SVM deployment using the Integration Server Web Console

Before deployment, you need to download the SVM images and SVM image description files.

To deploy an SVM using Integration Server Web Console, you need to do the following:

1. Configure the connection of the Integration Server to the virtual infrastructure in which you want to deploy the SVM.
2. Create and run an SVM deployment task for the Integration Server in the selected infrastructure.

After it starts, the task appears in the task list in Integration Server Web Console, in the SVM management section, and is added to the task queue on the Integration Server. You can view information about each task and its execution status.

Upon successful completion of the task, the SVM is deployed to the selected infrastructure.

Connecting the Integration Server and the virtual infrastructure

To configure the Integration Server's connection to the virtual infrastructure:

1. Open Integration Server Web Console and connect to the Integration Server.
2. Go to the List of virtual infrastructures section.
3. Click the Add button.
4. In the Add virtual infrastructure window that opens, specify the following required settings:
   • Infrastructure object type

     Type of the virtual infrastructure object that the Integration Server will connect to.

     Depending on the type of virtual infrastructure, select a hypervisor, virtual infrastructure administration server, or Keystone microservice.

   • Protocol

     Protocol used to connect the Integration Server to the virtual infrastructure. By default, HTTPS protocol is used.

     The Protocol field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.

   • Infrastructure object address

     Address of the virtual infrastructure object that the Integration Server will connect to. Depending on the type of virtual infrastructure, you need to specify the hypervisor address or the address of the virtual infrastructure administration server. To connect to an OpenStack-based infrastructure, you need to specify the address of the Keystone microservice.

     The address can be specified as the IP address in IPv4 format or the fully qualified domain name (FQDN).

     In this field, you can also specify the port used to connect to the virtual infrastructure object in the format <IP address>:<port>.

     If you are configuring a connection to Microsoft Windows Server (Hyper-V) hypervisors that are part of a hypervisor cluster managed by the Windows Failover Clustering service, you can specify the address of the cluster. All hypervisors that are part of the cluster will be added to the list.

     If you are using the Linux-based Integration Server, SVM deployment in a virtual infrastructure based on Microsoft Hyper-V is not supported.

     If you are configuring a connection to VMware ESXi hypervisors managed by VMware vCenter Servers running in Linked mode, you can specify the address of any of these VMware vCenter Servers. All the hypervisors running on VMware vCenter servers in Linked mode will be added to the list.

     If you are configuring a connection to an infrastructure managed by Nutanix Prism Element, you need to specify the Nutanix Prism Element address. If the infrastructure is managed by Nutanix Prism Central, specify the Nutanix Prism Central address. All Nutanix Prism Element servers managed by Nutanix Prism Central will be added to the list.

   • Account settings for connecting to the infrastructure with administrator rights:
     • OpenStack domain

       Name of the OpenStack domain that contains an account used to connect the Integration Server to the virtual infrastructure.

       The OpenStack domain field is displayed if you are configuring a connection to a virtual infrastructure based on the OpenStack platform, VK Cloud platform or TIONIX Cloud Platform.

     • User name

       Name of the user account that the Integration Server uses to connect to the virtual infrastructure during SVM deployment, removal and reconfiguration. This account must have privileges that are sufficient for SVM deployment, removal and reconfiguration.

     • Password

       Password of the user account that the Integration Server uses to connect to the virtual infrastructure during SVM deployment, removal and reconfiguration.

5. In a virtual infrastructure based on XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, OpenStack, Alt Virtualization Server, Astra Linux, Numa vServer, VK Cloud platform, or TIONIX Cloud Platform, we also recommend specifying an account that has limited rights to perform actions in the virtual infrastructure. Under this account, the Integration Server will connect to the virtual infrastructure while Kaspersky Security is running in order to get information about SVMs available for connection and to distribute Light Agents between SVMs.

   To set restricted permissions for a user account:

   1. Click Add an account with restricted permissions in the Account with restricted permissions section.
   2. In the window that opens, specify the account name and password.
   3. Click the Save button.

   If an account with restricted permissions is not configured the Integration Server uses the same user account that is used for SVM deployment, removal and reconfiguration, to connect to the virtual infrastructure while Kaspersky Security is running.

   In a virtual infrastructure running on the Microsoft Hyper-V platform, you can connect to the virtual infrastructure during Kaspersky Security operation only by using the same user account that is used for SVM deployment, removal and reconfiguration.

