Enabling the Vulnerability Advisor during installation

Enable the Vulnerability Advisor in your cluster during IBM® Cloud Private installation.

Note: You can enable the Vulnerability Advisor after you install IBM Cloud Private. For more information, see Vulnerability Advisor.

For more information about the Vulnerability Advisor, see the About Vulnerability Advisor section in the IBM Cloud Docs Opens in a new tab .

The Vulnerability Advisor feature is supported in the Cloud Native and Enterprise editions of IBM Cloud Private only.

If you have the Vulnerability Advisor enabled, your system might require additional CPU, memory, and disk space. See Hardware requirements and recommendations.

Set up dedicated VA nodes. You must have 1, 3, or 5 dedicated VA nodes. To set up the dedicated nodes, during installation, provide the node IPs in the [va] section of the hosts file. You must remove the # from the [va] header in your hosts file.
Enable the vulnerability advisor. In the list of management services, set vulnerability-advisor to enabled as shown in the following example:
```
management_services:
 istio: disabled
 vulnerability-advisor: enabled
 storage-glusterfs: disabled
 storage-minio: disabled
```
Important: Vulnerability Advisor depends on the logging services in order to operate. The logging parameter must be set to enabled in the management_services parameter list. Note: If you want to deploy more than one VA node, the VA Minio directory /var/lib/icp/va/minio on each VA node must be on shared storage. The directory path can be changed by using the option va_minio_storage_dir in the config.yaml.