How to manually add information about the ROSA Virtualization 2.1 infrastructure to the Integration Server in Kaspersky Security for Virtualization 6.0 Light Agent
Show applications and versions that this article concerns
- Kaspersky Security for Virtualization 6.1 Light Agent
- Kaspersky Security for Virtualization 6.0 Light Agent
To balance the load on the Secure Virtual Machine (SVM) in the ROSA Virtualization 2.1 virtual infrastructure, we recommend using the Integration Server for the detection of the SVM by the Light Agents. To do this, manually add the information about the virtual infrastructure to the Integration Server beforehand. Each request to the Integration Server requires basic authorization for the admin user:
- Send a GET request to retrieve the hypervisor certificate:
https://<IP address of the Integration Server>:<port of the Integration Server>/api/1.0/sshConfig/getSshKey?address=<IP address of the hypervisor>
The default port of the Integration Server is 7271.
- Copy and save the thumbprint of the public key from the received response.
- Send a POST request to add the key thumbprint to the trusted list:
https://<IP address of the Integration Server>:<port of the Integration Server>/api/1.0/sslConfig/certificateValidator/rules
The body of the request:
<certificateValidationRule address="<IP address of the hypervisor>:<SSH port>">
<thumbprint><thumbprint_from_step_1></thumbprint>
</certificateValidationRule>where:
- The SSH port is the standard SSH port 22.
- thumbprint_from_step_1 is the thumbprint of the public key received in the response to the GET request.
- Add the infrastructure using the POST request:
https://<IP address of the Integration Server>:<port of the Integration Server>/api/1.0/virtualization/infrastructures
The body of the request:
<infrastructure type="LIBVIRT">
<address><IP address of the hypervisor></address>
<username>root_or_sudo_user</username>
<password>root_or_sudo_user_password</password>
<domain></domain>
</infrastructure>where:
- root_or_sudo_user is the root account, or an account authorized to act on behalf of the root account.
- root_or_sudo_user_password is the password for the root account or for an account authorized to act on behalf of the root account.