6. In a virtual infrastructure based on the VMware vSphere platform, you can configure the use of VMware NSX Manager by the Kaspersky Security solution:
   1. Click the Specify VMware NSX Manager connection settings button in the VMware NSX Manager block.
   2. This opens a window; in that window, specify the following settings:
      • Address

        New IP address in IPv4 format or the fully qualified domain name (FQDN) of the VMware NSX Manager.

        If your VMware NSX Manager virtual infrastructure is clustered, specify the virtual IP address of the cluster. First, you need to assign a virtual IP address and certificate to the cluster (for more information on configuring a VMware NSX Manager cluster, see the VMware documentation).

      • User name

        Name of the account that the Integration Server uses to connect to VMware NSX Manager. A VMware NSX Manager account that has been assigned the Enterprise Administrator role is required.

      • Password

        Password of the account that the Integration Server uses to connect to VMware NSX Manager.

   3. Click the Save button in the VMware NSX Manager settings window.
7. Click the Save button in the Add virtual infrastructure window.

   The Integration Server adds the selected virtual infrastructure objects to the list and attempts to establish a connection.

   The Integration Server verifies the authenticity of all virtual infrastructure objects with which the connection is established.

   Authenticity is not verified for a Microsoft Windows Server (Hyper-V) hypervisor.

   For Keystone microservices, authenticity is verified only when using the HTTPS protocol to connect the Integration Server to the virtual infrastructure.

   To verify authenticity, the Integration Server receives an SSL certificate or fingerprint of the public key from each virtual infrastructure object and verifies them.

   If the authenticity of the received certificate(s) cannot be established, the Verify certificate window opens with a message about this. Click the link in this window to view the details of the received certificate. If the certificate complies with the security policy of your organization, you can confirm the authenticity of the certificate and continue connecting to the virtual infrastructure object. The received certificate will be installed as a trusted certificate on the device where the Integration Server is installed. If you do not consider this certificate to be authentic, click the Cancel connection button in the Verify certificate window to disconnect, and replace the certificate with a new one.

   If the authenticity of the open key could not be established, the Verify public key fingerprint window opens with a message about this. You can confirm the authenticity of the open key and continue the connection. The public key fingerprint will be saved on the device where the Integration Server is installed. If you do not consider this open key to be authentic, click the Cancel connection button in the Verify public key fingerprint window to terminate the connection.

   If a connection to a virtual infrastructure object could not be established, information about connection errors is displayed in the list of infrastructures in the Status column.

Using the buttons above the table, you can:

• refresh the list of virtual infrastructures
• sort and search the list
• edit the settings for connecting the Integration Server to virtual infrastructures
• delete settings for connecting to virtual infrastructures
• export the list in CSV format

Creating and running an SVM deployment task

To create and run an SVM deployment task for the Integration Server:

1. Open Integration Server Web Console and connect to the Integration Server.
2. Go to the SVM management section.
3. Click the New task button and select SVM deployment from the drop-down list.

   The Integration Server New Task Wizard will start.

4. Follow the wizard instructions.

Selecting infrastructure for SVM deployment

At this step, the table displays information about the virtual infrastructures to which connections are configured for the Integration Server. If SVMs are already deployed in the virtual infrastructure, the table also contains information about them. Each row of the table displays the following information about the virtual infrastructure:

• Name/Address

  This column contains the IP addresses or fully qualified domain names (FQDN) of the virtual infrastructure objects to which the Integration Server connects, and the names of the SVMs deployed on the hypervisors.

  Depending on the type of virtual infrastructure, the column may display:

  • IP address or the fully qualified domain name (FQDN) of the virtual infrastructure administration server
  • IP address or the fully qualified domain name of the hypervisor
  • IP address or the fully qualified domain name of the Keystone microservice
  • OpenStack project and domain name.
• Status

  This column contains information about the status of the Integration Server's connection to the virtual infrastructure, the state of the infrastructure objects to which the connection is made, and the state of the SVMs deployed in the infrastructure.

  If the Integration Server is not connected to the virtual infrastructure object, the column displays an error message.

• Infrastructure object type

  The column contains the type of the virtual infrastructure object that the Integration Server will connect to.

• SVM version

  This column contains the SVM version number.

You can search the list of virtual infrastructure objects based on the Name/Address column. The table displays only those virtual infrastructure objects that meet the search criteria. To reset the search results, delete the contents of the search field.

