Quick start

Please read through the requirements and recommendations

Before you proceed with the installation of the Soveren Agent, we strongly recommend reviewing our requirements and recommendations page

Installing Soveren is extremely simple:

Installing the Agent

Create a new Soveren token and have it handy for the following steps. The token identifies and authorizes your Agent within the Soveren Cloud.
Create a namespace for Soveren installation:
```
kubectl create namespace soverenio
```
You can use any other valid namespace name instead of soverenio.

Add the Soveren Helm repository:

helm repo add soveren https://soverenio.github.io/helm-charts

Install the Soveren Agent using the <TOKEN> that you obtained on the step 1:
```
helm install -n soverenio soveren-agent soveren/soveren-agent --set digger.token="<TOKEN>"
```
You can use any other valid release name instead of soveren-agent.
That's it! You may go to the Soveren app now and check the dashboards.

For more advanced configuration options please take a look at the configuration page.

There are several things which happen automatically in the cluster when you install the Soveren Agent:

Soveren Agent contains Interceptors, Processing and messaging system, and Sensitive data detector. (More details in the Architecture section).
All components of Soveren Agent are deployed into the namespace soverenio.
Soveren Agent subscribes to a lot of metadata from the Kubernetes API. A dedicated ServiceAccount is created. This ServiceAccount is given cluster-wide permissions (ClusterRoleBinding) to get, list and watch on several apiGroups.
Interceptors do not need special Kubernetes RBAC permissions to capture the traffic.
Interceptors read data from virtual network interfaces of the host. For this, the containers in which Interceptors are running require privileged mode.