1. home icon for breadcrumbs >
  2. Installation >
  3. Installation Steps

Installation Steps

Use the following steps to install Qualys Cloud Agent on GCP Container Optimized OS:

Step 1: Create a Repository in the Google Artifact Registry

Create a repository in the Google Artifacts Registry. Provide the URL of this repository in the lxa-gke-deploy.yml file.

Step 2: Push the Qualys Cloud Agent to the Google Artifact Registry

  1. Download the Qualys Cloud Agent installer for GCP Container Optimized OS (.tar.xz) file from the Qualys Cloud Platform. Refer to Download Cloud Agent Installer.
  2. Upload the Cloud Agent installer (.tar.xz) to the local repository.
  3. Extract the Cloud Agent installer using the following command.

    tar -xvf <Cloud Agent installer file name>.tar.xz

    For example:     tar -xvf QualysCloudAgent.tar.xz
  4. Load the extracted Qualys Cloud Agent installer image in the docker container using the following command.

    docker load -i <file>.tar

    For example: docker load -i QualysCloudAgent.tar
  5. You can view the Cloud Agent image loaded in docker container using following command. Note down the image ID.

    docker images
  6. Tag the docker image of Cloud Agent installer available in local repository to push it on the Google Artifacts Registry.

    docker tag <IMAGE-ID> <region>-<Local repository URL>

    For example:
    docker tag <IMAGE-ID> us-central1-docker.pkg.dev/qlys-dev-lxag/qualys-cloud-agent-container/image:5.0.0-9
  7. Push the tagged docker image to Google Artifacts Registry using the following command.

    docker push <region>-<repository URL>

    For example:
    docker push us-central1-docker.pkg.dev/qlys-dev-lxag/qualys-cloud-agent-container/image:5.0.0-9

Step 3: Create a Cluster on Google Kubernetes Engine

  1. Access the Google Kubernetes Engine in the same browser in which your Google Workspace account is logged in. Click the link to access Google Kubernetes Engine.
  2. Create standard (std) Kubernetes cluster with default-pool images of GCP Container optimized OS.
  3. On the Configure node settings page, select the Image type as Container-Optimized OS with containerd (cos_containerd) (default) and keep the rest of the setting as default.
  4. Click CREATE to create a cluster on GKE.

Step 4: Deploy Qualys Cloud Agent Image on GCP Container Optimized OS Cluster

  1. Login to the Cloud Shell command-line interface. Click the link to access Cloud Shell.
  2. Access the lxa-gke-deploy.yml file available in the Google Artifacts Registry using Cloud Shell command tool.
  3. Configure the following parameters in the lxa-gke-deploy.yml file.

    activation-id: The activation-id for Qualys Cloud Agent is auto-generated and it is available in Install Instructions of Qualys Cloud Agent.

    customer-id: The customer-id is auto-generated for Qualys subscription. Also, you can find your customer-id in Install Instructions of Qualys Cloud Agent.

    server uri: https://qagpublic.qg1.apps.qualys.com/CloudAgent. This server URI is associated with the activation key for your Cloud Agent installer.

    provider name: Use GCP as the value for this parameter.

    log-level: The log-level sets logging levels of the Qualys Cloud Agent for GCP Container Optimized OS. The valid range for log-level is 1 - 5.

    Build Download URL: The path for your cloud agent image on Google Artifacts Registry.

    proxy (Optional): IPv4 address or FQDN of the proxy server.

    cpu (Optional): This parameter sets CPU usage limit for the Qualys Cloud Agent. The valid range for this parameter is 0-100%.

    Important: The field indentation/alignment in the .yml file is very important. Ensure that you follow the formatting provided in the template.

    Note: If the CPU value is set to more than 0.5 or 0.7 in the YML file, Cloud Agent can not be installed on all nodes in the cluster.
  4. Deploy the lxa-gke-deploy.yml file on Container Optimized OS using the following command.

    kubectl apply -f <.yml file name>

    For example: kubectl apply -f lxa-gke-deploy.yml
  5. Run the following command to view the deployment status of Qualys Cloud Agent.

    kubectl get pod - A

What happens next?

Qualys Cloud Agent starts syncing asset data to the Qualys Cloud Platform!

Once installed, the Qualys Cloud Agent connects to the Qualys Cloud Platform and provisions itself. Qualys Cloud Agent displays your first asset discovery results within a few minutes. The first assessment scan in the Qualys Cloud Platform takes some time. After the first scan, the scan is complete as soon as the agent host metadata is sent to the Qualys Cloud Platform.

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.