You can update the list of virtual infrastructure objects using the Refresh button above the table. When updating a list, the Integration Server verifies the SSL certificates or fingerprints of the public key, just like what happens when adding virtual infrastructure objects to the list.

To select infrastructure for SVM deployment:

1. Depending on the type of the virtual infrastructure, select checkboxes in the table to the left of the names of the hypervisors on which you want to deploy an SVM, or the OpenStack projects in which you want to deploy an SVM. You can select hypervisors or OpenStack projects to which the Integration Server has successfully connected.

   If SVMs are being deployed in an infrastructure based on the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform, simultaneous SVM deployment in different infrastructures is not supported. You can deploy SVMs in only one of these infrastructures at a time, or in one or more infrastructures of other types.

   The simultaneous deployment of SVMs within OpenStack projects, which are running on different Keystone microservices, is not supported. You can simultaneously deploy SVMs only in OpenStack projects that are running on the same Keystone microservice.

   Simultaneous deployment of SVMs to hypervisors of different types (for example, to a VMware ESXi hypervisor and a KVM hypervisor) is not supported.

2. If you want to allow parallel deployment of multiple SVMs, select the Allow parallel deployment of N SVMs check box and specify the number of SVMs that should be deployed in parallel.

Proceed to the next step of the wizard.

Selecting the SVM image

At this step, select the file of the SVM image for deployment. The SVM image file and SVM image description file (in XML format) must be placed on the device where the Integration Server is installed, into a single folder that the Integration Server has read access to.

To specify the SVM image, in the field, enter the path to the SVM image description file (in XML format) relative to the file system of the device on which the Integration Server is installed, and click the Select button.

The Wizard automatically selects the required SVM image file:

• An XVA file for deployment on a XenServer hypervisor or on a Numa vServer hypervisor.
• An OVA file for deployment on a VMware ESXi hypervisor.
• A QCOW2 file for deployment on a KVM hypervisor (including on a KVM hypervisor running on OpenStack platform, Astra Linux, VK Cloud Platform or TIONIX Cloud Platform), on a Proxmox VE hypervisor, on a R-Virtualization hypervisor, on a HUAWEI FusionCompute CNA hypervisor, on a Nutanix AHV hypervisor, or on an ALT Virtualization Server platform basic hypervisor.

The window displays the following information about the selected image:

• Vendor is the name of the vendor of the solution that the SVM is part of.
• Publisher is the name of the publisher of the solution that the SVM is part of. If the image is authentic, the Publisher field displays the value AO Kaspersky Lab.

  If the authenticity of the image has not been verified, an error message is displayed at the top of the window, and Unknown is displayed in the Publisher field.

  If the authenticity of the image has not been verified, it is recommended to use a different image for SVM deployment. To do this, you need to re-download the archive with the files necessary for SVM deployment.

• Solution name is the name of the solution that the SVM is part of.
• SVM version is the SVM version number.
• Description is a brief description of the SVM image.
• Virtual drive size is the amount of disk space required to deploy the SVM.

It is recommended to validate the SVM image. To do so, click the Validate button in the SVM image integrity check section. The verification results are displayed in the window as follows:

• If the image file integrity check is successful, the Completed successfully message is displayed.
• If the image file gets modified or corrupted while being transmitted from the publisher to the end user or if the image format is not supported, the upper part of the window shows an error message and the SVM image integrity check section displays information about the detected problem.

If an SVM image file integrity check ended with an error, it is recommended to use a different image for SVM deployment. To do this, you need to re-download the archive with the files necessary for SVM deployment.

If the authenticity of an image has been verified and the image file integrity check completed successfully, proceed to the next step of the Wizard.

If the authenticity of an image has not been verified or an image file integrity check has not been performed or ended with an error but you accept the risk and want to use the selected SVM image, to proceed to the next step of the Wizard you need to select the check box located in the lower part of the window.

Selecting the number of SVMs for deployment (infrastructures based on OpenStack)

This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

For this step, you must specify the number of SVMs to be deployed on the hypervisors within each selected OpenStack project. The OpenStack project name column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.

In the Number of SVMs column, specify the number of SVMs to be deployed on the hypervisors within the OpenStack project.

Proceed to the next step of the wizard.

Specifying SVM settings

This step is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.

At this step, you need to specify the name of the SVM and select the storage on the hypervisor where the SVM will be deployed. The Hypervisor address column displays the IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.

