Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Reference Kubernetes Setup

This document outlines the steps required to install Superna 5.x on a pre-configured openSUSE Leap Micro virtual machine (VM).

note

The hostname, FQDN (Fully Qualified Domain Name), and network values shown in this document are examples only. Please substitute values appropriate for your environment.

Prerequisites

This guide assumes you have received a configured virtual machine with:

  • openSUSE Leap Micro installed
  • Network connectivity configured
  • SSH (Secure Shell) access enabled
  • Required credentials provided

If you need information about the VM setup process for IT administrators, please contact your Superna representative.

Kubernetes installation and Superna 5.x bootstrap

Follow these steps to install Kubernetes and deploy Superna 5.x on your pre-configured virtual machine:

  1. Access the VM

    Connect to the VM using SSH with the credentials provided to you:

    tip

    Use the command: ssh username@ip-address

  2. Elevate to root

    Switch to the root user account to perform administrative tasks:

    su -l

  3. Create configuration script

    Create a configuration file using a text editor:

    vi k3s-init.sh

    Press i to enter insert mode, then add the following content (replace values with those appropriate for your environment):

    FQDN="your-cluster-name.your-domain.com"
    BOOTSTRAP_SOURCE="https://resources.provider.com/hyperion-resources"
    HELM_CHARTS_SOURCE="git@repo-provider.com:organization/helm-charts"
    important

    Replace the placeholder values with the actual URLs and credentials provided by your Superna representative.

  4. Start transaction shell

    openSUSE Leap Micro uses an immutable file system, which means changes must be made in a special environment. Run this command to enter that environment:

    transactional-update shell

    After you exit this shell, the system will save your changes as a snapshot that will be applied when you reboot.

  5. Run initialization script

    Download and run the initialization script using the variables you set earlier:

    . ./k3s-init.sh; curl -fsSL "${BOOTSTRAP_SOURCE}/leap-micro-unattended.sh" | sh

    The script will create a template file called bootstrap-values.yaml and open it in the Vim text editor for you to modify.

    Review the file, make any necessary changes, then save and close it.

    VIM Quick Reference

    Basic VIM commands

    1. Start editing
      Press i to enter Insert mode where you can type and edit text

    2. Return to command mode
      Press Esc to exit Insert mode and return to Normal mode

    3. Save and exit
      In Normal mode, type :x or :wq to save changes and exit VIM

    4. Discard changes
      In Normal mode, type :q! to exit without saving any changes

    5. Navigate the file Use arrow keys to move around, or use j (down), k (up), h (left), l (right) in Normal mode

  6. Apply changes

    If the script completes successfully, follow these steps to apply the changes:

    exit  # This command closes the transaction shell
    reboot  # This command restarts the VM to apply the changes

  7. Monitor deployment

    After the VM restarts, log back in and use these commands to check the deployment progress:

    # View the overall bootstrap log (Superna 5.x should be running if this completes successfully)
    journalctl -fu hyperion-bootstrap

    # View the Kubernetes resource creation log
    kubectl logs job -l hyperion.superna.io/component=bootstrap -f

    While Superna 5.x components are being deployed, you can monitor progress using ArgoCD (Argo Continuous Delivery):

    • Access ArgoCD at: https://argocd.your-cluster-name.your-domain.com (replace with your actual domain)
    • Username: admin
    • Get the password by running:
    argocd admin initial-password -n argocd

  8. Access Superna 5.x

    After deployment completes successfully:

    • Access the Superna 5.x web interface at: https://your-cluster-name.your-domain.com (replace with your actual domain)
    • Default login: admin@superna.com
    • Get the password by running:
    kubectl get secret -n k3s-hyperion k3s-hyperion-orgs -o yaml | yq '.data["admin-password"] | @base64d'

    Save this password in a secure location for future access.

  9. Start the Onboarding Mode

    Begin the automated learning period for your environment.

    • Navigate to the System Settings section in the Superna 5.x UI

    • Verify that Onboarding Mode is active (this is the default for new installations)

    • Review the default settings:

      • Auto-learning is enabled
      • User lockouts are disabled
      • Snapshots are enabled for NFS exports and SMB shares
      • Event expiry times are preset based on severity
      important

      You should remain in Onboarding Mode until the number of detections per day over a 3-day period falls below 2. This ensures the system has properly learned your environment's baseline behavior.

    • Monitor the Threat Detection dashboard daily during the Onboarding period

    • After sufficient learning (typically 1 week), you'll receive a notification that you're ready to exit Onboarding Mode

    After completing setup and starting Onboarding Mode, Superna 5.x continuously monitors your chosen storage platform, learns from detected events, and prepares to provide optimized protection for your environment.