Quick start
Please read through the requirements and recommendations
Before you proceed with the installation of the Soveren Agent, we strongly recommend reviewing our requirements and recommendations page
Installing Soveren is extremely simple:
-
Install the Soveren Agent in your Kubernetes cluster
-
Go to the Soveren app in the Soveren Cloud and start getting insights!
Installing the Agent
-
Create a new Soveren token and have it handy for the following steps. The token identifies and authorizes your Agent within the Soveren Cloud.
-
Create a namespace for Soveren installation:
You can use any other valid namespace name instead ofkubectl create namespace soverenio
soverenio
. -
Add the Soveren Helm repository:
helm repo add soveren https://soverenio.github.io/helm-charts
-
Install the Soveren Agent using the
<TOKEN>
that you obtained on the step 1:You can use any other valid release name instead ofhelm install -n soverenio soveren-agent soveren/soveren-agent --set digger.token="<TOKEN>"
soveren-agent
. -
That's it! You may go to the Soveren app now and check the dashboards.
For more advanced configuration options please take a look at the configuration page.
What happens under the hood
There are several things which happen automatically in the cluster when you install the Soveren Agent:
-
Soveren Agent contains Interceptors, Processing and messaging system, and Sensitive data detector. (More details in the Architecture section).
-
All components of Soveren Agent are deployed into the namespace
soverenio
. -
Soveren Agent subscribes to a lot of metadata from the Kubernetes API. A dedicated
ServiceAccount
is created. ThisServiceAccount
is given cluster-wide permissions (ClusterRoleBinding
) toget
,list
andwatch
on severalapiGroups
. -
Interceptors do not need special Kubernetes RBAC permissions to capture the traffic.
-
Interceptors read data from virtual network interfaces of the host. For this, the containers in which Interceptors are running require privileged mode.