Specify the following settings:

• SVM name

  An arbitrary name for new SVM.

• Storage

  Data storage for SVM image.

  The drop-down list displays the storage repositories available for SVM deployment.

  If you are deploying SVMs on a Microsoft Windows Server (Hyper-V) hypervisor that is part of a cluster, only shared repositories can be selected in the list.

  If you are deploying SVMs on a Microsoft Windows Server (Hyper-V) hypervisor that is not part of a cluster, you can manually enter the path to the repository.

Proceed to the next step of the wizard.

Specifying SVM settings (infrastructures based on OpenStack)

This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

On this step, you must specify deployment settings for each SVM that is to be deployed within the selected OpenStack projects. The OpenStack project name column displays the name of the project that the SVM will be deployed in, as well as the project path in the infrastructure.

Specify the following settings required for SVM deployment:

• SVM name

  An arbitrary name for new SVM.

• Virtual machine type

  Virtual machine type (instance type) determines RAM volume, disk size, number of CPU cores, and other settings of created virtual machine.

  Select appropriate virtual machine type for SVM deployment from available types for OpenStack project. Virtual machine type must match recommendations of Kaspersky experts concerning the resource allocation for SVMs.

  If there is no virtual machine of the suitable type in the list, use the virtual infrastructure to create the required virtual machine type. After that, to refresh the list of available virtual machine types, you can go back to the infrastructure selection step and select the Refresh button or restart the SVM deployment procedure.

You can also specify the following settings:

• Volume type

  Volume type determines which data storage will be used for disk creation during the SVM deployment. Select a volume type from available types for OpenStack project.

• Availability zone

  A logical collection of hypervisors used to provide fault tolerance in infrastructures based on OpenStack. Select an availability zone into which the SVM will be located.

• Server group

  Grouping of virtual machines according to the policy that determines the hypervisors on which virtual machines will be started. Select a Server group, into which the SVM will be located.

Proceed to the next step of the wizard.

Configuring SVM network settings (infrastructures based on OpenStack)

For this step, you must specify network settings for each SVM to be deployed.

The window displays the following information:

• Hypervisor address

  IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.

  The Hypervisor address column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.

• OpenStack project name

  Name of the OpenStack project selected for SVM deployment, as well as project path in the infrastructure.

  The OpenStack project name column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

  • SVM name

    The name that was defined when specifying SVM settings.

For each SVM, specify one or more virtual networks in the Network name column.

You can also specify the following settings:

• VLAN ID

  The ID of the virtual local area network (VLAN) that the SVM will use to connect to Light Agents, the Integration Server and the Kaspersky Security Center Administration Server.

  If VLAN is not used, the column shows No.

  The VLAN ID column is displayed if you are deploying the SVM in a virtual infrastructure based on Microsoft Hyper-V platform or in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

• Security group

  Set of network traffic filtering rules that are created in the virtual infrastructure and applied in the virtual network.

  The drop-down list displays all available security groups. You can specify one or more security groups for each selected virtual network. To select a security group, select the check box to the left of its name. The names of the selected security groups are displayed in the field.

  The Security group column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

Proceed to the next step of the wizard.

Configuring IP address settings for SVM

For this step, you must specify IP addressing settings for all SVMs. You can use dynamic or static IP addressing.

If you want to specify all network settings of the SVM manually, select:

1. Select Static IP addressing. This opens a table containing the following information:
   • Hypervisor address

     IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.

     The Hypervisor address column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.

   • OpenStack project name

     Name of the OpenStack project selected for SVM deployment, as well as project path in the infrastructure.

     The OpenStack project name column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

   • SVM name

     The name that was defined when specifying SVM settings.

   • Network name

     The name of the virtual network that the SVM uses to connect to Light Agents, the Integration Server and the Kaspersky Security Center Administration Server.

2. Specify the following IP addressing settings for each SVM:
   • DNS server
   • alternative DNS server
   • SVM IP address
   • Subnet mask
   • gateway

   If you specified several virtual networks for the SVM at the previous step, specify the settings for each virtual network.

If you want to use DHCP network settings for all SVMs:

1. Select Dynamic IP addressing (DHCP).

   By default, the IP address of the DNS server and the IP address of the alternative DNS server received over the DHCP protocol are used for each SVM (the Use list of DNS servers received via DHCP check box is selected). If you specified several virtual networks for the SVM at the previous step, by default the network settings for the SVM are received from the DHCP server of the first virtual network in the list of the specified virtual networks.

