventory > Kubernetes > Clusters.
  2. In the upper right of the page, click Add Cluster.
  3. Add the Cluster Detail information.
    Add Cluster image
    1. Enter a unique cluster name using lowercase letters, numbers, and hyphens. The name cannot contain a colon (:) symbol.
    2. Type or select an existing cluster group to help specify resources in scopes and policies. The cluster group is also used for observing the network activity map of your clusters.
      When no group is provided, the cluster is added to the default group.
    3. Optionally add cluster labels. A label consists of a key and a value. You can add multiple labels.
  4. Click Next.
  5. Provide a dedicated API key to establish the communication between your Kubernetes cluster and the console.
    • Click Generate a new API key and enter an API key name that is unique to your Carbon Black Cloud organization.

      Add a new API key panel with warning

    • Click Use existing API key and select an existing API key.
    Important:

    Do not reuse keys between clusters. Use a separate Carbon Black Cloud API key for each cluster.

  6. Select the version of the Kubernetes Sensor to install on your cluster. The latest sensor version is set by default.
  7. Under Advanced Settings, optionally set up a proxy server or a private container registry.
    • Proxy server can include a proxy URL or remain empty. The field is empty by default.
    • Private container registry can include a private registry URL or remain empty. The field is empty by default. For important information about using a private container registry, see Private Container Registry.

    When adding a cluster, specify the sensor version and advanced options

    Note:
  8. On the Finish Setup page, select Kubectl or Helm Charts.
  9. Copy and run each command in sequence into your terminal:
    List of commands to copy into the Linux terminal
  10. In the console, click Done.
  11. Refresh the console browser page to view the new cluster.

    The cluster status will be Pending install.

    It takes up to 5 minutes for the cluster to stabilize during the initial setup. During this time, the status might display an error. Wait three to five minutes after submitting the install request to verify the correct status.

Results

After completing the setup procedure successfully, the status changes to Running.

What to do next

  1. Check the Kubernetes Sensor Status and Health
  2. Download a CLI Client
  3. Add and Configure a CLI Client