To add a cluster to the Carbon Black Cloud console and install the Kubernetes Sensor into that cluster, perform the following procedure.
Prerequisites
Before you begin, open both the Carbon Black Cloud console and a terminal window.
Procedure
- On the left navigation pane of the console, do one of the following depending on your system configuration and role:
- If you have the Kubernetes Security DevOps or SecOps role and your system has the Containers Security feature only, click .
- If you have any other role and your system has Container security and other Carbon Black Cloud features, click .
- In the upper right of the page, click Add Cluster.
- Add the Cluster Detail information.
- Enter a unique cluster name using lowercase letters, numbers, and hyphens. The name cannot contain a colon (:) symbol.
- Type or select an existing cluster group to help specify resources in scopes and policies. The cluster group is also used for observing the network activity map of your clusters.
When no group is provided, the cluster is added to the
default group.
- Optionally add cluster labels. A label consists of a key and a value. You can add multiple labels.
- Click Next.
- Provide a dedicated API key to establish the communication between your Kubernetes cluster and the console.
- Click Generate a new API key and enter an API key name that is unique to your Carbon Black Cloud organization.
- Click Use existing API key and select an existing API key.
Important:
Do not reuse keys between clusters. Use a separate Carbon Black Cloud API key for each cluster.
- Select the version of the Kubernetes Sensor to install on your cluster. The latest sensor version is set by default.
- Under Advanced Settings, optionally set up a proxy server or a private container registry.
- Proxy server can include a proxy URL or remain empty. The field is empty by default.
- Private container registry can include a private registry URL or remain empty. The field is empty by default. For important information about using a private container registry, see Private Container Registry.
Note:
- On the Finish Setup page, select Kubectl or Helm Charts.
- Copy and run each command in sequence into your terminal:
- In the console, click Done.
- Refresh the console browser page to view the new cluster.
The cluster status will be Pending install.
It takes up to 5 minutes for the cluster to stabilize during the initial setup. During this time, the status might display an error. Wait three to five minutes after submitting the install request to verify the correct status.
Results
After completing the setup procedure successfully, the status changes to Running.