2. If you want to manually specify the IP address of the DNS server and alternative DNS server, clear the Use list of DNS servers received via DHCP check box. This opens a table containing the following information:
   • Hypervisor address

     IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.

     The Hypervisor address column is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.

   • OpenStack project name

     Name of the OpenStack project selected for SVM deployment, as well as project path in the infrastructure.

     The OpenStack project name column is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

   • SVM name

     The name that was defined when specifying SVM settings.

   Specify the IP addresses of DNS servers in the DNS server and Alternative DNS server table columns.

Proceed to the next step of the wizard.

Specifying Kaspersky Security Center connection settings

At this step, you must specify the settings of SVM connection to the Kaspersky Security Center Administration Server.

Specify the following settings:

• Address

  Address of the device hosting the Kaspersky Security Center Administration Server. You can specify the IP address in IPv4 format or the fully qualified domain name (FQDN) of the device.

• Port

  Number of the port for connecting the SVM to the Kaspersky Security Center Administration Server.

• SSL port

  Number of the port for connecting an SVM to the Kaspersky Security Center Administration Server using an SSL certificate.

Proceed to the next step of the wizard.

Creating the configuration password and the root account password

At this step, you need to create a klconfig account password (configuration password) and a root account password on the SVM.

The configuration password is required for SVM reconfiguration. The root user account is used for access to the operating system on SVMs.

Enter passwords for each account into the Password and Confirm password fields.

Passwords must be no longer than 60 characters. You can use only letters of the Latin alphabet (uppercase and lowercase letters), numerals, and the following special characters: ! # $ % & ' ( ) * " + , - . / \ : ; < = > _ ? @ [ ] ^ ` { | } ~. For security purposes, you are advised to set passwords that are at least 8 characters long and use at least three of the four categories of characters: lowercase letters, uppercase letters, numerals, and special characters.

If you want to configure access to SVMs over SSH under the root account, select the Allow remote access to SVM for the root account via SSH check box.

Proceed to the next step of the wizard.

Start task for SVM deployment

This step is displayed if you are deploying the SVM to a virtual infrastructure based on Microsoft Hyper-V, XenServer, VMware vSphere, KVM, Proxmox VE, Basis, Skala-R, HUAWEI FusionSphere, Nutanix Acropolis, Alt Virtualization Server, Astra Linux, or Numa vServer.

This step displays all the settings of the created SVM deployment task for the Integration Server:

• The task name is generated automatically and contains the task type. You can use this name to find the task in the list in Integration Server Web Console, in the SVM management section.
• The list at the top of the window contains general settings for all SVMs that will be deployed by the task:
  • SVM image description file

    The full path and name of the SVM image description file (in XML format) that you specified at the SVM image selection step.

  • SVM IP settings

    Method of configuring IP addressing settings.

    Possible values: Dynamic IP addressing using the list of DNS servers received via DHCP, Dynamic IP addressing using the list of manually defined DNS servers, Static IP addressing.

  • SSH-based remote access to the SVM for the root account

    Remote access to the SVM over SSH for the root user account.

    Possible values: Allowed, Blocked.

  • Kaspersky Security Center connection settings

    IP address in IPv4 format or fully qualified domain name (FQDN) of the device hosting the Kaspersky Security Center Administration Server, and port numbers for connecting the SVM to the Kaspersky Security Center Administration Server.

  • Parallel deployment

    The number of SVMs to be deployed concurrently.

• The table at the bottom of the window contains individual settings for each SVM:
  • Hypervisor address

    IP address in IPv4 format or the fully qualified domain name (FQDN) of the hypervisor on which the SVM will be deployed.

  • SVM name

    The name that was defined when specifying SVM settings.

  • Storage

    Data storage for SVM image.

  • Network name

    The name of the virtual network that the SVM uses to connect to Light Agents, the Integration Server and the Kaspersky Security Center Administration Server.

  • VLAN ID

    The ID of the virtual local area network (VLAN) that the SVM uses to connect to virtual machines, the Integration Server and the Kaspersky Security Center Administration Server.

    The VLAN ID is displayed if you are deploying the SVM in the virtual infrastructure running on Microsoft Hyper-V platform.

  • All IP addressing settings that you provided for the SVM.

To start the SVM deployment task, click the Start button.

You can monitor the task progress in Integration Server Web Console, in the SVM management section.

Starting an SVM deployment task (OpenStack-based infrastructure)

This step is displayed if you are performing SVM deployment in a virtual infrastructure managed by the OpenStack platform, VK Cloud platform, or TIONIX Cloud Platform.

This step displays all the settings of the created SVM deployment task for the Integration Server:

• The task name is generated automatically and contains the task type. You can use this name to find the task in the list in Integration Server Web Console, in the SVM management section.
• The list at the top of the window contains general settings for all SVMs that will be deployed by the task:
  • Keystone microservice address

    IP address or fully qualified domain name (FQDN) of the Keystone microservice that manages the OpenStack project in which the SVMs are being deployed.

  • SVM image description file

    The full path and name of the SVM image description file (in XML format) that you specified at the SVM image selection step.

  • SVM IP settings

    Method of configuring IP addressing settings.

    Possible values: Dynamic IP addressing using the list of DNS servers received via DHCP, Dynamic IP addressing using the list of manually defined DNS servers, Static IP addressing.

  • SSH-based remote access to the SVM for the root account

    Remote access to the SVM over SSH for the root user account.

    Possible values: Allowed, Blocked.

  • Kaspersky Security Center connection settings

    IP address in IPv4 format or fully qualified domain name (FQDN) of the device hosting the Kaspersky Security Center Administration Server, and port numbers for connecting the SVM to the Kaspersky Security Center Administration Server.

  • Parallel deployment

    The number of SVMs to be deployed concurrently.

• The table at the bottom of the window contains individual settings for each SVM:
  • OpenStack project name

    Name of the OpenStack project selected for SVM deployment, as well as project path in the infrastructure.

  • SVM name

    The name that was defined when specifying SVM settings.

  • Virtual machine type

    Type of virtual machine (instance type) selected for SVM.

  • Volume type

    Volume type to be used during SVM deployment.

  • Availability zone

    Logical collection of hypervisors where the SVM will be located.

  • Server group

    Group of virtual machines in which the SVM will be located.

  • Network name

    The name of the virtual network that the SVM uses to connect to Light Agents, the Integration Server and the Kaspersky Security Center Administration Server.

  • VLAN ID

    The ID of the virtual local area network (VLAN) that the SVM uses to connect to virtual machines, the Integration Server and the Kaspersky Security Center Administration Server.

  • Security group

    Security group selected for the virtual network.

  • All IP addressing settings that you provided for the SVM.

  To start the SVM deployment task, click the Start button.

You can monitor the task progress in Integration Server Web Console, in the SVM management section.

Viewing information about task execution

You can monitor the progress of tasks in Integration Server Web Console, in the SVM management section.

To view information about a task for the Integration Server:

1. Open Integration Server Web Console and connect to the Integration Server.
2. Go to the SVM management section.

   In the window that opens, a list of tasks for the Integration Server is displayed as a table. The list contains the Integration Server tasks that you created and ran using the wizard (SVM deployment, reconfiguration, and removal tasks), as well as SVM image verification tasks that are created automatically when you run an SVM image file integrity check while creating SVM deployment tasks. The task is placed in the list immediately after its creation and is automatically deleted from the list some time after the task has been completed (successfully or with an error) or canceled. By default, completed or canceled tasks are listed for 60 minutes.

   If necessary, you can cancel tasks that have not yet been completed. To do this, select the task in the list and click the Cancel button located above the table.

   For tasks that are running, their progress is displayed. If a task completes with an error, an error message is displayed.

3. To view detailed information about a task, click on the task name.

   The window that opens displays the following information about the selected task:

   • Task name
   • Task type
   • Time when the task was created
   • Time when the task transitioned from the current status
   • Current task status and an error message if the task was completed with an error
   • List of all SVMs on which the task is running, and the progress of the task on each SVM Each row in the list contains the following information:
     • SVM name
     • IP address of the SVM in IPv4 format
     • Task status on the SVM, and an error message if the task was completed with an error
     • Location of the SVM in the virtual infrastructure (address and type of hypervisor or the OpenStack project name, address and type of infrastructure)
4. For Deployment or Reconfiguration tasks, you can view information about the execution of stages of a task on the selected SVM. To open the list of stages, click on the SVM name in the list.

   In the window that opens, information about the execution of each stage of the task on an individual SVM is displayed in the form of a table:

   • Stage name
   • Stage start time
   • Stage execution status and error message if an error occurred at this stage
   • Stage end time